Elastichsearch is red and indexes corrupted

how can i fix this problem?

Which version of Elasticsearch are you using?

How many indices/shards does this problem affect?

What is the size and specification of your cluster?

What type of storage are you using?

Have you been backing up your data using the snapshot API?

Elasticsearc version 8.10.4
115 shards affect from this problem
We use security onion. When I saw that there was no traffic, I looked at the logs and saw that Elasticsearch was red. 200 GB disk
hhd harddisk with sn
there is no snaphot

The excerpt you shared indictes that you have corrupt indices due to hardware failure, so I suspect you will need to rebuild your cluster with new storage. As you have no snapshot I believe you have lost your data as I am not aware of any way to recover from this that does not include restoring from snapshot.

thanks

That's correct, sorry. See these docs for further information.

2 Likes