Reindexing in Elasticsearch copies documents into a new index so mapping, analyzer, and shard-layout changes can be applied without rewriting data in place. A separate destination index keeps the source index intact for rollback, comparison, and controlled cutovers.
The _reindex API executes a scroll search on a source index and writes each batch into a destination index using bulk indexing. Optional query filtering and script transforms can reshape documents while copying.
The destination index should be created ahead of time because reindexing does not clone index settings, analyzers, or mappings. The source documents must have _source enabled, and reindexing can consume significant cluster resources; add authentication and TLS options to the curl commands when security is enabled and schedule large jobs for off-peak periods.
Steps to reindex data in Elasticsearch:
- Create the destination index with the desired mappings.
$ curl -s -H "Content-Type: application/json" -X PUT "http://localhost:9200/logs-2026.02-v2?pretty" -d '{ "mappings": { "properties": { "timestamp": { "type": "date" }, "level": { "type": "keyword" }, "message": { "type": "text" } } } }' { "acknowledged" : true, "shards_acknowledged" : true, "index" : "logs-2026.02-v2" }Analyzer and shard-count changes belong in destination index settings, since many index-level settings cannot be changed after creation.
- Check the current document count in the source index.
$ curl -s "http://localhost:9200/logs-2026.02/_count?pretty" { "count" : 3, "_shards" : { "total" : 1, "successful" : 1, "skipped" : 0, "failed" : 0 } } - Start the reindex job to copy documents into the destination index.
$ curl -s -H "Content-Type: application/json" -X POST "http://localhost:9200/_reindex?pretty&refresh=true" -d '{ "source": { "index": "logs-2026.02" }, "dest": { "index": "logs-2026.02-v2", "op_type": "create" } }' { "took" : 30, "timed_out" : false, "total" : 3, "updated" : 0, "created" : 3, "deleted" : 0, "batches" : 1, "version_conflicts" : 0, "noops" : 0, "retries" : { "bulk" : 0, "search" : 0 }, "throttled_millis" : 0, "requests_per_second" : -1.0, "throttled_until_millis" : 0, "failures" : [ ] }Writes to the source index after the scroll starts are not guaranteed to be included in the destination index, so strict cutovers require a planned write freeze for the final reindex run.
Large jobs can be started asynchronously by adding wait_for_completion=false and monitored via the _tasks API.
- Check the document count in the destination index.
$ curl -s "http://localhost:9200/logs-2026.02-v2/_count?pretty" { "count" : 3, "_shards" : { "total" : 1, "successful" : 1, "skipped" : 0, "failed" : 0 } } - Run a basic search on the destination index to confirm documents are readable.
$ curl -s -H "Content-Type: application/json" -X POST "http://localhost:9200/logs-2026.02-v2/_search?pretty" -d '{ "size": 1, "sort": [ { "timestamp": "desc" } ] }' { "took" : 7, "timed_out" : false, "_shards" : { "total" : 1, "successful" : 1, "skipped" : 0, "failed" : 0 }, "hits" : { "total" : { "value" : 3, "relation" : "eq" }, "max_score" : null, "hits" : [ { "_index" : "logs-2026.02-v2", "_id" : "a3", "_score" : null, "_source" : { "timestamp" : "2026-01-06T03:42:00Z", "level" : "INFO", "message" : "login ok" }, "sort" : [ 1767670920000 ] } ] } }
Mohd Shakir Zakaria is a cloud architect with deep roots in software development and open-source advocacy. Certified in AWS, Red Hat, VMware, ITIL, and Linux, he specializes in designing and managing robust cloud and on-premises infrastructures.
