Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

Deleting Logs from a single host

https://support.nagios.com/forum/viewtopic.php?t=53796

Page 1 of 1

Deleting Logs from a single host

Posted: Wed May 08, 2019 10:54 am
by plusonetech
I was adding some additional windows servers to my log server yesterday and one of the servers I added had an auditing policy with everything enabled. The end result was in one day it logged 75GB in events, I have stopped that server from sending logs to the log server but would like to remove the logs sent by just that host yesterday. How would I go about doing this?

Re: Deleting Logs from a single host

Posted: Wed May 08, 2019 1:37 pm
by cdienger
Something like this should do the trick(change the IP as needed):

Code: Select all

curl -XDELETE 'http://localhost:9200/logstash-*/_query?q=host:192.168.5.55'

Re: Deleting Logs from a single host

Posted: Wed May 08, 2019 2:14 pm
by plusonetech
That worked perfectly, thanks for your help.

Re: Deleting Logs from a single host

Posted: Wed May 08, 2019 2:21 pm
by cdienger
Glad to hear!
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited