How to do settting "is_write_index": true for alias in curator action

Elastic Stack Elasticsearch
1

my use case is to rollover indices in every 4 hours .so i use curator for
define alias and rollover for indices.
so new indices is created but in new indices no data is written by logstash into it.
by exploring i found that while creating alias this setting "is_write_index": true
is must be define .but in curator how to define it

my curator action file looks like

actions:
      1:
        action: alias
        description: >-
         Alias indices from last week, with a prefix of kibana_sample_data_ecommerce to 'kibana_alias-000001',
         remove indices from the previous week.
        options:
          name: alias1
          warn_if_no_indices: False
          disable_action: False
        add:
          filters:
          - filtertype: pattern
            kind: prefix
            value: ram-
      2:
        action: rollover
        description: >-
         Rollover the index associated with alias 'aliasname', which should be in the
         format of prefix-000001 (or similar), or prefix-YYYY.MM.DD-1.
        options:
          disable_action: False
          name: alias1
          conditions:
            max_age: 10s

my logstash file is

input {
    file {
    path => "/var/log/containers/*.log"
    start_position => "beginning"
  }

   }
   filter{


      }

 output {
    elasticsearch {
        hosts => ["http://10.109.226.97:9200"]
        index => alias1
    }

  }
2

This is not a setting to set via Curator. It only needs to be set once for the rollover alias at initial index creation time.

If you need to set it for other existing indices, then that's what you'd use Curator for.

3

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.