Creating snapshot for a particular period. ( ex: 1-1-2017 to 31-12-2017)

sanjayap_sanju · January 24, 2018, 9:54am

Hi i am new to elasticsearch, was working on snapshot and restore of index. I was able to successfully take a snapshot and restore the entire index using the below query

PUT _snapshot/testindex_backup/16jan18
{
"indicies" : "testindex",
"ignore_unavailable" : "true",
"include_global_state" : "false"
}

But how can we take a snapshot of index with specific date

Scenario ; A index has data of 3 Years( i.e., 1-1-2015 to 31-12-2017 ), I want to take a snapshot of 1 year ( i.e., 1-1-2017 to 31-12-2017)

Could you help me with a query for a snapshot.

Thanks in advance

dadoonet · January 24, 2018, 10:09am

You can't do that. Snapshot and Restore is about a whole index whatever the data you have inside.
But you can use the reindex API to index in another index, like index-2017 and then snapshot this index.

sanjayap_sanju · January 25, 2018, 7:36am

Thanks for your response. In this case will reindex API give the exact 1 year data (i.e., 2017) out of 3 years of snapshot data(i.e., 2015 - 2017). Below the query we have used for reindexing the data from snapshot data(ticketanalysis) and reindexed to (new_ticketanalysis).

POST _reindex
{
  "source": {
    "index": "ticketanalysis",
    "type": "fs",
    "query": {
        "range" : {
            "@timestamp" : {
                "gte": "01/01/2017",
                "lte": "01/31/2017",
                "format": "MM/dd/yyyy||yyyy"
            }
        }
    }
  },
  "dest": {
    "index": "new_ticketanalysis"
  }
}

This is the output we got

{
  "took": 2,
  "timed_out": false,
  "total": 0,
  "updated": 0,
  "created": 0,
  "deleted": 0,
  "batches": 0,
  "version_conflicts": 0,
  "noops": 0,
  "retries": {
    "bulk": 0,
    "search": 0
  },
  "throttled_millis": 0,
  "requests_per_second": -1,
  "throttled_until_millis": 0,
  "failures": []
}

Please suggest if any query modification is required.

dadoonet · January 25, 2018, 9:08am

What is the output of:

GET ticketanalysis/fs/_search
{
    "size": 0,
    "query": {
        "range" : {
            "@timestamp" : {
                "gte": "01/01/2017",
                "lte": "01/31/2017",
                "format": "MM/dd/yyyy||yyyy"
            }
        }
    }
}

If you are getting back no data, then you need to fix your query.
Have a look at the mapping, try to reproduce with an example...

system · February 22, 2018, 9:08am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Snapshot and date Elasticsearch	4	460	July 20, 2019
Snapshot & Restore - Time Range Elasticsearch	3	549	April 15, 2019
Snapshot/ restore retention in Elasticsearch Elasticsearch	1	616	July 5, 2017
Can the Snapshot Restore restores all my data just once Elasticsearch snapshot-and-restore	3	154	March 18, 2024
How to take backup and restore of specific date indices Elasticsearch	5	4126	August 26, 2017

Creating snapshot for a particular period. ( ex: 1-1-2017 to 31-12-2017)

Related topics