Elasticsearch’s default capacity management concept is automatic capacity growth with the addition of nodes. If the capacity is insufficient, a new node is automatically added to the entire capacity of the added node.
Check out the URL below for more details.
https://www.elastic.co/videos/big-data-search-and-analytics
동영상 · 느긋이 누워 즐기세요 | Elastic Videos
www.elastic.co
If you want to manage capacity, you need to manage Shards size by index. Shards is the default storage unit managed by ElasticSearch, which allows you to set the maximum Index size.
https://www.elastic.co/blog/found-sizing-elasticsearch#over-allocation-and-routing
Sizing Elasticsearch
We're often asked 'How big a cluster do I need?', and it's usually hard to be more specific than 'Well, it depends!'. There are so many variables, where knowledge about your application's specific workload and your performance expectations are just as impo
www.elastic.co
If you read the above article, you can manage it through the total size of shards when managing with single index. If it is generated based on time like logstash, you should manage it by deleting the index manually.
However, this is very easy and intuitive. If you want to delete the yearly data from logstash, you can easily delete the 2018 index via DELETE / logstash-2018*.
However, please keep in mind that big data systems such as Elasticsearch are used as simple commands, so care should be taken to ensure that clients accessing the system are able to use their privileges.
'Linux' 카테고리의 다른 글
| MariaDB/Mysql - Install and Remote connection by New User (0) | 2020.11.06 |
|---|---|
| MariaDB - Specified key was too long (0) | 2020.11.06 |
| PART 1 INSTALL ELASTICSEARCH 6 CLUSTER FOR CENTRALIZED SYSLOG (0) | 2020.11.04 |
| Ubuntu Firewall setting By UFW (0) | 2020.11.04 |
| Log Analysis -tr, awk, uniq, sort (0) | 2020.11.04 |
