Can logstash add array field to elasticsearch?

recordable542 · September 19, 2020, 7:09am

My Environment

mysql
logstash (with jdbc plugin) 7.8.0
elasticsearch 7.6.2

pipeline.yaml

...
statement => "SELECT id, name, location1, location2 FROM users;"
...

I have location1 and location2 column in mysql users table. I want to make them to one array field like...

statement => "SELECT id, name, location1, location2 FROM users;"

    filter {
        mutate {
            add_field => {
              "location" => "[%{location1}, %{location2}]"
            }
        }
    }

so that I can later query all users who ...
(location1 == "NY" or location2 == "NY") or (location1 == "NJ" or location2 == "NJ")

query: {"terms": {"location": ["NY", "NJ"]}}

system · October 17, 2020, 7:10am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Logstash -> array field -> subquery Logstash	2	356	July 20, 2021
Append values to array field Logstash	3	3894	December 12, 2018
Elasticsearch array of an object using logstash Logstash	1	291	October 11, 2022
Array search from Logstash elasticsearch plugin Logstash	1	133	April 9, 2024
How to store array in elasticsearch from logstash Logstash	2	1555	June 26, 2017

Can logstash add array field to elasticsearch?

My Environment

pipeline.yaml

Related Topics