Hi!
I have followed this documentation (https://developers.cloudflare.com/logs/analytics-integrations/elastic) to set up logpush from Cloudflare to an Elastic.co cluster. This uses https://github.com/cloudflare/cloudflare-elastic in a Lambda function in order to forward metrics to an Elastic.co cluster. We can use a daily/weekly ingestion pipeline which results in daily/weekly indices.
This used to be fine, but with changes made to the Elastic.co Index Lifecycle Management (https://www.elastic.co/blog/optimizing-costs-elastic-cloud-hot-warm-index-lifecycle-management) the writer should write to a single fixed alias index, instead of a daily/weekly index, and then Elastic ILM takes care of rolling over the index when a certain threshold is met.
This method of writing to a fixed index is unfortunately not supported by the cloudflare-elastic repository. It would be great if this integration would be up-to-date again. I have filed an issue on GitHub in order to track this discussion: https://github.com/cloudflare/cloudflare-elastic/issues/20.
Thanks!
