版权声明:版权声明:本文为博主原创文章,未经博主允许不得转载。 https://blog.csdn.net/qq_37960324/article/details/83339951
ELK企业应用-清理elasticsearch 30天前的索引
执行脚本
[root@ops-elk-master shell]# cat month_ago_delete.sh
#!/bin/bash
#
# geng.tian
# 2018/10/27
# days for cut
time_ago=30
# elasticsearch ip
es_cluster_ip=10.10.10.11
function delete_index() {
comp_date=`date -d "${time_ago} day ago" +"%Y-%m-%d"`
date1="$1 00:00:00"
date2="${comp_date} 00:00:00"
t1=`date -d "${date1}" +%s`
t2=`date -d "${date2}" +%s`
if [ $t1 -le $t2 ]; then
echo "$1 will perform the deldete task earlier than ${time_ago} days ago"
curl -XDELETE http://${es_cluster_ip}:9200/*$1
fi
}
curl -XGET http://${es_cluster_ip}:9200/_cat/indices|awk -F " " '{print $3}' |egrep -v "[0-9*\.[0-9]*\.[0-9]*"|awk -F "-" '{print $2"-"$3"-"$4}' |sort | uniq | while read LINE
do
delete_index ${LINE}
done定时任务
[root@ops-elk-master shell]# crontab -l
# For elasticserach, at 3:01 am per day, the index is deleted earlier than 30 days ago!
1 3 1 * * /bin/sh /opt/shell/month_ago_delete.sh