I just installed Curator 4.2 from the repository. It is installed on the ELK server. I created the ~/.curator/curator.yml file with the following contents:
# Remember, leave a key empty if there is no value. None will be a string,
# not a Python "NoneType"
client:
hosts:
- server.domain.local (with my actual FQDN here)
port: 5044
url_prefix:
use_ssl: True
certificate: /etc/pki/tls/certs/logstash-forwarder.crt (my self signed crt file)
client_cert:
client_key:
ssl_no_validate: False
http_auth:
timeout: 180
master_only: False
logging:
loglevel: INFO
logfile:
logformat: default
blacklist: ['elasticsearch', 'urllib3']
I created an action file delete_older_90_days.yml with the following contents:
# Remember, leave a key empty if there is no value. None will be a string,
# not a Python "NoneType"
#
# Also remember that all examples have 'disable_action' set to True. If you
# want to use this action as a template, be sure to set this to False after
# copying it.
actions:
1:
action: delete_indices
description: >-
Delete indices older than 90 days (based on index name), for logstash-
prefixed indices. Ignore the error if the filter does not result in an
actionable list of indices (ignore_empty_list) and exit cleanly.
options:
ignore_empty_list: True
timeout_override:
continue_if_exception: False
disable_action: False
filters:
- filtertype: pattern
kind: prefix
value: logstash-
exclude:
- filtertype: age
source: name
direction: older
timestring: '%Y.%m.%d'
unit: days
unit_count: 90
exclude:
When I run curator --dry-run ~/.curator/delete_older_90_days.yml
I get the following errors:
2017-01-06 10:29:27,298 INFO Preparing Action ID: 1, "delete_indices"
/opt/elasticsearch-curator/lib/python35.zip/urllib3/connection.py:337: SubjectAltNameWarning:
Certificate for garcia.magicsprings.local has no `subjectAltName`, falling back to check for a
`commonName` for now. This feature is being removed by major browsers and deprecated by RFC 2818.
(See https://github.com/shazow/urllib3/issues/497 for details.)
- repeats that error a few times
Unable to create client connection to Elasticsearch. Error: ConnectionError(('Connection aborted.',
RemoteDisconnected('Remote end closed connection without response',))) caused by:
ProtocolError(('Connection aborted.', RemoteDisconnected('Remote end closed connection without
response',)))
I tried setting ssl_no_validate: True
but that did not resolve the issue. Then I get:
/opt/elasticsearch-curator/lib/python35.zip/urllib3/connectionpool.py:843: InsecureRequestWarning:
Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See:
https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings
-repeated a few times
Unable to create client connection to Elasticsearch. Error: ConnectionError(('Connection aborted.',
ConnectionResetError(104, 'Connection reset by peer'))) caused by: ProtocolError(('Connection aborted.',
ConnectionResetError(104, 'Connection reset by peer')))
I'm new to this, so I'm assuming its something simple. Any suggestions?