How do I turn off the .opendistro-alerting-alert-history index alerts in my Amazon OpenSearch Service cluster?
2 minute read
There are .opendistro-alerting-alert-history indices being created in my Amazon OpenSearch Service cluster. Why is this happening and how do I turn off the .opendistro-alerting-alert-history index alerts?
OpenSearch Service Alerting feature
When you turn on the alerting feature in OpenSearch Service, the .opendistro-alerting-alert-history indices are created along with an alias. The alerting feature notifies users when the search criteria is met for the documents in the indices.
The monitoring configurations are stored in the .opendistro-alerting-config index, while daily alerts are stored in the .opendistro-alerting-alerts index. The .opendistro-alerting-alerts index then is rolled over daily to an Alerting history index. The .opendistro-alerting-alert-history- indices begin to populate as soon as the monitor is created and the search criteria is met.
Note: To delete or modify the content of any indices, use the alerting APIs. For more information about the alerting feature, see Alerting API and Alerting indices on the Open Distro website.
Turn off the daily creation of indices
To turn off the creation of the .opendistro-alerting-alert-history- indices, perform the following steps:
1. Go to the OpenSearch Dashboards Alerting tab.
2. Delete any monitors.
3. Delete all the alerts for the .opendistro-alerting-alert-history indices:
4. Turn off the creation of the Alerting history:
Removing old .opendistro-alerting-alert-history indices while monitoring data
You can remove older Alerting history indices while using the monitoring feature. Your monitor configuration will not be impacted.
Note: If you delete the history index for a specific day, only the Alerting history for that day is removed.