Elasticsearch Misuse of Wildcards in OpenSearch

By Opster Team

Updated: Jun 27, 2023

| 1 min read

Overview

It is possible to reduce the risk of accidental deletion of indices by preventing the use of wildcard for destructive (deletion) operations.

How to fix the issue

To check whether this setting exists on the cluster, run:

GET /_cluster/settings/action*

Look for a setting called:

action.destructive_requires_name

To apply this setting use:

PUT /_cluster/settings
{
  "transient": {
	"action.destructive_requires_name":true

  }
}

To remove this setting use:

PUT /_cluster/settings
{
  "transient": {
	"action.destructive_requires_name":false

  }
}

Note that this setting can also be applied on each node via the opensearch.yml file, but the cluster setting will take priority over any individual node settings.

Related Articles

Back to all articles
Opster
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.