I am using the completion suggester feature of Elasticsearch. It logs the search keyword every time user enters a key irrespective of it being the complete word or only a partial word. Is there any functionality to group all these log entries of partial words with the actual word user was searching for.
For example:
373.262.733.395 - - [21/Jun/2013:07:19:47] "GET /search_suggest/di HTTP/1.1" 200 184
373.262.733.395 - - [21/Jun/2013:07:19:47] "GET /search_suggest/d HTTP/1.1" 200 193
373.262.733.395 - - [21/Jun/2013:07:19:47] "GET /search_suggest/dig HTTP/1.1" 200 184
373.262.733.395 - - [21/Jun/2013:07:19:48] "GET /search_suggest/digi HTTP/1.1" 200 175
373.262.733.395 - - [21/Jun/2013:07:19:48] "GET /search_suggest/digit HTTP/1.1" 200 189
This is a snapshot of log entries. Now I just want to output "digit" as the grouping result for the given. Other entries like "di", "d", "dig" etc should be irrelevant.
Is there any existing solution for this? Perhaps in Logstash.