Extract a query to another NLS instance

This support forum board is for support questions relating to Nagios Log Server, our solution for managing and monitoring critical log data.
Locked
batzos
Posts: 21
Joined: Mon Oct 05, 2015 2:36 am

Re: Extract a query to another NLS instance

Post by batzos »

Thank you for your feedback. I will try to work myself on this solution.
Instead of this solution, is it possible to copy the indexes and the snapshots we are interested in another NLS (quests' server) and then make them visible to this server web interface? If yes, can we then delete the parts we want to discard, for example delete all windows logs from all indexes?
Top
jolson
Attack Rabbit
Posts: 2560
Joined: Thu Feb 12, 2015 12:40 pm

Re: Extract a query to another NLS instance

Post by jolson »

Instead of this solution, is it possible to copy the indexes and the snapshots we are interested in another NLS (quests' server) and then make them visible to this server web interface?
Definitely. What you'd do is set up backups using the following KB article: https://support.nagios.com/kb/article.p ... tegory=132

After you set up your backups and have a full system backup, you're free to move those files to any cluster you'd like and restore them.
If yes, can we then delete the parts we want to discard, for example delete all windows logs from all indexes?
Yup! You can delete logs by using a query. Example:

Delete all data of 'type:logsiwanttodelete' on a single index:

Code: Select all

curl -XDELETE 'http://localhost:9200/logstash-2016.02.17/_query?q=type:logsiwanttodelete'
Across all indices:

Code: Select all

curl -XDELETE 'http://localhost:9200/_all/_query?q=type:logsiwanttodelete'
Twits Blog
Show me a man who lives alone and has a perpetually clean kitchen, and 8 times out of 9 I'll show you a man with detestable spiritual qualities.
Top
Locked

Return to “Nagios Log Server”