while using ELK 2.4 my indice directories would be created as follows: "logstash-YYYY-MM-DD". ELK 5 is creating them with some random string, ex. "ELK_5.0/elasticsearch-5.0.0/data/nodes/0/indices/wsCmtji0QCy8K0B5JyTuvQ"
how can I get ELK to name them as it did on version 2.4?
Sorry, I was about to reply in one way when I saw what you were really asking. Index naming is in the metadata now, not in the directory path.
Out of curiosity, why would you need access to the Lucene data structures in the directory paths?
I'm using ELK to index my nginx logs. I have limited disk space and use a bash script to delete the indice directories > 14 days old
That's what Elasticsearch Curator was created for. See the delete_indices example configuration, and the space filter type, so you can define an amount of space to keep.
awesome, thx for you help I appreciate it.
By the way, I don't know the contents of your bash script, but if you were deleting the directories with rm, that is not healthy for Elasticsearch. Use API calls (or a tool like Curator which uses API calls) to modify anything in Elasticsearch.
OK, I'm going to try Curator; also just beginning to familiarize myself with the API... I wrote a hand full of bash scripts to parse & analyze our logs prior to ELK, only been using it for about a month as a side project. Again I appreciate your advice & would be interested in anything else you'd be willing to share.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.