Elasticsearch Frozen Indices Searching

Zerobot · December 4, 2019, 7:00am

Hi!

Some time ago Elasticsearch opened many features of x-pack to the world, basically free of charge.
One of those features is a “Freeze Index API” - very usefull for large amounts of ‘cold’ data.
Is it possible to search trough those indices via Graylog?

Edit:
Searching those indices would require a ignore_throttled=false parameter in the query.
Is it possible to change this parameter in Graylog? From my understanding Graylog uses ignore_throttled=true as default.

jan · December 6, 2019, 4:41pm

nope that is not possible.

you would need to open a feature request over at GitHub for that.

system · December 20, 2019, 4:41pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Graylog not searching frozen indices? Graylog Central (peer support)	1	316	November 14, 2020
Graylog search issue Graylog Central (peer support)	8	1297	April 11, 2019
Elasticsearch data copied but graylog cannot search in it Graylog Central (peer support)	3	575	March 29, 2017
Run Elasticsearch Query in Graylog Search Graylog Central (peer support)	2	2771	June 15, 2017
Graylog indices Graylog Central (peer support)	23	6895	July 11, 2018

Elasticsearch Frozen Indices Searching

Related topics