New to it all. Would like a rotating 7 indexes from logstash to Elastisearch

runatyr · April 14, 2017, 5:29pm

Hello:
First off... Wow... These products are amazing!

I have a single logstash source and a single elasticsearch/kibana source set up. All on the same server.
(Yes Still learning it all )

I would like to have my logstash and elasticsearch configuration set up so I create a new index every day and
keep only the 7 most recent indices in elasticsearch.

Do I accomplish this by modifying elasticsearch and logstash both?
What is a simple automated solution

Any help is greatly appreciated

-Runatyr

my logstash conf file below

input {
file {
path => "/var/log/logfile.log"
start_position => "beginning"
}
}

output {
elasticsearch {
hosts => ["localhost:9200"]
}
stdout { codec => rubydebug }
}

Christian_Dahlqvist · April 16, 2017, 10:49am

Logstash by default creates a new index every day, so that should already happen. In order to delete indices that are older than 7 days, you can use Curator.

runatyr · April 25, 2017, 5:47pm

Many thanks!

system · May 23, 2017, 6:02pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Elastic search Indexes Elasticsearch	4	413	March 27, 2018
Clarification on index by day and automatically closing them Elasticsearch	3	466	December 16, 2016
Elasticsearch index and curator Elasticsearch	3	396	March 27, 2018
Logrotate delete old files Elasticsearch	1	370	May 7, 2020
Basic understating regarding index creation Logstash	10	2725	August 13, 2021

New to it all. Would like a rotating 7 indexes from logstash to Elastisearch

Related topics