Hello All,
I have a question about hourly sharding with either logstash or fluentd.
Since we are, or will be using, a set up called FLEKZ. I am trying to
integrate both logstash and fluentd together, which work well with each
other. However, I have a business requirement for a rolling 24hour shard
deletion.
When I add
logstash_dateformat %Y.%m.%d.%H
in fluentd and
index => "logstash-%{+YYYY.MM.dd.HH}"
into logstash.
Elasticsearch cannot find the indices anymore. I go onto Kibana and they
cannot be found. I switch back to the normal Y.m.d in both and the
information is back on the screen. Using the api I am also not able to
search any of the indices. Is there something I am doing wrong or is there
something in the config file that I am missing?
Thank you for your help,
--
You received this message because you are subscribed to the Google Groups
"elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/a0dc08e6-c570-4305-bc0b-808937551f54%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
