Graylog and OpenSearch Index Templates

edp · January 21, 2026, 10:22pm

Does Graylog use OpenSearch Index Templates? I’m not seeing any.

I need to set up an OpenSearch index template pattern to apply a setting to all new indices that are created in one of our index sets… can I do this without affecting the normal settings that Graylog specifies when the index set is rotated and it creates the next index for writing? I’m not sure exactly how Graylog creates new indices.

What happens with I create a field type mapping or apply a field type profile - does Graylog put these in an OpenSearch index template, or just incorporate the field type settings when it creates each new index directly?

Thanks,

– Ed

edp · January 22, 2026, 10:24pm

I found what looks to be the OpenSearch legacy templates maintained by Graylog for our index sets in http://localhost:9200/_template. There is one for each index set named “index_set_prefix-template”.

Can we alter these and not have Graylog overwrite them and remove the extra settings I put in?

Thanks,

– Ed

Topic		Replies	Views
Activate compression for new opensearch indexes Graylog Central (peer support) elastic	1	758	November 30, 2023
Graylog rewriting "index template" in Elasticsearch Graylog Central (peer support)	8	4076	March 16, 2021
Elasticsearch index template overwritten on rotation Graylog Central (peer support)	3	466	June 28, 2023
Cannot apply new custom index template Graylog Central (peer support)	1	1101	December 5, 2019
Graylog custom mapping for several templates Graylog Central (peer support)	5	2735	November 15, 2021

Graylog and OpenSearch Index Templates

Related topics