ElasticSearch output with alias

Julien1 · April 20, 2020, 1:15pm

Hello,

Do we have to configure manualy first time index name in Elasticsearch output ?

Let me explain, the context is :

I create a index named :

index: "es_on_demand_index-000001"

I have an index Lifecycle Policies like this :

{
  "policy": "policy_exlabel",
  "phase_definition": {
    "min_age": "0ms",
    "actions": {
      "rollover": {
        "max_size": "5mb",
        "max_age": "3d"
      },
      "set_priority": {
        "priority": 100
      }
    }
  },

When index is create, I create an alias manualy (alias es_on_demand), I stop Filebeat's service, I change Elasticsearch output by the alias name :

index: "es_on_demand"

I start Filebeat's service, and when conditions of my ILM are true, a new index is create :

es_on_demand_index-000002

and logs points to the right index.

My question is : Can I create the first time, a alias who points a pattern index even if the index is not created yet ?

Thanks for your help

warkolm · April 21, 2020, 10:13pm

You can create an ILM policy and an index template that uses an alias, and then create the index.

Tutorial: Automate rollover with ILM | Elasticsearch Guide [7.6] | Elastic runs through what that looks like.

That's super small, is there a reason you've chosen that size?

Julien1 · April 22, 2020, 6:49am

Hi,

Thank you so your support.

I think my issue will be resolved by this help.

Yes 5mb is very small, it's just for test to check if my ILM run correctly.

system · May 20, 2020, 7:04am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.