Am trying to move our ELK stack to a different machine to verify backup/restore procedure. A snapshot has been created on machine A, after creating a Repository.
Moved full repository directory to machine B, added the repository on that machine.
Snapshots created on machine A are detected on machine B, so tried to load the snapshot on machine B using
POST /_snapshot/virt06/snapshot-number-one/_restore
When performing the restore action, it fails on the fact one of the indexes is in use:
"error" : {
"root_cause" : [
{
"type" : "snapshot_restore_exception",
"reason" : "[virt06:snapshot-number-one/273qaO3DRx2HdERZTzvmEw] cannot restore index [.security-7] because an open index with same name already exists in the cluster. Either close or delete the existing index or restore the index under a different name by providing a rename pattern and replacement name"
}
],
"type" : "snapshot_restore_exception",
"reason" : "[virt06:snapshot-number-one/273qaO3DRx2HdERZTzvmEw] cannot restore index [.security-7] because an open index with same name already exists in the cluster. Either close or delete the existing index or restore the index under a different name by providing a rename pattern and replacement name"
},
"status" : 500
}
Closing the index results in a non functional ELK cluster.
Any ideas how to properly perform a restore action?