Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Solved Go to solution

Metron ElasticSearch too many indexes

Labels:
avatar
author-rank nnat25191
Expert Contributor

Created ‎11-27-2017 03:06 PM

Hi,

I have a cluster of Metron running, by default a new index is roll out each hour per topic. After a month worth of indexes, Kibana dashboard is a bit slow when querying ElasticSearch. Is there a way to configure or combine these indexes so that the query is a bit faster?

I believe Metron is designed to have long term data storage, is a month worth of data too long? Have anyone uses Metron to store data longer than that or experience in tuning for the best use case in term of time or the number of Elastic indexes?

Any guidance is greatly appreciated.

1,819 Views
0 Kudos
0
1 ACCEPTED SOLUTION

avatar
author-rank rmerriman
Contributor

Created ‎11-28-2017 03:11 PM

You should be able to change the "es.date.format" in the global config to something less granular than each hour. For example, you could change the default of ""yyyy.MM.dd.HH" to ""yyyy.MM.dd" which would cause the indexes to roll every day instead. See this section in the READMEs for more info: https://github.com/apache/metron/tree/master/metron-platform/metron-common#global-configuration.

View solution in original post

1,559 Views
0 Kudos
0
3 REPLIES 3

avatar
author-rank rmerriman
Contributor

Created ‎11-28-2017 03:11 PM

You should be able to change the "es.date.format" in the global config to something less granular than each hour. For example, you could change the default of ""yyyy.MM.dd.HH" to ""yyyy.MM.dd" which would cause the indexes to roll every day instead. See this section in the READMEs for more info: https://github.com/apache/metron/tree/master/metron-platform/metron-common#global-configuration.

1,560 Views
0 Kudos
0

avatar
author-rank nnat25191
Expert Contributor

Created ‎11-30-2017 08:36 PM

Thank you so much @rmerriman

shame on me I was not aware of this global.json configuration file at all.

1,559 Views
0 Kudos

avatar
author-rank nnat25191
Expert Contributor

Created ‎12-01-2017 09:32 PM

BTW, I realized the file global.json gets overwritten by metron/config on Ambari. There's a section called global.json template

Just in case someone might find it useful.

1,559 Views
0 Kudos
Announcements
Community Announcements
February 2025 Community Highlights
What's New @ Cloudera
[RELEASED] Cloudera Streaming Analytics - Kubernetes Operato...
What's New @ Cloudera
[RELEASED] Cloudera Streams Messaging - Kubernetes Operator ...
What's New @ Cloudera
3 Benefits of External IDE Connectivity, Now Available in Cl...
What's New @ Cloudera
Performance comparison of Spark3 on YARN with S3 Standard VS...
View More Announcements