Is there any other way to create policies without using API?. Like, can I copy my policies to a provided path and later put them via config.
And later I will use these policies in my template.
I din’t find any settings or configurations in Opendistro Documentation.
You could use curl with the api from the command lie.
@tony I want to make it available during provisioning coz I have multiple env/stages with as many as 4 templates and 4 policies to work upon, as I said I wanted to know, any other options, where can I place my policies and templates in any folder and them to be picked up on provided configs if any.!
I have parked script with curl as the last option.
Not that I know off, when we provision our clusters we have a python script that runs through our git repo for the clients configs and curl’s each one into the cluster once it is running. On the licensed clusters we use the elasticsearch python module to load them.
n.b Originally I thought you just wanted a way to load them outside of dev tools.
@tony Yes, I want to load them outside dev tools. Logstash Output plugin has field to provide template path and template_name, but no field to provide policy path, and the same is the case for OpenDistro(do not provide any settings for providing template path and policy path - only have to use API (dev tools) or curl).
This is down to cluster management, would you want to setup all your templates on a node when you add it to a cluster? You would then have to have a system in place to keep them all up to-date on all nodes. Let the cluster hold them internally then you only have to update them in one place.
Logstash is a standalone product which they are treating like the beats products. You can deploy logstash with a template that it uses and publishes to the cluster, or just use one that is already in the cluster (my preferred method) and call that.
With ISM you specify one that is in the cluster that already exists, these will tend to be quite static anyway so you wouldn’t need to change them very often, again if it’s in the cluster you change it in one place no need to have a system in place to update it on all your logstash nodes.
Have all your templates in a central repo that your script traverses through and load into the cluster.