Replies: 2 comments
-
In case someone else is looking for answers: |
Beta Was this translation helpful? Give feedback.
-
Now that Operator 2.5.1 was released, I was able to test creating my ISM policies again and it creates perfectly but appears to have a bug in detecting if a policy already exists. I see an error repeating in events: 0s Warning OpensearchAPIError opensearchismpolicy/auditlog-cleanup failed to get policy from Opensearch API |
Beta Was this translation helpful? Give feedback.
-
I am creating an ism policy to delete all security-auditlog-* indexes after 7 days as cleanup of these logs is not available by default. I see that creation of ism policies is now part of the newest operator version (though not yet part of a release). I deployed the operator via source rather than the v2.4 version so it would include these crd and while I don't get any errors, the ISM Policy doesn't get created.
To note, my cluster is in the "opensearch" namespace and the cluster name is "opensearch-cluster-1". After this is run, I don't see any difference in the cluster including when I look for ISM Policy definitions.
GET _opendistro/_ism/policies
{
"policies": [],
"total_policies": 0
}
I don't think this is due to timing because it doesn't matter how long I wait and I know this is new functionality as of November 2023 but I have an environment deployed with flux and this is the most seamless way to create this policy on current and future clusters.
Anyone else having this issue? Do you see anything I'm doing wrong? Anything to suggest trying? All help appreciated!
Beta Was this translation helpful? Give feedback.
All reactions