From time to time I see Cluster health API | Elasticsearch Guide [8.3] | Elastic return "status": "red" for a few seconds. This never lasts long, so simply running Cluster allocation explain API | Elasticsearch Guide [8.3] | Elastic is not an option.
When this happens, number_of_nodes does not report any missing nodes and initializing_shards and unassigned_shards are at most 3. Since all my indices have 3 shards, it looks like one of them went temporarily bad.
So the question is: How do I find out which index was responsible for "status": "red"?
It must be something easy, but I just don't see it.
I see that when this happens, there is often "number_of_pending_tasks": 1, so i tried with cat task management API | Elasticsearch Guide [8.3] | Elastic , but that seems to return only currently executing tasks, so the "guilty" task is not there anymore.
I expected to find the answer via cat recovery API | Elasticsearch Guide [8.3] | Elastic somehow, but so far I don't understand how to sort this by time of completion.