If you'd like to split your APM indices by the service, you can use the advice from this topic.
You can change the index name by setting either output.elasticsearch.index or output.elasticsearch.indices. These configuration variables take an index name "format string", which can reference fields the events. For your use-case, you can include %{[service.name]} in the format string to create an index per service.
e.g.
output.elasticsearch:
hosts: ["http://localhost:9200"]
indices:
- index: "apm-%{[observer.version]}-sourcemap"
when.contains:
processor.event: "sourcemap"
- index: "apm-%{[observer.version]}-onboarding-%{+yyyy.MM.dd}"
when.contains:
processor.event: "onboarding"
- index: "apm-%{[observer.version]}-%{[service.name]}-error-%{+yyyy.MM.dd}"
when.contains:
processor.event: "error"
- index: "apm-%{[observer.version]}-%{[service.name]}-transaction-%{+yyyy.MM.dd}"
when.contains:
processor.event: "transaction"
- index: "apm-%{[observer.version]}-%{[service.name]}-span-%{+yyyy.MM.dd}"
when.contains:
processor.event: "span"
- index: "apm-%{[observer.version]}-%{[service.name]}-metric-%{+yyyy.MM.dd}"
when.contains:
processor.event: "metric"
Note that the "onboarding" and "sourcemap" indices are not service-specific, hence we did not include %{[service.name]} in their names in this example.
)