We have around 50 indices in elastic and their data are being updated daily basis. But if data is not updated in a day We want to log that index name so we can take some action.
All indexes will have updatedAt field from which we can identify the last updated time of a document.
So our goal is to run cron through logstash every night and identify which indices are not updated today.
We are able to achieve this for a single index via elasticsearch input plugin with a schedule but not finding any way for all the indices.
ELK version - 7.6.0