Cross Cluster Replication (CCR) is a powerful feature in Elasticsearch that facilitates seamless data migration and disaster recovery by allowing real-time replication of data from a remote source cluster to a target cluster. In this guide, we’ll cover setting up CCR to migrate data from a Remote Cluster in Singapore to a Local Cluster in Mumbai. Continue reading “Setup Cross Cluster Replication for Data migration in Elasticsearch”
Tag: ElasticSearch
Your Guide for Patching Elastic Search!
What is Patching?
A patch is a set of updates to a server or its supporting data designed to update, fix and improve, including fixing security vulnerabilities and other bugs. They may be applied to program files on a storage device or in computer memory. Patches may be permanent or temporary.
In a brief overview, you need to perform the following tasks for patch management:
1. Create a patch catalog.
2. Analyze the target to determine the patches that need to deploy.
3. Deploy the required patches to targets requiring remediation.
4. Analyze the targets again to ensure each server has the correct patch.
Elasticsearch Backup and Restore in Production
We were fortunate enough to get an opportunity to do an Elasticsearch cluster snapshot and restore on a production highly active cluster. The indices we needed to restore were around 2 – 3 TB in size.
Our task was to take a snapshot from an old cluster (v 6.4.2) which had several huge indices and restore a few of them to a new cluster (v7.9.2). This endeavour was supposed to bring the load down from the old cluster.
Continue reading “Elasticsearch Backup and Restore in Production”
Elastic SIEM – An Event Tracking Feature
Torture the data, and it will confess to anything.
Ronald Coase
WHAT IS ELASTIC SIEM
Elastic SIEM (Security Information and Event Management) is a new feature provided by Elastic NV. Using Elastic SIEM we can track and maintain important events that concern us.
Events are actions that reflect something that has happened.
Elasticsearch Cluster Monitoring
Elasticsearch is a scalable, full-text search and analytics engine based on Apache Lucene. It is Java-based and allows you to store, search, and analyze big volumes of data quickly in near real-time. It can search and index the document files in diverse formats. Lucene is the underlying technology that Elasticsearch uses for extremely fast data retrieval.
As flexible, scalable, and useful as Elasticsearch is, monitoring your cluster can help you ensure that the cluster is appropriately sized and handles all operations efficiently.