I don't think that ESA can do that because it doesn't run queries like the RE, but only correlate on-the-fly. If I'm not missing something then your only option is to test this in a lab and re-inject some of the old traffic that you want to use (assuming you are not happy to do that in production).
