Hi,
So I have created an ELK stack for passing IIS logs and it is generating around 3GB a day and it is storing in an index a day. Eg: filebeat-2017.06.21
I want to delete old index so that ElasticSearch doesn't crash. How should I do?
Do I have to do this manually or is there a way?
I saw something called "Curator"? Should use that?
Hey thanks. I used their python library, wrote a script and added a job on crontab.
Thanks anyway.
Hey,
It is working fine, but after deleting the old indices, it regenerates after a minute or two. What should i do?
That can only happen if data is still being written to those indices. I'd investigate that.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.