- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I have a massive summary index that contains multiple searches that I have selected to use acceleration.
Instead of deleting the summary index, if I deleted all the searches inside the index, would it delete the summary as well?
Thanks
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
There are no "searches" stored inside a summary index. The summary index contains the results of populating searches that have been run in the past. If you disable the populating searches, so that they no longer run on a schedule, you will stop adding new data to the summary index.
This will not delete the data in the summary index however; it would still exist until it ages out based on the index settings. While you could try to figure out which populating searches created which events and then delete them - it probably isn't worth the effort: the delete command does not recover the disk space.
I recommend that you
1) set up the new searches that you need, and use report acceleration
2) disable the unneeded searches that populate and report on the summary index
3) over time, the data in the summary index will age out, and only the actual summary information that you continue to use will remain
If you want, you can set the summary index settings to restrict the amount of space used by the summary index, or to set time-based retention. These settings are the same for a summary index as any other index, and can be set in indexes.conf
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
There are no "searches" stored inside a summary index. The summary index contains the results of populating searches that have been run in the past. If you disable the populating searches, so that they no longer run on a schedule, you will stop adding new data to the summary index.
This will not delete the data in the summary index however; it would still exist until it ages out based on the index settings. While you could try to figure out which populating searches created which events and then delete them - it probably isn't worth the effort: the delete command does not recover the disk space.
I recommend that you
1) set up the new searches that you need, and use report acceleration
2) disable the unneeded searches that populate and report on the summary index
3) over time, the data in the summary index will age out, and only the actual summary information that you continue to use will remain
If you want, you can set the summary index settings to restrict the amount of space used by the summary index, or to set time-based retention. These settings are the same for a summary index as any other index, and can be set in indexes.conf
