is it somehow possible to define the location on the hard drive based on the used index?
I am working as an incident responder and security analyst. Frequently we have incidents with a low amount of data which must be securely deleted after the incident is solved.
My idea was/is to mount one encrypted file as a file system for each incident and use this mountpoint as the storage location in es. The encryption key is going to be stored on a usb stick for example.
As soon as the incident ends we would securely delete the encryption key by destroying it. Without the key it is not possible to access the indices...
You need to run multiple instances to put indices on different data paths like this. One per path. Otherwise ES just assume it can put whatever, where ever you define path.data.
Thanks!
So the only solution is one instance per incident
then we will need an orchestrator/management component to initiate the instances within the cluster/on the hosts.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.
