OpenSearch Log Rotation - Free Your Disk Space with Automated Log Rotation!
Вставка
- Опубліковано 27 жов 2024
- Join me as we enable log rotation with OpenSearch. Free your disk space! Let's deploy a Host Intrusion Detection System and SIEM with free open source tools. Join me as we explore and learn together.
GitHub: github.com/Ope...
Discord Channel: / discord
Check us out: www.opensecure...
Interact with our demo: www.opensecure...
Hire us: www.opensecure...
Hi Taylor, i follow your video, and create the policy like you did, but the policy is not been assigned when new indice has created, so i need to do manually everyday. Doubt: when i execute the command "filebeat --index-management" i have the message "ILM policy and write alias loading not enabled." can be the reason for automatic assignment not work? you have the same message in the video, it works with you?
how did you learn this bro ! Please answer
I have a kubernetes wazuh setup. I did it in my master but it seems to be not working automatically when the day changes. what should I do ?
Was really searching for this video and you really explained well. When will be video of 'Opensearch Snapshot and Restore' is coming?
Snapshot and Restore to S3 bucket coming soon.
@@taylorwalton_socfortress That's great will be waiting for that. Please include the guide of backup for local filesystem as well 😄
what if I just want to delete data inside index like delete old documents
You can use the DELETE Request API: www.elastic.co/guide/en/elasticsearch/reference/current/docs-delete.html
@@taylorwalton_socfortress can it possible to make part of ILM policy
@@taylorwalton_socfortress my index's are not s time based , all the data is accumulating on single index and i don't want to delete entire index, delete old documents inside index based on age . can i be possible with ILM policies are i need go with lamda option ?
@@gnaneethi81 hmm I do not think that can be done via ILM policies. May be worth exploring if that is something that can be done with Lambda, but I am not totally sure. Sorry I cannot help out much further, but I would love to know if you find a solution!