Delete old indices automatically?

munotshubham · June 21, 2017, 7:19pm

Hi,

So I have created an ELK stack for passing IIS logs and it is generating around 3GB a day and it is storing in an index a day. Eg: filebeat-2017.06.21

I want to delete old index so that ElasticSearch doesn't crash. How should I do?
Do I have to do this manually or is there a way?

I saw something called "Curator"? Should use that?

theuntergeek · June 21, 2017, 10:46pm

Yes. Read the documentation for more information.

munotshubham · June 22, 2017, 12:57pm

Hey thanks. I used their python library, wrote a script and added a job on crontab.
Thanks anyway.

munotshubham · June 28, 2017, 6:39pm

Hey,

It is working fine, but after deleting the old indices, it regenerates after a minute or two. What should i do?

theuntergeek · June 28, 2017, 8:14pm

That can only happen if data is still being written to those indices. I'd investigate that.

system · July 26, 2017, 8:14pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Retiring old Elasticsearch indices Elasticsearch	6	1958	February 2, 2017
Manually delete old logs/indices in ELK 7.3.0 Elasticsearch	6	4208	May 24, 2020
Delete indices by date (Elasticsearch 8.7) Elasticsearch	3	277	May 23, 2023
Deleting old indices because of old mappings Elasticsearch	1	337	July 6, 2017
Deleting old indices? Elasticsearch	2	391	July 6, 2017

Delete old indices automatically?

Related topics