Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Elasticsearch monitoring indices

Tags:

elasticsearch

logstash

I am new to ELK stack and playing around with it in a development environment. That's why I end up deleting an index (DELETE /index_name) and recreating multiple times. Deleting an index that I created works fine, but I notice that there are few lingering system indices, like .monitoring-es-2-2017.02.05.

Screenshot of system indices

  • What is the purpose of these indices?
  • Is each one of those created for a corresponding index?
  • How do I delete them?

NOTE: I have seen the suggestion to use /* to delete everything. But that sounds risky. I don't want to delete index pattern or Visualization or the templates. I only want to delete the data and repopulate with updated data.

like image 717
javakurious Avatar asked Feb 08 '17 19:02

javakurious

People also ask

How do I monitor Elasticsearch index?

You can drill down into the status of your Elasticsearch cluster in Kibana by clicking the Overview, Nodes, Indices and Logs links on the Stack Monitoring page. For more information, refer to Monitor a cluster.

Is Elasticsearch a monitoring tool?

ElasticHQ. ElasticHQ is commonly used as a hosted on-demand monitoring tool for Elasticsearch clusters. With the option to either be installed as a plugin or downloaded/run locally, ElasticHQ monitors individual cluster nodes and gives insight into runtime metrics as well as configurations.

Can Kibana be used for monitoring?

The Kibana monitoring features serve two separate purposes: To visualize monitoring data from across the Elastic Stack. You can view health and performance data for Elasticsearch, Logstash, and Beats in real time, as well as analyze past performance.

1 Answers

These indices are created by the Elastic X-Pack monitoring component. X-Pack components are elasticsearch plugins and thus store their data, like Kibana, in elasticsearch. Unlike the .kibana index these indices are created daily because they contain timeseries monitoring data about elasticsearch's performance. Deleting them will have no impact on your other indices.

As @Val pointed out in the comments, you can use /.monitoring-* to only delete these indices and ensure you do not wipe out any other indices, you may find the data in these indices useful as you evaluate the ELK stack and leaving them should not negatively impact you except in the disk space and small amount of memory they occupy.

like image 178
Will Barnwell Avatar answered Oct 04 '22 02:10

Will Barnwell
Sign in to Comment

Related questions

How to speed up Elasticsearch recovery?
elasticsearch-dsl aggregations returns only 10 results. How to change this
How can I do a fuzzy search using django-haystack and the elasticsearch backend?
spring-data-elasticsearch - registering custom analyser
Can't connect to Elasticsearch with Node.Js on Kubernetes (self signed certificate in certificate chain)
Which field matched query in multi_match search in Elasticsearch?
ElasticSearch Order By String Length
User Interface for Elasticsearch
Filebeat vs Rsyslog for forwarding logs
NEST mapping of Dictionary<string,object>
AWS Elasticsearch VPC connectivity
Elasticsearch GET just after POST
List all available indices via Java API [closed]
How can I boost the field length norm in elasticsearch function score?
Elasticsearch Gateway timeout 504
ElasticsearchStatusException contains unrecognized parameter: [ccs_minimize_roundtrips]]]
Equivalent of copyField of Solr on ElasticSearch?
How to boost search based on index type in elasticsearch or lucene?
How to update elasticsearch field type
Docker-compose links vs external_links

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!