Cluster statuses
The cluster status indicates the overall health of your data storage and is determined across different levels:
Shard level – Each shard reports its own status.
Index level – Reflects the status of the shard in the worst condition.
Cluster level – Reflects the status of the index with the worst condition.
Note
The cluster status is displayed in the the System > Overview page.
As a result, the cluster can show a red status even if only one shard or index has a problem, while the rest are healthy.
Security Data Lake checks the status of the current write index during message indexing. If the index status is green or yellow, Security Data Lake will continue writing messages, regardless of the overall cluster status.
Status levels
Status | Description |
|---|---|
Red | Some or all primary shards are unavailable. In this state, searches cannot be performed until all primary shards are restored. |
Yellow | All primary shards are available, but one or more replica shards are missing. If your index configuration sets a replication count equal to or greater than the number of nodes, the cluster cannot reach green. This can usually be fixed by either adding another OpenSearch node or reducing the replication factor. |
Green | The cluster is fully operational. All primary and replica shards are available and functioning correctly. |