This is our current curator actionfile:
actions:
1:
action: delete_indices
description: "Delete indices over 7 days old."
options:
ignore_empty_list: True
filters:
- filtertype: age
source: name
direction: older
timestring: '%Y.%m.%d'
unit: days
unit_count: 7
exclude: False
- filtertype: pattern
kind: regex
value: '^.*string1*'
exclude: True
- filtertype: pattern
kind: regex
value: '^.*string2*'
exclude: True
- filtertype: pattern
kind: regex
value: '^.*string3*'
exclude: True
So the idea is that this should delete all indices OVER 7 days old EXCEPT indices containing string1, string2, or string3. However, running a _cat/indices on my cluster, I am seeing a number of old indices which don't contain those string values, but curator returns this:
2017-02-14 03:27:47,968 INFO Preparing Action ID: 1, "delete_indices"
2017-02-14 03:27:47,977 INFO Trying Action ID: 1, "delete_indices": Delete indices over 7 days old.
2017-02-14 03:27:48,055 INFO Skipping action "delete_indices" due to empty list: <class 'curator.exceptions.NoIndices'>
2017-02-14 03:27:48,055 INFO Action ID: 1, "delete_indices" completed.
2017-02-14 03:27:48,055 INFO Job completed.
I am 100% sure that none of those indices names contain the values "string1", "string2", or "string3", and all of them are named using the appropriate date-naming convention, ex. x-staging-logs-2017.01.16.
This is my curator.yml file:
client:
hosts:
- HOST_IP
port: 9200
timeout: 900
master_only: True
Is my curator filter written correctly for my goal?? It appears to me to be so, and I thought it had worked in the past but I'm unclear as to why it is not functioning now. Are there other checks I can run to see more in-depth what is happening when I run curator??
Thank you!
. We used: