Index management

alipujaistopo · September 6, 2021, 2:55am

what does indices mean? and why do i have so many indices? and what is the difference between xxxx-000004 and xxxx-000005?

here's my indices for example:

* winlogbeat-7.10.2-2021.08.22-000005
* auditbeat-7.11.2-2021.07.23-000004
* winlogbeat-7.10.2-2021.07.23-000004
* auditbeat-7.11.2-2021.08.22-000005
* filebeat-7.10.1-2021.07.23-000004
* filebeat-7.10.1-2021.06.23-000003
* metricbeat-7.13.4-2021.08.03-000001
* filebeat-7.10.1-2021.08.22-000005
* winlogbeat-7.10.2-2021.06.23-000003
* winlogbeat-7.10.2-2021.05.24-000002
* winlogbeat-7.10.2-2021.04.24-000001
* metricbeat-7.13.4-2021.09.02-000002
* filebeat-7.10.1-2021.04.24-000001
* filebeat-7.10.1-2021.05.24-000002
* auditbeat-7.11.2-2021.06.23-000003
* auditbeat-7.11.2-2021.04.24-000001

warkolm · September 6, 2021, 4:46am

You have that many because you had data from all those Beats talking to Elasticsearch.

The different numbers on the end are the historic data.

alipujaistopo · September 6, 2021, 5:31am

how to make the data not always make historic data. I mean I only have 1 file for 1 beats not much like this

system · October 4, 2021, 5:32am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.