green open weblogic 5 1 553689832 0 284.5gb 142.1gb
green open apache 5 1 293808899 0 140.4gb 70.2gb
I would like to retain only last 2 weeks documents from the above two index.
How do I do it?
I tried curator - initially to show the matching index then to delete
Curator is for managing entire indices. It will not delete data from within an index. You need the delete_by_query plugin if you're going to do that.
I recommend, however, using time-series indices for the future so you can just drop indices with Curator, as running a delete_by_query to delete gigabytes of data is a painfully slow operation, by comparison.
Thanks Aaron
After some struggle was able ti use delete_by_query, is there any specific output on the delete action? I am able to see only he delete time status via the HQ plugin
Also, for time-series indices - could you share some insights?
Is there any script available to do it?
How is your data getting into Elasticsearch now? There are a few ways you can do it. One is with the rollover API, which has a 1:1 alias mapped so your data would always be sent to the same index/alias name, and old data is rolled out. Logstash and Beats automatically send data into named time-series indices based on a timestamp field.
I have 4 major index: weblogic, apache, lambda & ec2
The logstash servers feed to elastic-search
Not sure - Correct me if I am wrong, what I thought was I could create index based on date weblogicfeb012017 and alias it to weblogic
Next day create weblogicfeb022017 alias it to weblogic and close the old one
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.
