In this article, I will show you how to delete all Elasticsearch Red Status Indices in 3 Easy Steps. Many times it so happens that your Elasticsearch will go down due to some reasons or it might not start properly if you perform reboot operation. In those cases you will see your cluster status as Red until all the shards becomes active and Indices status turns to Green. Since I already have covered about unassigned shards on How to delete Elasticsearch Unassigned Shards in 4 Easy Steps so in this article we will look upon How to delete Elasticsearch Red Status Indices to turn your Cluster status Green.

As might be aware Cluster has 3 status: Red, Yellow and Green. Below is the meaning of this states. You can check more about this on Cluster Health API.

• Red : This status indicates that shards are not allocated to the Cluster.
• Yellow : This status indicates that Primary shard is allocated but Replicas are not.
• Green : This status indicates that all shards are allocated to the Cluster.

Delete Elasticsearch Red Status Indices

Also Read: Tutorial: How to do Elasticsearch Backup and Restore(v7.5)

Step 1: List all Elasticsearch Red Status Indices

Firstly you need to find the red status Indices by using below curl query. You can use _cat/indices query with curl command to get all the Elasticsearch Red Status Indices. You can also check the size of the indices here.

[root@localhost ~]# curl -XGET localhost:9200/_cat/indices?pretty=true
green  open test-2017.05.23   3 2 280569   0 1gb     350.4mb
red    open test-2017.05.08   3 2 29245    0 7.4mb   3.7mb
red    open test-2017.05.16-1 3 2 72460852 0 51.4mb  20.6mb
red    open test-2017.05.14-1 3 2 80319877 0 57.7mb  23.1mb
green  open test-2017.05.24   3 2 174832   0 678.9mb 227.3mb
yellow open test-2017.05.21   3 2 280590   0 695mb   345.8mb
yellow open test-2017.05.22   3 2 280617   0 703.6mb 351mb
yellow open test-2017.02-10   3 2 2620624  0 7.5mb   3.2mb
red    open test-2017.05.09   3 2 56510    0 10.8mb  7.2mb
green  open test-2017.05.27   3 2 16623    0 98mb    32.5mb
green  open test-2017.05.25   3 2 279663   0 1gb     350.8mb
red    open test-2017.05.18-1 3 2 70910501 0 50.3mb  20.1mb
green  open test-2017.05.26   3 2 414002   0 946.2mb 385.6mb
red    open test-2017.05.10-1 3 2 79861911 0 34.5mb  23mb
red    open test-2017.05.12-1 3 2 80276928 0 34.6mb  23mb

Step 2: Delete all Elasticsearch Red Status Indices

Now we need to delete all Elasticsearch red status indices one by one using below curl query. You can also use some kind of script to delete these metrics if you find a pattern in it. Since here there are no pattern in the indices so we are deleting it manually by using curl query. As you can see from below output if deletion is successful then you will get "acknowledged" : true in the output. You need to make sure that all the curl query should give this acknowledgement for successful deletion operation.

[root@localhost ~]# curl -XDELETE localhost:9200/test-2017.05.10
{"acknowledged":true}
[root@localhost ~]# curl -XDELETE localhost:9200/test-2017.05.12
{"acknowledged":true}
[root@localhost ~]# curl -XDELETE localhost:9200/test-2017.05.13
{"acknowledged":true}
[root@localhost ~]# curl -XDELETE localhost:9200/test-2017.05-10
{"acknowledged":true}
[root@localhost ~]# curl -XDELETE localhost:9200/test-2017.05.17
{"acknowledged":true}
[root@localhost ~]# curl -XDELETE localhost:9200/test-2017.05.14
{"acknowledged":true}
[root@localhost ~]# curl -XDELETE localhost:9200/test-2017.05.09-1
{"acknowledged":true}
[root@localhost ~]# curl -XDELETE localhost:9200/test-2017.05.15
{"acknowledged":true}
[root@localhost ~]# curl -XDELETE localhost:9200/test-2017.05.18
{"acknowledged":true}
[root@localhost ~]# curl -XDELETE localhost:9200/test-2017.05.17-1
{"acknowledged":true}
[root@localhost ~]# curl -XDELETE localhost:9200/test-2017.05.15-1
{"acknowledged":true}
[root@localhost ~]# curl -XDELETE localhost:9200/test-2017.05.09
{"acknowledged":true}
[root@localhost ~]# curl -XDELETE localhost:9200/test-2017.05.08
{"acknowledged":true}
[root@localhost ~]# curl -XDELETE localhost:9200/test-2017.05.11-1
{"acknowledged":true}
[root@localhost ~]# curl -XDELETE localhost:9200/test-2017.05.13-1
{"acknowledged":true}

Step 3: Verify Elasticsearch Red Status Indices

After deleting all Red Status Indices you can again check the status by running below curl query where you can grep the red status Indices and check if anything else remains. Now you can check the Cluster status and confirm if you see any other indices causing any issue. Sometimes you might need to wait before the Cluster status changes green depends on the total size of the indices you have.

[root@localhost ~]# curl -XGET localhost:9200/_cat/indices | grep -i red

Popular Recommendations:-

How to declare global variables in Python

How to Install KVM Server tools(virsh) on Linux(RHEL/CentOS 7/8) in 6 Easy Steps

10 Popular Examples of sudo command in Linux(RedHat/CentOS 7/8)

How to Install and Use telnet command in Linux (RedHat/Linux 7/8) using 5 Easy Steps

12 Most Popular rm command in Linux with Examples

Create a Self Signed Certificate using OpenSSL

How to Resize qcow2 Image Using virt-resize and qemu-img(KVM tools) in 6 Easy Steps