Is there a way to forward the stored data from elasticsearch in syslog format to another system?
I don't think so. Anything can be done with code but at what expense and production time, an extensive text parsing could put it back together.
Since Elasticsearch stores in JSON and syslog is looking for a single string.
There may be a JSON to syslog tool but I am not aware of it.
I would try if possible to shoot two outputs from logstash one to elasticsearch and the other to syslog server.
In a rare case if we want to move away from Elasticsearch(which is being used for storing), how can we move data without data loss?
Elasticsearch dump works only if you are moving from one Elasticsearch node to another?
Is there a way to backup/move the data
You can use Logstash to do whatever you want.
Tribe nodes do federated search across ES clusters, they do not do this ^
You can use "Logstash" for this. It can move your data to both ES and other sources. Since the output worker is a single thread, you will need to run two configuration files and use tagging on your shipper file. Here's an example that you can follow.
Alternatively, you can use ES's GET API to read the data you need and write it to an output log file. This requires some scripting for reading and saving.
I stand corrected and removed post.
Thanks
Mark