-
Notifications
You must be signed in to change notification settings - Fork 285
Data lifecycle
Peter Manev edited this page Jul 29, 2016
·
14 revisions
SELKS uses the powerful open source elasticsearch as a database and search engine.
In order to keep the disk space and data in check you can follow these simple steps using elasticsearch-curator.
Curator already comes installed and set up in SELKS - below is a how to do it form scratch if needed.
- Install curator
root@SELKS:~# pip install elasticsearch-curator
- Set up a cron job
You can just add that line to your /etc/crontab:
0 3 * * * root /usr/local/bin/curator delete indices --older-than 16 --time-unit days --timestring '\%Y.\%m.\%d'
That will kick in every day at 3 am and clean up/delete all the indices(data) older than 16 days from elsticsearch.