elk7.x建立快照可以有效备份索引的信息,创建成功界面如下,接下来讲一下本地创建快照的步骤。
创建步骤如下:
1) 在elaselasticsearch.yml创建保存的目录,然后重启elaselasticsearch
2) 用curl命令来创建存储库
[root@216-rsyslog bin]# curl --user elastic -X PUT "localhost:9200/_snapshot/my_backup?pretty" -H 'Content-Type: application/json' -d'
{
"type": "fs",
"settings": {
"location": "/mnt/elasticsearch/backup"
}
}
'
输出如下:
{
"error" : {
"root_cause" : [
{
"type" : "security_exception",
"reason" : "missing authentication credentials for REST request [/_snapshot/my_backup/snapshot_1/_status?pretty]",
"header" : {
"WWW-Authenticate" : "Basic realm=\"security\" charset=\"UTF-8\""
}
}
],
"type" : "security_exception",
"reason" : "missing authentication credentials for REST request [/_snapshot/my_backup/snapshot_1/_status?pretty]",
"header" : {
"WWW-Authenticate" : "Basic realm=\"security\" charset=\"UTF-8\""
}
},
"status" : 401
}
这里出现了认证报错,因为前面配置了elk的安全性,所有这里需要用--user 用户名参数来输入用户认证,这里我的用户名是elastic。注意:location的路径要和你在path.repo上配置的路径一致,否则会报错
[root@216-rsyslog bin]# curl --user elastic -X PUT "localhost:9200/_snapshot/my_backup?pretty" -H 'Content-Type: application/json' -d'
{
"type": "fs",
"settings": {
"location": "/mnt/elasticsearch/backup"
}
}
'
Enter host password for user 'elastic':
{
"acknowledged" : true
}
输入完密码后看到acknowledged字段为true说明成功了,kibana就会显示你创建的库
3) 用curl创建索引
curl --user elastic -X PUT "localhost:9200/_snapshot/my_backup/snapshot_1?wait_for_completion=true&pretty"
这个过程会比较长,不要以为是系统有问题了,耐心等待,等出现如下输出则代表创建成功。
],
"include_global_state" : true,
"state" : "SUCCESS",
"start_time" : "2019-11-15T09:41:22.850Z",
"start_time_in_millis" : 1573810882850,
"end_time" : "2019-11-15T10:21:09.509Z",
"end_time_in_millis" : 1573813269509,
"duration_in_millis" : 2386659,
"failures" : [ ],
"shards" : {
"total" : 28,
"failed" : 0,
"successful" : 28
}
}
}
此时你就会有如图一一样的索引了,这就是本地创建elk索引的步骤,elk索引如有问题可以通过在kibana点击快照然后点击右下角的restore进行恢复。