Elasticsearch Curator

Elasticsearch Curator helps to curate, or manage, the Elasticsearch indices and snapshots by getting the full list of indices from the Elasticsearch cluster as actionable list and iterate through the list with user defined filters and to perform various actions on the items.

Standard operations  performed on both indices and snapshots include

  • Add or remove indices from an alias
  • Change shard routing allocation
  • Close indices
  • Create index
  • Delete indices
  • Delete snapshots
  • Open closed indices
  • forceMerge indices
  • reindex indices, including from remote clusters
  • Change the number of replicas per shard for indices
  • rollover indices
  • Take a snapshot (backup) of indices
  • Restore snapshots

Curator installation on CentOS 7 using yum

Elastic use the PGP key D88E42B4, Elastic’s Signing Key, with fingerprint 4609 5ACC 8548 582C 1A26 99A9 D27D 666C D88E 42B4 to sign all our packages. It is available from http://pgp.mit.edu.

Download and install the public signing key:

Create curator.repo file in /etc/yum.repos.d/

Install Curator using the following command

Modify the Curator config files

Elasticsearch IP and port are defined in the curator.yml file.

The action file is configured to delete indices older than 7 days, each index is configured separately.

You can issue curator –help to get Curator usage with various options available

Curator is executed with the following command

You can add a contrab entry of curator for scheduled run

Curator will be scheduled to run 8.00 AM everyday.

Crontab entry format

* * * * * *
| | | | | |
| | | | | +– Year (range: 1900-3000)
| | | | +—- Day of the Week (range: 1-7, 1 standing for Monday)
| | | +—— Month of the Year (range: 1-12)
| | +——– Day of the Month (range: 1-31)
| +———- Hour (range: 0-23)
+———— Minute (range: 0-59)

Elasticsearch log entry

Disk usage before executing Curator:

Disk usage after executing Curator:

Please follow and like us: