Hello
The *ElasticSearch Version is 1.7.1 *andthis is the current script
#!/bin/sh
FDATE=`date +"%F %H:%M:%S.000" --date="60 days ago"`
TDATE=`date +"%F %H:%M:%S.000" --date="0 days ago"`
RANGE='{
"query": {
"filtered": {
"query": {
"query_string": {
"query": "level:7",
"allow_leading_wildcard": false
}
},
"filter": {
"bool": {
"must": {
"range": {
"timestamp": {
"from": "'${FDATE}'",
"to": "'${TDATE}'",
"include_lower": true,
"include_upper": true
}
}
}
}
}
}
}
}'
/usr/bin/curl -v3 -H "Content-Type: application/json" -XDELETE
"http://127.0.0.1:9200/graylog2_*/message/_query"; -d "${RANGE}"
with this output
* About to connect() to 127.0.0.1 port 9200 (#0)
* Trying 127.0.0.1... connected
* Connected to 127.0.0.1 (127.0.0.1) port 9200 (#0)
> DELETE /graylog2_*/message/_query HTTP/1.1
> User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7
NSS/3.19.1 Basic ECC zlib/1.2.3 libidn/1.18 libssh2/1.4.2
> Host: 127.0.0.1:9200
> Accept: */*
> Content-Type: application/json
> Content-Length: 523
>
< HTTP/1.1 200 OK
< Content-Type: application/json; charset=UTF-8
< Content-Length: 203
<
* Connection #0 to host 127.0.0.1 left intact
* Closing connection #0
{"_indices":{"graylog2_3":{"_shards":{"total":4,"successful":4,"failed":0}},"graylog2_2":{"_shards":{"total":4,"successful":4,"failed":0}},"graylog2_4":{"_shards":{"total":4,"successful":4,"failed":0}}}}[blcrood@blx-lm00
scripts]$
I hope this help.
Thank you very much.
Greeting
Steve
Am Mittwoch, 23. März 2016 17:27:31 UTC+1 schrieb Jochen Schalanda:
>
> Hi Steve,
>
> which version of Elasticsearch are you using and what's the exact reply of
> Elasticsearch when running your script?
>
> Cheers,
> Jochen
>
> On Wednesday, 23 March 2016 15:57:23 UTC+1, Steve Miller wrote:
>>
>> Hello
>>
>> I have this Bash-Script to delete messages for the ElasticSearch Server.
>>
>> #!/bin/sh
>> FDATE=`date +"%F %H:%M:%S.000" --date="60 days ago"`
>> TDATE=`date +"%F %H:%M:%S.000" --date="0 days ago"`
>>
>> RANGE='{
>> "query": {
>> "filtered": {
>> "query": {
>> "query_string": {
>> "query": "level:7",
>> "allow_leading_wildcard": false
>> }
>> },
>> "filter": {
>> "bool": {
>> "must": {
>> "range": {
>> "timestamp": {
>> "from": "'${FDATE}'",
>> "to": "'${TDATE}'",
>> "include_lower": true,
>> "include_upper": true
>> }
>> }
>> }
>> }
>> }
>> }
>> }
>> }'
>> /usr/bin/curl -v3 -H "Content-Type: application/json" -XDELETE "
>> http://127.0.0.1:9200/graylog2_*/message/_query"; -d "${RANGE}"
>>
>> I can run this script and have no error messages, but no messages will be
>> deleted.
>>
>> Has anyone any idea what could be the problem?
>>
>> cheers
>> Steve
>>
>> PS: When i run the same query with XGET then i have total hits over
>> 100'000
>>
>
--
You received this message because you are subscribed to the Google Groups
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/graylog2/b02f792b-c308-4350-91ec-d4084c770df5%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
