How to Remove Elasticsearch Indexes

[Marcio Costa]

Hello.

How ( if possible ) I can limit the number of indexes created by Elasticsearch ?

Or I can erase manually the indexes after a period of time and run a internal rebuild ?

I whish by e.g. keep only the last 90 days of indexes and then remove the old files to recovery disk space.

Or in a future version of app can be implemented an option to generate at "n" number of indexes and remove the old ?

Thanks.

[Jesus Linares]

Hi Marcio,

you can remove manually an index using the Elastic API:

# List indices
curl -XGET 'localhost:9200/_cat/indices'

# Remove index (it allows wildcards)
curl -XDELETE 'localhost:9200/index_name'

It should be easy to create a script to remove indices older than 90 days.

It could be a nice feature to the app. Thanks for the idea.

I hope it helps.

Regards.

[Pedro Sanchez]

Hi,

The script attached does exactly what you need. It is not the fanciest script but works great.

Set up a cronjob to run the script daily and that's all.

Best,

Pedro 'snaow' Sanchez.

--
You received this message because you are subscribed to the Google Groups "Wazuh mailing list" group.
To unsubscribe from this group and stop receiving emails from it, send an email to wazuh+unsubscribe@googlegroups.com.
To post to this group, send email to wa...@googlegroups.com.
Visit this group at https://groups.google.com/group/wazuh.
To view this discussion on the web visit https://groups.google.com/d/msgid/wazuh/d9d829d7-95a1-4c22-a187-64e3867ebc14%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

[0x2a]

Hello,

you might want to take a look at Elastic Curator:
https://www.elastic.co/guide/en/elasticsearch/client/curator/current/index.html

https://www.elastic.co/guide/en/elasticsearch/client/curator/current/delete_indices.html
https://www.elastic.co/guide/en/elasticsearch/client/curator/current/ex_delete_indices.html


regards,
0x2a

>> send an email to wazuh+un...@googlegroups.com.

>> To post to this group, send email to wa...@googlegroups.com.

>> Visit this group at https://groups.google.com/group/wazuh [1].

>> To view this discussion on the web visit
>>
> https://groups.google.com/d/msgid/wazuh/d9d829d7-95a1-4c22-a187-64e3867ebc14%40googlegroups.com

>> [2].
>>
>> For more options, visit https://groups.google.com/d/optout [3].

>
> --
> You received this message because you are subscribed to the Google
> Groups "Wazuh mailing list" group.
> To unsubscribe from this group and stop receiving emails from it, send

> an email to wazuh+un...@googlegroups.com.

> To post to this group, send email to wa...@googlegroups.com.
> Visit this group at https://groups.google.com/group/wazuh.
> To view this discussion on the web visit

> https://groups.google.com/d/msgid/wazuh/CAN00vH1gJ1dtP41ecHep_MDkf5JQHPHRHfLF1tHeeuWB1T_tJA%40mail.gmail.com
> [4].

> For more options, visit https://groups.google.com/d/optout.
>
>

> Links:
> ------
> [1] https://groups.google.com/group/wazuh
> [2]
> https://groups.google.com/d/msgid/wazuh/d9d829d7-95a1-4c22-a187-64e3867ebc14%40googlegroups.com?utm_medium=email&utm_source=footer
> [3] https://groups.google.com/d/optout
> [4]
> https://groups.google.com/d/msgid/wazuh/CAN00vH1gJ1dtP41ecHep_MDkf5JQHPHRHfLF1tHeeuWB1T_tJA%40mail.gmail.com?utm_medium=email&utm_source=footer

[Pedro Sanchez]

+ 1 !!

send an email to wazuh+unsubscribe@googlegroups.com.

To post to this group, send email to wa...@googlegroups.com.

Visit this group at https://groups.google.com/group/wazuh [1].
To view this discussion on the web visit

https://groups.google.com/d/msgid/wazuh/d9d829d7-95a1-4c22-a187-64e3867ebc14%40googlegroups.com

[2].

For more options, visit https://groups.google.com/d/optout [3].

 --
You received this message because you are subscribed to the Google
Groups "Wazuh mailing list" group.
To unsubscribe from this group and stop receiving emails from it, send

an email to wazuh+unsubscribe@googlegroups.com.

To post to this group, send email to wa...@googlegroups.com.
Visit this group at https://groups.google.com/group/wazuh.
To view this discussion on the web visit

https://groups.google.com/d/msgid/wazuh/CAN00vH1gJ1dtP41ecHep_MDkf5JQHPHRHfLF1tHeeuWB1T_tJA%40mail.gmail.com
[4].
For more options, visit https://groups.google.com/d/optout.


Links:
------
[1] https://groups.google.com/group/wazuh
[2]
https://groups.google.com/d/msgid/wazuh/d9d829d7-95a1-4c22-a187-64e3867ebc14%40googlegroups.com?utm_medium=email&utm_source=footer
[3] https://groups.google.com/d/optout
[4]
https://groups.google.com/d/msgid/wazuh/CAN00vH1gJ1dtP41ecHep_MDkf5JQHPHRHfLF1tHeeuWB1T_tJA%40mail.gmail.com?utm_medium=email&utm_source=footer

--
You received this message because you are subscribed to the Google Groups "Wazuh mailing list" group.

To unsubscribe from this group and stop receiving emails from it, send an email to wazuh+unsubscribe@googlegroups.com.

To post to this group, send email to wa...@googlegroups.com.
Visit this group at https://groups.google.com/group/wazuh.

To view this discussion on the web visit https://groups.google.com/d/msgid/wazuh/3fee64a7a198bd09a2f77f6e0a4f214a%40mail.correcthorsebatterystaple.xyz.