Elastic Cloud Fills up to infinity

lamp123432 · December 6, 2021, 2:58am

Hello, I created an instance in Elastic Cloud, and I used Fleet to install Metricbeat, Endpoint Security, etc.

My instance started 1GB of RAM, and was costing me $40 a month or so. Now, it is costing me about $300 a month because Elastic Cloud by default, doesn't come with any Index Lifecycle Policies, data comes in and it just keep filing the disk, and I have to increase capacity.

It is a pain to delete data manually. So now I'm looking at creating an IL Policy, but there are TONS of Index Templates to associate the policy to:

How did you guys go about having a decent lifecycle policy for Elastic Cloud and Fleet?

warkolm · December 6, 2021, 3:30am

What version are you using?

Because by default, Fleet uses datastreams, which also use ILM - Data streams | Fleet and Elastic Agent Guide [7.15] | Elastic

lamp123432 · December 6, 2021, 3:34am

I'm using v7.15.2.

When I look at the built-in ILMs, I see the following:

It's unclear which ones I should modify to, say, keep the beats and endpoint security data for no more than 2 weeks, should I go through all of them and set a delete action?

system · January 3, 2022, 3:35am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Beats with ILM Beats filebeat	1	194	August 5, 2021
Is there an easy way to change the Lifecycle Policy of a Fleet managed data stream? Elastic Agent fleet , ilm-index-lifecycle-management	3	729	November 21, 2022
Provision ILM policy for elastic agent streams Elastic Agent fleet , ilm-index-lifecycle-management , filebeat	1	268	December 30, 2022
Elastic agent indices - ILM Elastic Agent	6	194	October 11, 2023
Data streams vs ILM when using Fleet Elastic Agent fleet , ilm-index-lifecycle-management	4	454	February 23, 2023

Elastic Cloud Fills up to infinity

Related topics