Elasticsearch Misuse of Wildcards

By Opster Team

Updated: Mar 21, 2023

| 1 min read

Before you dig into the details of this technical guide, have you tried asking OpsGPT?

You'll receive concise answers that will help streamline your Elasticsearch/OpenSearch operations.


Try OpsGPT now for step-by-step guidance and tailored insights into your Elasticsearch/ OpenSearch operation.

In addition to reading about the misuse of wildcards in Elasticsearch, we recommend you run the Elasticsearch Health Check-Up. It will detect issues and improve your Elasticsearch performance by analyzing your shard sizes, threadpools, memory, snapshots, disk watermarks and more.

Before you dig into the details of this guide, have you tried asking OpsGPT? You’ll receive concise answers that will help streamline your Elasticsearch/OpenSearch operations.

Try OpsGPT now for step-by-step guidance and tailored insights into your search operation.

Overview

It is possible to reduce the risk of accidental deletion of indices by preventing the use of wildcard for destructive (deletion) operations.

How to fix the issue

To check whether this setting exists on the cluster, run:

GET /_cluster/settings/action*

Look for a setting called:

action.destructive_requires_name

To apply this setting use:

PUT /_cluster/settings
{
  "transient": {
	"action.destructive_requires_name":true

  }
}

To remove this setting use:

PUT /_cluster/settings
{
  "transient": {
	"action.destructive_requires_name":false

  }
}

Note that this setting can also be applied on each node via the elasticsearch.yml file, but the cluster setting will take priority over any individual node settings.

How helpful was this guide?

We are sorry that this post was not useful for you!

Let us improve this post!

Tell us how we can improve this post?

Get expert answers on Elasticsearch/OpenSearch

Try OpsGPT Now

Related Articles

Back to all articles