How to close active write index and reconfigure with new retention strategy.
Also, Can I get some reference documents on how to open close indices and make them available in Elastic search?
Graylog Version - Graylog v4.2.9+f0d8298
Configured on docker container
Hello @Raynu
Below each index set are these
Navigate to System/Indices, Click on "Edit " Button. Adjust the retention strategy. You may want to manually rotate the index.
Perhaps here
Thanks @gsmith
Just tested on Dev box.
Once the index is rotated and closed. you get an option to reopen that index.
Never thought it will be that easy.
Just an FYI, Graylog controls Elasticsearch/OpenSearch.
What does that mean? Sorry I am not an expert in this area.
Oh,
Meaning to can make adjustments with indices through Graylog Web UI. ELK stack you normally have to do curl commands to modify you indices.
Aah right, I find those commands tricky when I search on google because we have docker container and the configuration is slightly different. I am still struggling to find out how I can see actual indexes and data via command line. I my Indices directory in Elasticsearch there are no actual names of the indices as I see on UI.
Every day there is a new learning,
For Docker, depending on how you setup you Docker-compose.
I use the Docker container IP address, to find that IP Address, I use this command.
root # docker ps
then
root # docker inspect 5c3b42ba17d6 <--- Elasticsearch_container_id
Then use that ip address like so
curl -XGET http://172.17.0.3:9200/_cat/indices
Results
root@ansible:/usr/local/bin# curl -X GET http://172.17.0.3:9200/_cluster/health?pretty
{
"cluster_name" : "docker-cluster",
"status" : "green",
"timed_out" : false,
"number_of_nodes" : 1,
"number_of_data_nodes" : 1,
"active_primary_shards" : 114,
"active_shards" : 114,
"relocating_shards" : 0,
"initializing_shards" : 0,
"unassigned_shards" : 0,
"delayed_unassigned_shards" : 0,
"number_of_pending_tasks" : 0,
"number_of_in_flight_fetch" : 0,
"task_max_waiting_in_queue_millis" : 0,
"active_shards_percent_as_number" : 100.0
}
root@ansible:/usr/local/bin#
OR
root@ansible:/usr/local/bin# curl -X GET http://172.17.0.3:9200/_cat/indices?pretty
green open gl-failures_70 0-SMsbiWT6m6Q2grl9TIHQ 2 0 0 0 416b 416b
green open gl-failures_75 j5Y5f5erQ0iGX-h7dicIBg 2 0 0 0 416b 416b
green open gl-failures_73 wh6246BFQ4yux-chCC9Ymw 2 0 0 0 416b 416b
green open gl-failures_74 VhB-jShSTXC8dv4p7LMvGw 2 0 0 0 416b 416b
green open gl-failures_71 5EKaiLQXRLyvmy6O76Wz4Q 2 0 0 0 416b 416b
green open gl-failures_72 WxKsOTrKSWKGGoBtvWrGTw 2 0 0 0 416b 416b
green open graylog_36 CK1_UbhzReOX0dghZlV_7A 2 0 185797 0 41.3mb 41.3mb
green open graylog_35 cllJF1T3SwqW98yMqVk9WQ 2 0 48446 0 10.8mb 10.8mb
green open graylog_38 -JGlAUEwS9-A1aoOb0sh7w 2 0 68243 0 15mb 15mb
green open graylog_37 Rn18l_FnSn6FfceXrbOyOA 2 0 31678 0 7.4mb 7.4mb
green open graylog_39 KkZ9VZCCRbumKVCqppGznQ 2 0 25717 0 6.2mb 6.2mb
green open gl-failures_48 UghG8pQvRx6H-dw-Wm4rcg 2 0 0 0 416b 416b
green open gl-failures_49 q34y6mSxQECOvgnIorHWGA 2 0 0 0 416b 416b
green open gl-failures_46 BhgAbE2zSJqijClizpkiwA 2 0 0 0 416b 416b
green open gl-failures_47 BbA1C3OdRTWv23bTaI4kuQ 2 0 0 0 416b 416b
green open graylog_41 ozcGKVcXQee3GjNbWMgwiA 2 0 26166 0 6.2mb 6.2mb
green open graylog_40 mmypHdvLTQOk0M2HvJ5rqA 2 0 25717 0 6.1mb 6.1mb
green open graylog_43 KdJ_a7XQRcajre-Cc2We7w 2 0 26110 0 6.2mb 6.2mb
green open graylog_42 tABeMuBiQJCjgF2Txdq3EA 2 0 26550 0 6.4mb 6.4mb
green open graylog_45 AhwS4kmsSHSREgxONiWNKg 2 0 36629 0 8.6mb 8.6mb
green open graylog_44 APRfXxe7R5uPv-6_QvTHWw 2 0 26820 0 6.4mb 6.4mb
green open graylog_47 0Pid3PlaRlqhoPqbE9y7WQ 2 0 25629 0 6.1mb 6.1mb
green open graylog_46 Rua1xuHHSMyOQCKnpO6h3Q 2 0 25852 0 6.2mb 6.2mb
green open graylog_49 lec3ySJRS2-uYprQ4F1s8Q 2 0 4183 0 2.3mb 2.3mb
green open graylog_48 6fJCSHQxSSeIIs-6Ec5PZA 2 0 25607 0 6.1mb 6.1mb
green open gl-failures_55 icjSVuhaQUeeP5ElnR6Ttg 2 0 0 0 416b 416b
green open gl-failures_56 er1KZddsTmyhbbnNJkJ8nA 2 0 0 0 416b 416b
green open gl-failures_53 qKOL72pOSo6zTK_6dy-G7Q 2 0 0 0 416b 416b
green open gl-failures_54 ferZIwrhStGayYCUH7_R6w 2 0 0 0 416b 416b
green open gl-failures_51 KPEIeAVgQAiKu0MTo2HX4w 2 0 0 0 416b 416b
green open gl-failures_52 ju4Dh6apRJiFny-xfwX1Uw 2 0 0 0 416b 416b
green open gl-failures_50 A7mJlKcZSdCc7hZ7YJ0WEA 2 0 0 0 416b 416b
green open gl-failures_59 C6U_6QttRU6iHoYiDun5jw 2 0 0 0 416b 416b
green open gl-failures_57 eauYJr__RvKRHMeR18ok7Q 2 0 0 0 416b 416b
green open gl-failures_58 rB193zrQRACereNRZaV6JQ 2 0 0 0 416b 416b
green open gl-system-events_2 Gcj8pHI9SFOJ6gg5HBhZOg 4 0 0 0 832b 832b
green open gl-system-events_0 0VJyfJH-TiuB6HRVtekKIQ 4 0 0 0 832b 832b
green open gl-system-events_1 4SnH4ipSQqKUEhrbzkm4Sg 4 0 0 0 832b 832b
green open gl-failures_66 MBGd-MV2T7WCzmWy_J6MGA 2 0 0 0 416b 416b
green open gl-events_1 6_fhAYxfRw6Q7bgXGEnQww 4 0 7142329 0 1.1gb 1.1gb
green open gl-events_0 5I8vbJacT22BLtDtTyhlNA 4 0 869062 0 150.7mb 150.7mb
green open gl-failures_67 ryEXm_zfTMKg5XgQTmbt6A 2 0 0 0 416b 416b
green open gl-failures_64 NLPR-X2BSOOcjzVD4japjw 2 0 0 0 416b 416b
Wow, that’s great. You made my day. Thanks heaps for simple explanation and examples…
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.