Note: the settings are new and have only been in effect for about 2 hours; previous settings had index rotation at 30d; 12 kept; delete. Shards/replicas have always been set at 1/1.
curl -k -X GET "https://<username>:<password>@graynode-1.foo.barl:9200/_cat/shards?v=true&h=index,prirep,shard,store&s=prirep,store&bytes=gb"
How much data are you ingesting a day (you can see from system>overview? So you were keeping data for a year, did you actually get up to that full year of retention, or on average how far back does your data go as of today, but you just changed these all to store no more than 40 days right?
The company I support is project based so its feast or famine when it comes to data ingestion. Busy period we tip the scales at 20GB a day. Slow its down below 10GB
About 6 months, now (on how long its been up and running)
Yes, so that, as I understand it, it will not rotate the index until, at most, 40 days while keeping it between 20-50GB in size (am I understanding that correctly?) and then will keep all indices not older than “12” (i.e. based on 30-40 day period, approximately a year)
It will rotate the index when the size gets to an ideal size, so in a busy environment maybe it rotates a few times a day and there are dozens on indices in the 40 days, in a small environment maybe it only rotates every two weeks and there are 2 or 3 indices.
