Hello,
I have installed ELK 5.5.x on Windows 2012 with winlogbeat, it works but logs in ..\Elasticsearch\data\nodes\0\indices look like this 5uv-yuK5T4CNkTC2G7x4Mg but they should look like this winlogbeat-2017.08.24. What and where should I configure to fix it?
Do not interact with any of the files or directories in the path.data (in your case the ..\Elasticsearch\data\ path). Any and all interactions with indices and snapshots should be through the API calls. Interacting with the files and directories directly will result in data corruption.
In past iterations, the index directories were named the same as the index. This is no longer the case. Then as now, you should only interact with indices via API calls.
1 Like
Is there any tool to manage indices or how to use API calls?
There's Elasticsearch Curator for managing indices, though it is strongly focused on time-series data (which winlogbeat generates).
Otherwise, read up on the Indices APIs in the official Elasticsearch documentation.
Thanks for help, now I can manage indices.
I have one more question, maybe in this thread or I can create new one, do you know any tool for alerting?
If it's a different question, a new thread should be opened. That said, Alerting is a part of X-Pack.
Alerting is a paid part of X-Pack, is there something free?
Writing your own queries and running them in cron? Having them yield the results every so often...
thank you for suggestion
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.