Hi!
Is there possibility to delete index document from watcher as action? I haven't found a guide or documentation of how to do it. Maybe scripts can invoke elastic API, can't they?
My case is I want to have a static list of users and their permissions that will be updated after every logs ingestion and my watcher will compare every time the old list of permissions with the new one and alert on critical changes. Any other solutions of how it can be implemented?
They note, deleting documents with Watcher seems potentially suspect (maybe not advised?), and we'd want to discuss more about the use case and intention. It can help to help avoid design 'gotcha' problems down the road. I'll let the Watcher group post further. Hit back if you don't hear much, please. Cheers!
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.