Hi Mike, you can remove specific documents from the index (or all indices) using the Elasticsearch Delete by query API: http://www.elastic.co/guide/en/elasticsearch/reference/1.3/docs-delete-by-query.html
After you've removed the "faulty" documents from Elasticsearch, make sure to re-calculate the index ranges in Graylog (System -> Indices in the web interface). Cheers, Jochen On Thursday, 26 March 2015 23:39:33 UTC+1, Mike Nezri wrote: > > Hello > I have some old faulty device ( source name ) that I want to remove from > my Graylog. > I did find some explanation on how to remove the source using > Elasticsearch XDELETE - but I was not able to do it. > Can someone help me on this topic? > -- You received this message because you are subscribed to the Google Groups "graylog2" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
