I'm doing some work on our Elasticseatch cluster. Problem is, I can see from the logs that something from a previous setup is doing a daily run at 10pm to close indices once they are a month old, and this is going to interfere with the new setup.
I've asked around everyone I can think of, but nobody has any knowledge of what's running this scheduled job. I'm assuming it's just some box somewhere running some elasticsearch-curator commands on a cron schedule or similar, but I don't have any idea how to find the source.
Q: Is there any way to find out what machine is sending elasticsearch-curator commands to our Elasticsearch cluster?
Any advice? I'm pretty new to this sort of work, only started in this team a few months ago coming from a help desk background, so my knowledge and understanding of these areas is still limited.
Thanks!
If you check the Elasticsearch logs at that time, you may be able to find out the client IP address where those requests are originating from, but otherwise I can't think of any other way to trace them.