Hi All, I have setup a EFK system just for testing at the moment.
It's running in a VM with not much RAM and I am having problem with the elasticsearch process because of this. The VIRT = 12GB which is approximately the total size of the indexes. My indexes are split by date like so... logstash-2014.06.01 logstash-2014.06.02... and so on. I'm guessing elasticsearch is trying to hold all of this in RAM. Is there a way I can setup elasticsearch to only search a specific index (or number of indices)? Is it just a case of archiving the logs I don't want ES to deal with? Ideally I'd like to work with only the last day or two of indexes which will hopefully all fit into RAM. Cheers, Rhys -- You received this message because you are subscribed to the Google Groups "elasticsearch" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/4b2533dd-752b-442f-9ba3-a71de0cac6ff%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
