hello everyone,
pretty dumb question but how can I change ElasticSearch's log file method from gibberish to date format day-month-year or something like that?
At the moment this is what ElasticSearch is storing them as:
I am not using Logstash at all, just ElasticSearch 5.0 and Kibana 5.0 on an Ubuntu 15.10 VM
Thank You
Those are not logs but indices.
Logs are in logs dir.
BTW please don't do screenshots but prefer copying text instead.
hey dadoonet, sorry about the screenshot. I'll keep that in mind next time, sorry I meant to say "indices" I would like to set the indices in a date format. Is this possible?
Thanks
No. Those file names are purely internal. You should never go in those directories BTW.
What is the actual need?
thanks for getting back to me David, i guess I used to have it setup with Logstash as well so it was setup a little different with ELK 4.0 where the indices folder would have it by date format. The folders would get too big and took up too much space so I had to build a bash script to remove older ones. I guess because ElasticSearch Curator did not support the old version of ELK/OS I had previously. How does ELK 5.0 remove older files? How long does it archive it for and do I need ElasticSearch Curator?
Thanks David!
I think you don't understand all details here.
Just use the REST API which exposes indices with time based format if you are using logstash for example.
Curator uses the REST API as well.
You don't have to know how it is physical on disk and on which node BTW. Never delete directories manually on disk.
Use the REST API.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.
