Hello Everyone,
I have a beginner question regarding a context in which we have to index a PostgreSQL database with Elastic.
Is it required to use an intermediary solution between PostgreSQL and Elastic ? If so what are the best practices to adopt regarding the intermediary solution between PostgreSQL and Elastic (Logstash? Other solution ?) ?
Thanks for any feedback,
Regards
Bienvenue Lucien ! 
You need to send your existing data to Elasticsearch.
That means:
SELECT * from TABLE)_bulk API.Logstash can help for that. But I'd recommend modifying the application layer if possible and send data to Elasticsearch in the same "transaction" as you are sending your data to the database.
I shared most of my thoughts there: Advanced Search for Your Legacy Application - -Xmx128gb -Xms128gb
Have also a look at this "live coding" recording.
There's also a live demo in french here:
If you know python you can use that.
if your data is small chunck you can use panda's dataframe and do all etl process, convert that to json with one command and use bulk helper load to Elasticsearch
On a similar way, you can use something like Debezium or Hazelcast (which uses Debezium as well AFAIK). We will have an online meetup in 2 weeks in french: Elastic Paris Meetup #67 : hazelcast + kibana = ❤️ pour observer vos données at Elastic Community Events France
And also this one from the same speaker in english: Low-code exploration and visualization of your data at Elastic Community Events EMEA Virtual
Bonjour David
Thanks a lot for these useful insights !
When you write that Logstash can help, does it means that it is also possible to send datas to Elasticsearch through Logstash ? To fully understand, what are the pros and cons for both methods (1-Modification of the application layer / 2-Through Logstash).
Thank you in advance !
I'm going to paste from https://david.pilato.fr/blog/2015-05-09-advanced-search-for-your-legacy-application/
You can use an ETL and to read again your database and inject documents in elasticsearch. But you have to think of keeping all the things in sync. For example, when you want to remove an object from the database, you need to deal with that to remove it as well from elasticsearch. You can potentially use a technical table to do that which will contain something like a date, the id of the person which has been modified and the type of action, like
upsertordelete.This way the ETL can read again the same table every x minutes and do what is needed and also remove from this technical table all objects that has been processed so far.
Remember that reading again a database might have a cost on the database especially if you have a complicated model with collections of collections of collections of attributes.
And also, if you need to propose to your user real-time search or near real-time search, that won’t be possible with an ETL which runs every x minutes.
You can send your data to a message queue system like Kafka, RabbitMQ... and then read from it using Logstash (or filebeat), or your own application layer...
1-Modification of the application layer
That's again what I recommend. You have that way a full control of what is happening. On the cons side you have:
2-Through Logstash
Less things to write. And because you are reading a DB, ES will be consistent with what was in the DB when you were reading it.
On the cons side:
Just some thoughts...
Thank you so much for this detailed feedback
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.