How do I disable the .opendistro-alerting-alert-history index alerts in my Amazon OpenSearch Service cluster?
Last updated: 2021-10-21
There are .opendistro-alerting-alert-history indices being created in my Amazon OpenSearch Service cluster. Why is this happening and how do I disable the opendistro-alerting-alert-history index alerts?
Resolution
OpenSearch Service Alerting feature
When you enable the alerting feature in OpenSearch Service, the .opendistro-alerting-alert-history indices are created along with an alias. The alerting feature notifies users when the search criteria is met for the documents in the indices.
The monitoring configurations are stored in the .opendistro-alerting-config index, while daily alerts are stored in the .opendistro-alerting-alerts index. The .opendistro-alerting-alerts index then is rolled over daily to an Alerting history index. The .opendistro-alerting-alert-history-
Note: To delete or modify the content of any indices, use the alerting APIs. For more information about the alerting feature, see Alerting and Alerting indices on the Open Distro website.
Disabling the daily creation of indices
To disable the creation of the .opendistro-alerting-alert-history-
1. Go to the OpenSearch Dashboards Alerting tab.
2. Delete any monitors.
3. Delete all the alerts for the .opendistro-alerting-alert-history indices:
DELETE /.opendistro-alerting-alert-history-*4. Disable the creation of the Alerting history:
PUT _cluster/settings
{
"persistent": {
"opendistro.alerting.alert_history_enabled":"false"
}
}Removing old opendistro-alerting-alert-history indices while monitoring data
You can remove older Alerting history indices while using the monitoring feature. Your monitor configuration will not be impacted.
Note: If you delete the history index for a specific day, only the Alerting history for that day is removed.
Amazon OpenSearch Service is the successor to Amazon Elasticsearch Service.
Related information
Did this article help?
Do you need billing or technical support?