From 19795beb377ecc6fef9c2d7752b7597917e757e1 Mon Sep 17 00:00:00 2001
From: jurgenhaas <juergen@paragon-es.de>
Date: Mon, 1 Feb 2021 16:32:10 +0100
Subject: [PATCH] ansible-inventories/gentner#2369 Document re-indexing in
 ElasticSearch

---
 docs/ansible/wiki/elk/introduction.md |  8 +--
 docs/ansible/wiki/elk/re-indexing.md  | 84 +++++++++++++++++++++++++++
 2 files changed, 88 insertions(+), 4 deletions(-)
 create mode 100644 docs/ansible/wiki/elk/re-indexing.md

diff --git a/docs/ansible/wiki/elk/introduction.md b/docs/ansible/wiki/elk/introduction.md
index 40b8c6f..7f2c0f7 100644
--- a/docs/ansible/wiki/elk/introduction.md
+++ b/docs/ansible/wiki/elk/introduction.md
@@ -5,10 +5,10 @@ tags:
 ---
 # ElasticSearch
 
-- [Introduction](elk/introduction)
-- [Collecting Data](elk/fluentd)
-- [UI to view the data](elk/kibana)
-- [Alerts on Log Data](monitoring/alerts-elk)
+- [Collecting Data](fluentd)
+- [UI to view the data](kibana)
+- [Alerts on Log Data](../monitoring/alerts-elk)
+- [Re-Indexing a broken index](re-indexing)
 
 Log data from the OS and selected applications is generated on the server farm on many different places and we are aggregating all of that data in ElasticSearch so that we can analyse the systems when ever needed but also to be able to raise alerts if something is going wrong.
 
diff --git a/docs/ansible/wiki/elk/re-indexing.md b/docs/ansible/wiki/elk/re-indexing.md
new file mode 100644
index 0000000..507a467
--- /dev/null
+++ b/docs/ansible/wiki/elk/re-indexing.md
@@ -0,0 +1,84 @@
+---
+title: Ansible Wiki ELK Re-Indexing
+tags:
+- ansible
+---
+# Re-index ElasticSearch Index
+
+Sometimes an index gets broken and here is how this can be repaired following
+this [great guide](https://www.thirdrocktechkno.com/blog/6-steps-to-reindex-elasticsearch-data)
+
+We use `$IDX` for the existing, e.g. broken index and `$IDXNEW` for the new one.
+
+## Show number of records for all indexes
+
+```shell
+curl -X GET 'http://${ELUSER}:${ELPASS}@localhost:9200//_cat/indices/%2A?v=&s=index:desc'
+```
+
+## Create new index with mappings
+
+```shell
+curl -X PUT http://${ELUSER}:${ELPASS}@localhost:9200/$IDXNEW \
+  -H 'Content-Type: application/json' \
+  -d '{
+    "mappings": {
+      "properties": {
+        [PROVIDE THE MAPPING HERE]
+      }
+    }
+  }'
+```
+
+## Re-index from old to new index
+
+```shell
+curl -X POST http://${ELUSER}:${ELPASS}@localhost:9200/_reindex \
+  -H 'Content-Type: application/json' \
+  -d '{
+    "source": {
+      "index": "$IDX"
+    },
+    "dest": {
+      "index": "$IDXBEW"
+    }
+  }'
+```
+
+## Delete the old index
+
+```shell
+curl -X DELETE http://${ELUSER}:${ELPASS}@localhost:9200/$IDX
+```
+
+## Delete and recreate alias
+
+```shell
+curl -X POST http://${ELUSER}:${ELPASS}@localhost:9200/_aliases \
+  -H 'Content-Type: application/json' \
+  -d '{
+    "actions": [
+      {
+        "remove": {
+          "index": "$IDXNEW",
+          "alias": "$IDX"
+        }
+      }
+    ]
+  }'
+```
+
+```shell
+curl -X POST http://${ELUSER}:${ELPASS}@localhost:9200/_aliases \
+  -H 'Content-Type: application/json' \
+  -d '{
+    "actions": [
+      {
+        "add": {
+          "index": "$IDXNEW",
+          "alias": "$IDX"
+        }
+      }
+    ]
+  }'
+```
-- 
GitLab