In both cases the index should be closed first, both commands respond with "acknowledged" : true. Command curl -X GET "localhost:9200/index_name/_settings?pretty"
responds with what it is expected to respond (i.e. the analyzer has disappeared after the deletion command or the properties of the analyzer have changed after the editing command), and the index works OK after opening, at least it seems so after brief testing.
These feautures are very importaint and convinient, but are they actually safe, or they may corrupt documents or other parts of the index?
For compatibility reasons I'm using Elasticsearch 7.13.4 version.
I usually create a new index when an analyzer is created and then use the Reindex API.
This ensures that the new analyzer is applied to all documents.
This is also good because you guarantee a backup index in case something goes wrong with the new index.
Doing it your way I think it's a very high risk if any failure occurs that's how you can lose your index.
The index I'm going to deal with is really HUGE. Reindexing it with following testing would take about a week. And on the other hand it is treated within the set of similar indexes which I wouldn't like to affect, that's why I don't want just to add a new analyzer with a new name either (all indexes in the set should have same names for analyzers).
The analyzer to be edited (or deleted and then added again with a new set of filters) is to be just a search analyzer, it will not be used in indexing documents, so this operation won't make different documents to be indexed in different ways.
So the question is, whether editing / deleting an existing analyzer is itself somehow more dangerous for internal index data than just adding a new analyzer as it is described at the end of Update index settings API | Elasticsearch Guide [8.5] | Elastic page?
Probably if it is unsafe, acknowledging these editing / deletion analyzer commands should be treated as a bug?
What I exposed was my vision of treating the problem. Documentation can be followed for your purpose.
I just work in a way to get more security.
If you tested it and it worked in your test environment, the same should happen in production.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.