Added elastalert_status index timestamping

[Qmando]

Allow you to set writeback_index: elastalert-status-%Y.%m etc.

Also a minor fix that would causing duplicate indices from format_index.

Fixes #684

[Qmando]

Regardingcreate_index

I guess create_index effectively becomes obsolete if you are using this feature. Unless you are trying to copy data from an old index. That should be reflected in the documentation.

Do you mean bootstrapping from a non-timestamped index? In that case, no. I'll probably add a section on the documentation on how to use create-index to copy over some data and switch. You'd have to manually input elastalert_status-2017.03 or whatever, which would be very prone to human error, so maybe I'll add that functionality into the script.

[alesnav]

Hello there, do you think that this PR can be merged now?

Thanks!

[AndreLouisCaron]

I'm also very interested in this. Anything I can help with to get this moving?

[Qmando]

If someone wants to test this branch and report back any issues, that would be awesome.

I'll reprioritize getting this out, I think I still need to add documentation, do some more thorough documentation, and add a way to migrate from an old fixed index name seamlessly.

[angocor]

Hello. Is this going to be merged anytime soon?. I am very interested on this.

[donwalrus]

also interested in this feature, otherwise its simple enough to have an out of band process that runs to create a new daily/whatever index and then writeback_index references an alias

[swedishmike]

This is something that would be very useful in our environment so I'm very interested if this could be implemented. Being able to run curator against the indexes for a certain time span would be extremely good.

Since it's gone a year since the last comments - are there any plans of getting this merged?

TIA

[gartemiev]

@Qmando , any update on this?

[vtdat]

I'd to see this merged.