No idea what can be wrong? Is it purhaps the version of ElasticSearch?
Greeting
Am Donnerstag, 24. März 2016 07:21:12 UTC+1 schrieb Steve Miller:
>
> Hello
>
> The *ElasticSearch Version is 1.7.1 *andthis is the current script
>
> #!/bin/sh
> FDATE=`date +"%F %H:%M:%S.000" --date="60 days ago"`
> TDATE=`date +"%F %H:%M:%S.000" --date="0 days ago"`
>
> RANGE='{
> "query": {
> "filtered": {
> "query": {
> "query_string": {
> "query": "level:7",
> "allow_leading_wildcard": false
> }
> },
> "filter": {
> "bool": {
> "must": {
> "range": {
> "timestamp": {
> "from": "'${FDATE}'",
> "to": "'${TDATE}'",
> "include_lower": true,
> "include_upper": true
> }
> }
> }
> }
> }
> }
> }
> }'
> /usr/bin/curl -v3 -H "Content-Type: application/json" -XDELETE "
> http://127.0.0.1:9200/graylog2_*/message/_query"; -d "${RANGE}"
>
> with this output
>
> * About to connect() to 127.0.0.1 port 9200 (#0)
> * Trying 127.0.0.1... connected
> * Connected to 127.0.0.1 (127.0.0.1) port 9200 (#0)
> > DELETE /graylog2_*/message/_query HTTP/1.1
> > User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7
> NSS/3.19.1 Basic ECC zlib/1.2.3 libidn/1.18 libssh2/1.4.2
> > Host: 127.0.0.1:9200
> > Accept: */*
> > Content-Type: application/json
> > Content-Length: 523
> >
> < HTTP/1.1 200 OK
> < Content-Type: application/json; charset=UTF-8
> < Content-Length: 203
> <
> * Connection #0 to host 127.0.0.1 left intact
> * Closing connection #0
> {"_indices":{"graylog2_3":{"_shards":{"total":4,"successful":4,"failed":0}},"graylog2_2":{"_shards":{"total":4,"successful":4,"failed":0}},"graylog2_4":{"_shards":{"total":4,"successful":4,"failed":0}}}}[blcrood@blx-lm00
>
> scripts]$
>
> I hope this help.
>
> Thank you very much.
>
> Greeting
> Steve
>
>
> Am Mittwoch, 23. März 2016 17:27:31 UTC+1 schrieb Jochen Schalanda:
>>
>> Hi Steve,
>>
>> which version of Elasticsearch are you using and what's the exact reply
>> of Elasticsearch when running your script?
>>
>> Cheers,
>> Jochen
>>
>> On Wednesday, 23 March 2016 15:57:23 UTC+1, Steve Miller wrote:
>>>
>>> Hello
>>>
>>> I have this Bash-Script to delete messages for the ElasticSearch Server.
>>>
>>> #!/bin/sh
>>> FDATE=`date +"%F %H:%M:%S.000" --date="60 days ago"`
>>> TDATE=`date +"%F %H:%M:%S.000" --date="0 days ago"`
>>>
>>> RANGE='{
>>> "query": {
>>> "filtered": {
>>> "query": {
>>> "query_string": {
>>> "query": "level:7",
>>> "allow_leading_wildcard": false
>>> }
>>> },
>>> "filter": {
>>> "bool": {
>>> "must": {
>>> "range": {
>>> "timestamp": {
>>> "from": "'${FDATE}'",
>>> "to": "'${TDATE}'",
>>> "include_lower": true,
>>> "include_upper": true
>>> }
>>> }
>>> }
>>> }
>>> }
>>> }
>>> }
>>> }'
>>> /usr/bin/curl -v3 -H "Content-Type: application/json" -XDELETE "
>>> http://127.0.0.1:9200/graylog2_*/message/_query"; -d "${RANGE}"
>>>
>>> I can run this script and have no error messages, but no messages will
>>> be deleted.
>>>
>>> Has anyone any idea what could be the problem?
>>>
>>> cheers
>>> Steve
>>>
>>> PS: When i run the same query with XGET then i have total hits over
>>> 100'000
>>>
>>
--
You received this message because you are subscribed to the Google Groups
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/graylog2/f294c8f9-0932-4beb-8e92-4677e16f0cda%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
