I created a snapshot of one our indices. It took a while to switch over to the new index. Now we have a gap of a 6 days. The original index is still active.
I am wondering if it’s possible to manually insert one or more GELF messages at a specific point in time using the Elasticsearch REST API.
Though I have never done it, I believe it is possible.
Whether it is worth the time and effort to do for six days worth of logs is an entirely different question. Take a look at this doc to get an idea of what is involved.
It talks about the AWS opensearch service, but the commands work the same on self-managed instances.
Awesome! Thank you for taking the time to reply.
I’m hoping that I/we can insert a few messages and not a few hundred/thousand messages.
Although, I’m sure we can create a python/bash script to automate it.
regardless, thank you for the tip!
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.
