-
Notifications
You must be signed in to change notification settings - Fork 285
Delete specific logs from Elasticsearch
Peter Manev edited this page Jun 16, 2020
·
9 revisions
To delete all events from 16 June 2019:
root@SELKS:~# wget --quiet -O - --method=DELETE "http://localhost:9200/logstash-*-2020.06.16"
To delete all alerts from 09 December 2019:
root@SELKS:~# wget --quiet -O - --method=DELETE "http://localhost:9200/logstash-alert-2019.12.09"
To delete all TLS records from 10 January 2020:
root@SELKS:~# wget --quiet -O - --method=DELETE "http://localhost:9200/logstash-tls-2020.01.10"
To delete all DNS records from 20 April 2020:
root@SELKS:~# wget --quiet -O - --method=DELETE "http://localhost:9200/logstash-dns-2020.04.15"
To delete all SSH records from 11 June 2020:
root@SELKS:~# wget --quiet -O - --method=DELETE "http://localhost:9200/logstash-ssh-2020.06.11"
To delete all HTTP records from 16 June 2020:
root@SELKS:~# wget --quiet -O - --method=DELETE "http://localhost:9200/logstash-http-2020.16.06"
Other:
curl -XGET "localhost:9200/_cat/indices?v" curl -XDELETE 'http://localhost:9200/logstash-dns-2019.06.13' curl -XDELETE 'http://localhost:9200/logstash-dns-*'
You can also have a look here Data lifecycle for time range based deletions.