Elastic Search

How Do I Set Up Elasticsearch Curator?

Elasticsearch curator, or simply curator, is a tool that allows you to manage your Elasticsearch cluster easily. Written in Python, the curator comes in handy when you need to manage your ELK indices and snapshots.

This guide will show you how to set up and configure the Elasticsearch curator for your ELK cluster.


Before installing curator on your system, ensure you have:

  1. Python installed and up to date.
  2. Internet access for your system.

Update your system

Start by updating your system. In this guide, we are using an Ubuntu 20.04 server

sudo apt update
sudo apt upgrade

Install Python3-Pip

To install the Elasticsearch curator, we first need to ensure we have pip installed. Use the command:

sudo apt install python3-pip -y

Installing Elasticsearch curator

Once we have pip installed and updated, we can install the Elasticsearch curator using the command:

pip3 install elasticsearch-curator

Setting up Curator Config file

The next step is to set up the configuration file for the Elasticsearch curator. By default, the configuration file is in the /home/user/.curator/curator.yml

Start by creating the directory:

mkdir ~/.curator

Next, create the curator.yml config file.

touch ~/.curator/curator.yml

Finally, add the configuration details that comprise the client connection and logging parameters.

The default entry is below:

 hosts: # define nosts
 port: 9200 # Elasticsearch port
 url_prefix: # set url prefix for example proxy. Leave empty for none
 use_ssl: false # use SSL? True or False
 certificate: # path to CA certificate => /path/to/ca/file
 client_cert: # path to client certificate
 client_key: # path to private SSL key
 ssl_no_validate: false # set true if elasticsearch is protected by SSL
 username: # HTTP Auth username
 password: # HTTP Auth password
 timeout: 30 # set timeout value
 master_only: false # install on every node or master only?

 loglevel: INFO # set log level such as CRITICAL, DEBUG, WARNING, or ERROR
 logfile: # path to the log file
 logformat: default # define log format => defualt format is as 2016-04-22 11:53:09,972 INFO      Action #1: ACTIONNAME
 blacklist: ['elasticsearch', 'urllib3'] # disables logs for elasticsearch and urllib3

NOTE: The comments are for documentation purposes only. Feel free to remove or modify them as necessary.

Save the file and close the editor.

Once completed, you can use curator as a python module or as a command-line utility:

For example, the following command shows the snapshots using the curator utility.

curator_cli show-snapshots


This guide shows you how to set up and configure the Elasticsearch curator tool to manage your cluster.

Check the following resource to learn more:

  1. Curator cli reference
  2. Curator python docs

Thank you for reading.

About the author

John Otieno

My name is John and am a fellow geek like you. I am passionate about all things computers from Hardware, Operating systems to Programming. My dream is to share my knowledge with the world and help out fellow geeks. Follow my content by subscribing to LinuxHint mailing list