Snapshot index based on query

bipinbs · June 21, 2018, 12:41pm

Hi,

Currently, we have deployed elasticsearch in our kubernetes cluster where we have daily indices configured. Currently for multiple tenants we store logs in same index based on routing key. We have daily curator job which runs to create snapshot of the previous index. We were planning to have different snapshot created for each tenant. Is it possible to split index into multiple snapshots based on any query.
The retention policies for each tenant is different so were planning to separate out snapshots based on tenants. Any ideas how we can achieve this?

theuntergeek · June 21, 2018, 12:52pm

No. Snapshots are of entire indices only. If you need things split up like that, you will have to divide your indices accordingly.

One way to do this in multiple stages might be to use the Reindex API to reindex the contents of a query into a new index—even a temporary one—and then snapshot the resulting index.

bipinbs · June 22, 2018, 5:24am

Yes, re-indexing to temporary index seems to be only option right now. Thanks Aaron for your inputs.

Topic		Replies	Views
Snapshot - Is it possible to create them based on repository indices? Elasticsearch	3	703	July 5, 2017
Creating snapshot every six months Elasticsearch slm-snapshot-lifecycle-management	2	547	March 22, 2022
Snapshots of new indices Elasticsearch	2	293	July 12, 2018
Reindex documents following a query in order to make a snapshot Elasticsearch	6	645	April 20, 2020
Elasticsearch snapshot design/solution Elasticsearch	1	612	September 21, 2018

Snapshot index based on query

Related topics