elasticspectre — Elasticsearch and OpenSearch waste auditor. Part of SpectreHub.
- Audits Elasticsearch and OpenSearch clusters for stale indices, shard sprawl, and missing lifecycle policies
- Detects unassigned shards, oversized shards, replica waste, and frozen candidates
- Checks snapshot policies and authentication status
- Estimates storage and heap savings per finding
- Outputs text, JSON, and SpectreHub formats
- Not a monitoring tool — point-in-time auditor
- Not a remediation tool — reports only, never modifies the cluster
- Not a performance tuner — flags waste, not query optimization
- Not a security scanner — checks auth status, not RBAC
brew tap ppiankov/tap
brew install elasticspectregit clone https://github.com/ppiankov/elasticspectre.git
cd elasticspectre
make buildelasticspectre audit --url http://localhost:9200 --format json| Command | Description |
|---|---|
elasticspectre audit |
Audit cluster for waste and hygiene issues |
elasticspectre init |
Generate config file |
elasticspectre version |
Print version |
elasticspectre feeds Elasticsearch/OpenSearch waste findings into SpectreHub for unified visibility across your infrastructure.
spectrehub collect --tool elasticspectreelasticspectre operates in read-only mode. It inspects and reports — never modifies, deletes, or alters your indices.
| Document | Contents |
|---|---|
| CLI Reference | Full command reference, flags, and configuration |
MIT — see LICENSE.
Built by Obsta Labs