Elastic search Curator uses

Keywords: Big Data snapshot ElasticSearch

introduce

Elastic search Curator helps you plan or manage your Elastic search index and snapshot in the following ways:

  • Get a complete list of indexes (or snapshots) from the cluster as an operational list
  • Iterate the list of user-defined filters and gradually remove the index (or snapshot) from the list as needed.
  • Perform various operations on items in the user-defined action list (including Create Index, Delete Indices, Reindex, Snapshot, etc.)

Use

curator's command-line syntax is as follows:

curator [--config CONFIG.YML] [--dry-run] ACTION_FILE.YML
  • CONFIG.YML: Basic information for configuring ES
  • ACTION_FILE.YML: Specific execution script
  • dry-run:curator will simulate actions in ACTION_FILE.YML as close as possible without actually making any changes
    The following are specific examples of use:
    curator.yml:
client:
  hosts:
    - 192.168.1.188
  port: 9200
  url_prefix:
  use_ssl: False
  certificate:
  client_cert:
  client_key:
  ssl_no_validate: False
  http_auth:
  timeout: 30
  master_only: False

logging:
  loglevel: INFO
  logfile:
  logformat: default
  blacklist: ['elasticsearch', 'urllib3']

deleteIndecies.yml:

actions:
  1:
    action: delete_indices
    description: >-
      //Delete indexes over 120 days (based on index names) for nessus-
      //Prefix index. If the filter does not cause an error, ignore the error
      //Operational index list (ignore_empty_list) and exit completely.
    options:
      ignore_empty_list: True
      disable_action: False
    filters:
    - filtertype: pattern
      kind: prefix
      value: nessus-
    - filtertype: age
      source: name
      direction: older
      timestring: '%Y.%m.%d'
      unit: days
      unit_count: 120
  2:
    action: delete_indices
    description: >-
      //Delete indexes over 60 days (based on index names) for metricbeat-6.2.2-prefix indexes.
    options:
      ignore_empty_list: True
      disable_action: False
    filters:
    - filtertype: pattern
      kind: prefix
      value: metricbeat-6.2.2-
    - filtertype: age
      source: name
      direction: older
      timestring: '%Y.%m.%d'
      unit: days
      unit_count: 60

Finally, curator --config curator.yml --dry-run deleteIndecies.yml is executed to delete the index run of Nessus 120 days ago (remember to delete - dry-run when you actually use it)
Other functions can be viewed on the official website. Official Documents or Use examples

Posted by g_p_java on Thu, 24 Jan 2019 07:30:13 -0800

Hot Keywords

©2024 Programmer Group