What is ELK data rotation Policy?

vikas_gopal · July 2, 2015, 8:55am

Hi Experts,

I have couple of questions

What is ELK default data rotation policy. Like how data expires , where it moves once expire,where we can define after such period or time old data will archive ?
What is the default data retention period of ELK ? how and where we can change this ?

Thanks
Vikas

magnusbaeck · July 2, 2015, 11:56am

Elasticsearch doesn't delete anything by default. You have to implement that yourself, e.g. by using Curator.

vikas_gopal · July 2, 2015, 11:59am

Thank you Magnus,

Any other option apart from Curator . Why I am asking because I am windows user and Curator I guess work for Linux only . Please correct me if I am wrong .

magnusbaeck · July 2, 2015, 12:55pm

Curator is Python so it should work on Windows too. But there might be other options too, but if there are I don't know about them.

vikas_gopal · July 2, 2015, 12:55pm

thanks

theuntergeek · July 2, 2015, 2:38pm

Curator now ships with a windows (32bit) binary package: https://www.elastic.co/guide/en/elasticsearch/client/curator/current/windows-zip.html

Update: It is now a Win32 binary.

vikas_gopal · July 2, 2015, 5:23pm

Ahh!! my bad I need 32 bit package.But thank you Aaron.