Hi,
I have integrated metricbeat and I created a template before sending index to the system. I am getting indices like metricbeat-7.9.1-2020.11.26
. I have attached a ISM Policy, so that my expectation is, to create a new index metricbeat-7.9.1-2020.11.26-00001
when the current index cross 100mb size. Metricbeat indices will get created daily, like metricbeat-7.9.1-2020.11.26
, metricbeat-7.9.1-2020.11.27
, metricbeat-7.9.1-2020.11.28
etc. SO, I want to split up every daily index, based on size. I created the policy like below;
{
"policy_id": "metricbeat",
"description": "metricbeat test policy",
"last_updated_time": 1606385808719,
"schema_version": 1,
"error_notification": null,
"default_state": "hot",
"states": [
{
"name": "hot",
"actions": [
{
"rollover": {
"min_size": "100mb"
}
}
],
"transitions": [
{
"state_name": "delete",
"conditions": {
"min_index_age": "5d"
}
}
]
},
{
"name": "delete",
"actions": [
{
"delete": {}
}
],
"transitions": []
}
]
}
and I received an error while trying to attempt rollover, like the alias does not exist. Then, I updated thhe metricbeat template by adding the template setting like below;
{
"metricbeat-7.9.1" : {
"aliases": {
"metricbeat": {}
}
}
}
Now, I am getting error on ISM retry;
{
"cause": "rollover target [metricbeat] does not exist",
"message": "Failed to rollover index [index=metricbeat-7.9.1-2020.11.26]"
}
Why is this happening? How can I fix this?
Thanks in advance.