Compare documents from two indexes

Veer · May 20, 2020, 4:12am

Hello. I'm trying to compare two indexes. Index 1 will have the raw data and I'll use Index 2 to store processed data from Index 1. However, I have noticed that when the records in Index 1 are not in sequential order by the time, those set of records doesn't make it to Index 2. So I'm basically trying to do a diff between Index 1 and Index 2.

Sample data in Index 1: (Index 2 will also have same data but with additional fields)

Index 1:
{
  test_tstamp: 2020-05-19T01:00:00.000Z
  report_tstamp: 2020-05-19T01:00:30.000Z
  created_tstamp: 2020-05-19T01:00:30.000Z
}

Let's assume there is a document at every 10 seconds in Index 1(d1, d2, d3, d4, d5) and Index 2 (d1, d4, d5) missed documents between two timestamps. My diff should retrieve the tstamp for missing records (d1, d4).

warkolm · May 20, 2020, 4:14am

Welcome!

This is not something that Elasticsearch can do for you, you'd need to handle this in your client code.

Veer · May 20, 2020, 1:11pm

Thank you @warkolm

Hendrik_Muhs · May 20, 2020, 1:22pm

I think this might be helpful:

https://www.elastic.co/guide/en/elasticsearch/reference/current/transform-painless-examples.html#painless-compare

If the indexes are large you need something like transform

system · June 17, 2020, 1:22pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Compare 2 tables with different indices and display the records that are missing in first table Elasticsearch	6	429	December 18, 2019
Copy document if fields are different Elasticsearch painless	1	222	May 30, 2023
Comparing files between indices Elasticsearch	5	349	April 12, 2019
How to compare document fields in a elasticsearch query Elasticsearch	2	562	September 26, 2023
What is the most efficient way to compare two indices? Elasticsearch elastic-stack-monitoring , elastic-stack-reporting , elastic-stack-alerting	1	1096	April 9, 2019

Compare documents from two indexes

Related Topics