featured.png

ELK Stack Cheatsheet

Table of Contents

你知道吗:其实 Kibana 这个名字是机翻来的“小木屋”

Elasticsearch

REST API

  • use ?pretty for pretty json response.

Stats

curl http://<Elasticsearch Host>:<REST API Port>/_nodes/stats?pretty

Cluster

Shard
Move Shard from Node to Node
curl -XPOST -H 'Content-Type: application/json' \
'http://<Elasticsearch Host>:<REST API Port>/_cluster/reroute?pretty' -d '{
  "commands":[{
  "move":{
    "index":"<index name>",
    "shard":<shard #>,
    "from_node":"node-2",
    "to_node":"node-1"
}}]}'
Template (Index Default)
Set per Index Shard Count, Max Shard Count per Node, Number of Replicas
# set default shard count for 3 nodes, replica * 1, each node has 3 shard

curl -XPUT -H 'Content-Type: application/json' \
'http://<Elasticsearch Host>:<REST API Port>/_template/index_defaults?pretty' -d '{
    "template": "*", 
    "settings": {
        "index.routing.allocation.total_shards_per_node": 3,
        "index.number_of_shards": 3,
        "number_of_replicas": "1"
    }
}'
Disable Future Replicas
# no replicas in future

curl -XPUT -H 'Content-Type: application/json' \
'http://<Elasticsearch Host>:<REST API Port>/_template/index_defaults?pretty' -d '{
  "template": "*", 
  "settings": {
    "number_of_replicas": "0"
  }
}'
Adaptive Replica Selection
# https://www.elastic.co/guide/en/elasticsearch/reference/6.8/search.html#search-adaptive-replica
# https://www.elastic.co/cn/blog/improving-response-latency-in-elasticsearch-with-adaptive-replica-selection
# rank: lower is better
curl -XPUT -H 'Content-Type: application/json' \
'http://<Elasticsearch Host>:<REST API Port>/_cluster/settings?pretty' -d '{
    "transient": {
        "cluster.routing.use_adaptive_replica_selection": true
    }
}'

Settings

Index Settings
Disable and Delete All Replicas
# DISABLE and DELETE ALL indices' replicas 
curl -XPUT -H 'Content-Type: application/json' \
'http://<Elasticsearch Host>:<REST API Port>/_settings' -d '
{
    "index" : {
        "number_of_replicas" : 0
    }
}'

Per Index

Per Index Settings
DISABLE and DELETE one index’s replicas
# DISABLE and DELETE one index's replicas
curl -XPUT -H 'Content-Type: application/json' \
'http://<Elasticsearch Host>:<REST API Port>/<index name>/_settings' -d '
{
  "index" : {
    "number_of_replicas" : 0
  }
}'

Metadata

curl -XPUT -H 'Content-Type: application/json' \
'http://<Elasticsearch Host>:<REST API Port>/_cluster/settings?pretty' -d '{
"persistent": {
    "cluster.metadata.administrator" : "nemo",
    "cluster.metadata.administrator.email" : "[email protected]"
    }
}'

Python Bindings

[WIP]

Nemo Xiong avatar
Nemo Xiong
ex-Cybersecurity Executor, now a student in Unimelb

Related

comments powered by Disqus