Can logstash add array field to elasticsearch?

recordable542 · September 19, 2020, 7:09am

My Environment

mysql
logstash (with jdbc plugin) 7.8.0
elasticsearch 7.6.2

pipeline.yaml

...
statement => "SELECT id, name, location1, location2 FROM users;"
...

I have location1 and location2 column in mysql users table. I want to make them to one array field like...

statement => "SELECT id, name, location1, location2 FROM users;"

    filter {
        mutate {
            add_field => {
              "location" => "[%{location1}, %{location2}]"
            }
        }
    }

so that I can later query all users who ...
(location1 == "NY" or location2 == "NY") or (location1 == "NJ" or location2 == "NJ")

query: {"terms": {"location": ["NY", "NJ"]}}

system · October 17, 2020, 7:10am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Logstash -> array field -> subquery Logstash	2	356	July 20, 2021
Append values to array field Logstash	3	3898	December 12, 2018
Logstash creating an array when I add a string field that not exist yet Logstash	1	859	February 20, 2018
Create array in logstash -> elastic Logstash	1	1487	October 12, 2017
Process array elements as objects Logstash	3	779	January 4, 2018

Can logstash add array field to elasticsearch?

My Environment

pipeline.yaml

Related topics