At the end of November, we’ll be migrating the Sematext Logs backend from Elasticsearch to OpenSearch

Elasticsearch to OpenSearch Migration Facilitated by Sematext Cloud

October 12, 2023

Table of contents

OK, so you’ve decided to move from Elasticsearch to OpenSearch. Maybe our comparison helped you decide and maybe you’ve checked our guide on how to perform the migration. But how do you know if your new OpenSearch performs as well and functions as correctly as the existing Elasticsearch? Even when comparing old with new versions, upgrades don’t always translate into better performance.

If your cluster is important, you’ll probably run both search engines in parallel for a while. It would be nice to have similar monitoring UIs and alert rules to make the transition easier.

This is where Sematext Cloud is handy: our Observability SaaS is built by (and originally for) search consultants, with equally awesome support for both Elasticsearch and OpenSearch.

Also, just in case you’re running Kubernetes on either Elasticsearch or OpenSearch, our colleague, Radu, covered the best practices at Kubecon 2023! Check it out.

 

Setup

Installing our agent would be the same for both Elasticsearch and OpenSearch. Unless you set it up manually (vs discovery), in which case you have to say opensearch instead of elasticsearch as the app type 😁 Under the hood, we take care of all the differences. For example, the official Elasticsearch image logs in JSON, while the OpenSearch one logs in plain text. We’ll happily parse both and make the dashboards very similar. Though of course the logs themselves will differ slightly (and they’ll diverge more as time goes by), but we’ve made sure that default alerts work in a similar way.

Speaking of dashboards and alerts…

Dashboards and Alerts

If you’re confused about whether I’m talking about logs or metrics, it’s because Sematext Cloud deals with both – for both search engines. And because most charts are similar, you can check if your new OpenSearch cluster behaves as well as Elasticsearch did. You can literally see metrics (or logs) side by side using Split Screen:

Elasticsearch and OpenSearch metrics side by side

As the two search engines diverge, all the common metrics will be presented in a familiar way. And in case you’re not sure what a metric is about, you can check the descriptions by hovering your mouse over the metric label in the legend. We also write about the significance of many metrics in the TIP boxes:

tips for explaining metrics

The same goes for alerts. Do any of these look familiar?

elasticsearch default alerts

At the time of writing this, you’ll find the same default alerts for OpenSearch, and we plan to keep alerts about common metrics the same. Though of course everything is customizable: from charts to alerts to log parsing rules.

Conclusion

Before you make the switch, it’s a good idea to check the new OpenSearch cluster’s performance and correctness compared to the old one. Sematext Cloud makes it easy to watch those metrics and logs before, during and after the migration. Try it out, it’s free for two weeks and it will continue to be free for small clusters with low metrics&logs retention.

Last but not least, if you’re looking for professional help on your search engine migration, feel free to reach out here.

Java Logging Basics: Concepts, Tools, and Best Practices

Imagine you're a detective trying to solve a crime, but...

Best Web Transaction Monitoring Tools in 2024

Websites are no longer static pages.  They’re dynamic, transaction-heavy ecosystems...

17 Linux Log Files You Must Be Monitoring

Imagine waking up to a critical system failure that has...