Issue in Elasticsearch index

Question

I am using Elasticsearch 2.0 and logstash 1.5.4 for my project, the moment I have upgraded the elasticsearch version from 1.7 to 2.0, its showing some garbage indexes in my elasticsearch.

[root@site1 ~]# curl 'localhost:9200/_cat/indices?v'
health status index                         pri rep docs.count docs.deleted store.size pri.store.size
green  open   servlet                         5   1          0            0      1.5kb           780b
green  open   topic                           5   1          0            0      1.5kb           780b
green  open   formmail.pl                     5   1          0            0      1.5kb           780b
green  open   account                         5   1          0            0      1.5kb           780b
green  open   vrowea1.html                    5   1          0            0      1.5kb           780b
green  open   login.php                       5   1          0            0      1.5kb           780b
green  open   webui                           5   1          0            0      1.5kb           780b
green  open   recordings                      5   1          0            0      1.5kb           780b
green  open   something                       5   1          0            0      1.5kb           780b
green  open   comersus_backoffice_login.php   5   1          0            0      1.5kb           780b
green  open   shopsearch.asp                  5   1          0            0      1.5kb           780b
green  open   lcds                            5   1          0            0      1.5kb           780b
green  open   logstash-2015.11.28             5   1      21475            0     19.2mb          9.7mb
green  open   index.php                       5   1          0            0      1.5kb           780b
green  open   kb.cgi                          5   1          0            0      1.5kb           780b
green  open   admin                           5   1          0            0      1.5kb           780b
green  open   samba                           5   1          0            0      1.5kb           780b
green  open   ngarwg1.html                    5   1          0            0      1.5kb           780b
green  open   nwpgav1.html                    5   1          0            0      1.5kb           780b
green  open   mod.php                         5   1          0            0      1.5kb           780b
green  open   gw                              5   1          0            0      1.5kb           780b
green  open   msadc                           5   1          0            0      1.5kb           780b
green  open   phppath                         5   1          0            0      1.5kb           780b
green  open   blazeds                         5   1          0            0      1.5kb           780b
green  open   formmail                        5   1          0            0      1.5kb           780b
green  open   messagebroker                   5   1          0            0      1.5kb           780b
green  open   spipe                           5   1          0            0      1.5kb           780b
green  open   getpassword.php                 5   1          0            0      1.5kb           780b
green  open   smbshr.pl                       5   1          0            0      1.5kb           780b
green  open   flex2gateway                    5   1          0            0      1.5kb           780b
green  open   perl                            5   1          0            0      1.5kb           780b
green  open   .kibana                         1   1          2            0     37.2kb         18.6kb
green  open   scripts                         5   1          0            0      1.5kb           780b
green  open   pspsgw1.html                    5   1          0            0      1.5kb           780b
green  open   sagrsn1.html                    5   1          0            0      1.5kb           780b
green  open   cgi-bin                         5   1          0            0      1.5kb           780b
green  open   sovgoe1.html                    5   1          0            0      1.5kb           780b
green  open   gwvron1.html                    5   1          0            0      1.5kb           780b

It is supposed to show only 'logstash-2015.11.28' as a index.

Can anyone advice whats wrong here?

Thanks in advance!!

Answer 1

Looks like nessus or some other similar probe tool got access to your elasticsearch instance. That was the source of this exact list of "unexpected" indexes on my environment.