Assumptions:

You already have a working ELK cluster (5.x).

Azure Account

Step 1: Storage account

Create Storage Account:

Step 2: Get Credentials

Get Storage account name and key

Step 3: Install azure plugin

Ssh into all elastic search nodes.

Go to /usr/share/elasticsearch/

Run sudo bin/elasticsearch-plugin install repository-azure

Step 4: Update config

Go to /etc/elasticsearch/elasticsearch.yml. Add your Azure configuration

Restart sudo service elasticsearch restart

Step 5: Create snapshots

Open Kibana portal and Click on Dev Tools

Configure Repository

1
2
3
4

PUT _snapshot/es_snapshot
{
    "type": "azure"
}

Create Backup

1

PUT _snapshot/es_snapshot/mybackup_1

List snapshots

1

GET /_snapshot/es_snapshot/mybackup_1

Step 6:

Go to Storage account. Click on “Containers” to see the snapshots.

Restore from Azure storage account

Step 7:

Follow step 1 to step 4 to configure your new cluster.

Step 8:

Close all the indices

1

POST /_all/_close

Step 9:

Restore from snapshot

1

POST /_snapshot/es_snapshot/mybackup_1/_restore