Changing the index of fragments of the elasticsearch index the next time the index is rotated

Question

Changing the index of fragments of the elasticsearch index the next time the index is rotated

I have an ELK stack (Elasticsearch-Kibana) in which the elasticsearch node has a default value of shards 5. Logs are placed in it in the format logstash ( logstash-YYYY.MM.DD), which - believe me if I'm wrong - is indexed by date.

Since I cannot change the fragment counter of an existing index without overriding, I want to increase the number of fragments to 8 when creating the next index. I suggested that the ES-API allows you to constantly update changes on the fly.

How should I do it?

+4

elasticsearch logstash kibana

erbdex Apr 23 '14 at 11:22

source share

3 answers

elastics. config/elasticsearch.yml

index.number_of_shards: 8. elastics. , , 8 , .

+4

Ben Lim 24 . '14 2:47

, Kopf pluin, : https://github.com/lmenezes/elasticsearch-kopf

API:

curl -XPUT $ELASTICSEARCH-MASTER$:9200/_template/$TEMPLATE-NAME$ -d '$TEMPLATE-CONTENT$'

In the plugin: in the upper left corner, click more → Index Templates, and then create a new template and make sure that you have the following options as part of your template:

{
  "order": 0,
  "template": "logstash*",
  "settings": {
    "index": {
      "number_of_shards": "5",
      "number_of_replicas": "1"
    }
  },
  "mappings": {### your mapping ####},
  "aliases": {}
}

The above setting will ensure that if a new new index is created with a name logstash*, it will have 5 number of fragments and 1 replica.

0

Spaniard89 Jan 27 '17 at 14:53

source share

Rafi Aroch · Accepted Answer · 2014-09-10T11:18:54+0000

" " Elasticsearch: http://www.elasticsearch.org/guide/en/elasticsearch/reference/1.x/indices-templates.html

:

curl -XPUT localhost:9200/_template/logstash -d '
{
  "template": "logstash-*",
  "settings": {
    "number_of_replicas": 1,
    "number_of_shards": 8,
    "index.refresh_interval": "5s"
  },
  "mappings": {
    "_default_": {
      "_all": {
        "enabled": true
      },
      "dynamic_templates": [
        {
          "string_fields": {
            "match": "*",
            "match_mapping_type": "string",
            "mapping": {
              "type": "string",
              "index": "analyzed",
              "omit_norms": true,
              "fields": {
                "raw": {
                  "type": "string",
                  "index": "not_analyzed",
                  "ignore_above": 256
                }
              }
            }
          }
        }
      ],
      "properties": {
        "@version": {
          "type": "string",
          "index": "not_analyzed"
        },
        "geoip": {
          "type": "object",
          "dynamic": true,
          "path": "full",
          "properties": {
            "location": {
              "type": "geo_point"
            }
          }
        }
      }
    }
  }
}'

, , , .

Changing the index of fragments of the elasticsearch index the next time the index is rotated

More articles: