The Rollup feature exposes a new search endpoint (
/_rollup_search vs the standard
/_search) which knows how to search
over rolled-up data. Importantly, this endpoint accepts 100% normal Elasticsearch Query DSL. Your application does not need to learn
a new DSL to inspect historical data, it can simply reuse existing queries and dashboards.
There are some limitations to the functionality available; not all queries and aggregations are supported, certain search features (highlighting, etc) are disabled, and available fields depend on how the rollup was configured. These limitations are covered more in Rollup Search limitations.
But if your queries, aggregations and dashboards only use the available functionality, redirecting them to historical data is trivial.