Change elastiflow-* Index Name?
QUESTION
When using the Elasticsearch or OpenSearch outputs, can the names of the indices be changed?
ANSWER
No, changing the names of ElastiFlow-related indices is not supported. The various components of the ElastiFlow solutions are designed to work together in an integrated manner. Changing the index names would potentially break dashboards, ILM/ISM policies, ML jobs and alerts. Although an ingest pipeline can be used to change the index name as records are ingested, such an environment is not supported by ElastiFlow.
Often the reason for changing index names is to achieve multi-tenancy, where separate indices are created for each tenant, or simply to have separate indices for different environments, locations or other organizational units. To facilitate this use-case an option is provided to add a suffix to the index name. This can be achieved using the EF_OUTPUT_ELASTICSEARCH_INDEX_SUFFIX or EF_OUTPUT_OPENSEARCH_INDEX_SUFFIX for Elasticsearch or OpenSearch respectively.
Consider the index name elastiflow-flow-codex-2.2-2023.01.01. By setting a suffix value of staging, the resulting index name would be elastiflow-flow-codex-2.2-staging-2023.01.01. Access to the staging indices can then be controlled by setting permissions for the *-staging-* index naming pattern.