Bulk indexing of signals failed: no such index [.alerts-security.alerts-default] and [require_alias] request flag is [true]

raghiboon · January 18, 2023, 5:06pm

Hi everybody.
i just removed .alerts-security.alerts-default-0000 suddenly after i was working with rules and made my dashboards.
is there a way to recreate it? because it gives me this error:

Bulk indexing of signals failed: no such index [.alerts-security.alerts-default] and [require_alias] request flag is [true] ...
Elk Version : 8.5.2

warkolm · January 18, 2023, 10:02pm

You might need to manually create the underlying index for it to reattach to the alias. Otherwise try restarting Elasticsearch and it should do that for you.

Why was it removed?

raghiboon · January 19, 2023, 4:48am

Hi.

It removed manually because i wanted to clear the alerts.
I thought it may create it again when it creates new alerts.

system · February 16, 2023, 4:49am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
.alerts-security.alerts-default* indice removed suddenly Elasticsearch	2	371	January 18, 2023
Detection Rules Fail Index issues Elastic Security	9	2554	November 4, 2022
No such index [.alerts-observability.uptime.alerts-default] Elastic Observability elastic-stack-alerting	1	141	April 2, 2024
Mapper [signal.ancestors.index] cannot be changed from type [text] to [keyword] Elastic Security	9	436	February 21, 2023
Default index pattern is missing after ES data dir been moved Kibana	2	579	October 23, 2018

Bulk indexing of signals failed: no such index [.alerts-security.alerts-default] and [require_alias] request flag is [true]

Related topics