Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

Extract a query to another NLS instance

https://support.nagios.com/forum/viewtopic.php?t=36846

Page 2 of 2

Re: Extract a query to another NLS instance

Posted: Wed Feb 17, 2016 12:28 pm
by batzos
Thank you for your feedback. I will try to work myself on this solution.
Instead of this solution, is it possible to copy the indexes and the snapshots we are interested in another NLS (quests' server) and then make them visible to this server web interface? If yes, can we then delete the parts we want to discard, for example delete all windows logs from all indexes?

Re: Extract a query to another NLS instance

Posted: Wed Feb 17, 2016 2:49 pm
by jolson
Instead of this solution, is it possible to copy the indexes and the snapshots we are interested in another NLS (quests' server) and then make them visible to this server web interface?
Definitely. What you'd do is set up backups using the following KB article: https://support.nagios.com/kb/article.p ... tegory=132

After you set up your backups and have a full system backup, you're free to move those files to any cluster you'd like and restore them.
If yes, can we then delete the parts we want to discard, for example delete all windows logs from all indexes?
Yup! You can delete logs by using a query. Example:

Delete all data of 'type:logsiwanttodelete' on a single index:

Code: Select all

curl -XDELETE 'http://localhost:9200/logstash-2016.02.17/_query?q=type:logsiwanttodelete'
Across all indices:

Code: Select all

curl -XDELETE 'http://localhost:9200/_all/_query?q=type:logsiwanttodelete'
All times are UTC-05:00
Page 2 of 2

Powered by phpBB® Forum Software © phpBB Limited