Hi,
I have a logstash index - and I would like to snapshot only this index (which I can already do) - however I would like to only snapshot data in the image which has e.g. source:/var/log/messages
My logstash indices contains a lot of different data - and I would like to snapshot only some specific elements from the index - that I can then restore on another ES cluster and work with.
Thanks
This is not possible, because a snapshot simply takes a copy of the on-disk data and stores it in a repository. Snapshots are for backup, i.e., so you can restore a copy of an index later. It doesn't really make sense to snapshot the results of a search.
You could use reindex to create an index containing only the data you want and then take a snapshot of just that index.
Thank you - will try
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.