I am new to Elastic Search & I need to delete documents older than 1 month (in all indices) in the elastic search .
I know how to delete a single document by id / deleting an index , but not able to figure out how to automatically delete 1 month old data in elastic search
Can somebody please tell how to do that .
Thanks
You should use time based indices and just drop the old indices using curator project.
Otherwise have a look at the delete by query API.
When i try to create time based index for filebeats,it says "unable to fetch mapping , do you have indices matching that pattern". However the normal index is getting created when i type in filebeat-*.
Can u please tell what's wrong here!
Also can you please provide steps /example of using curator. I am very new to Elastic search.
Thanks
For the 1st question, I don't know. May be ask in #kibana for help.
Check that indices exist:
GET _cat/indices?v
Will give the list of existing indices.
For the 2nd question, please read the documentation : https://www.elastic.co/guide/en/elasticsearch/client/curator/current/index.html
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.