Compare documents from two indexes

Veer · May 20, 2020, 4:12am

Hello. I'm trying to compare two indexes. Index 1 will have the raw data and I'll use Index 2 to store processed data from Index 1. However, I have noticed that when the records in Index 1 are not in sequential order by the time, those set of records doesn't make it to Index 2. So I'm basically trying to do a diff between Index 1 and Index 2.

Sample data in Index 1: (Index 2 will also have same data but with additional fields)

Index 1:
{
  test_tstamp: 2020-05-19T01:00:00.000Z
  report_tstamp: 2020-05-19T01:00:30.000Z
  created_tstamp: 2020-05-19T01:00:30.000Z
}

Let's assume there is a document at every 10 seconds in Index 1(d1, d2, d3, d4, d5) and Index 2 (d1, d4, d5) missed documents between two timestamps. My diff should retrieve the tstamp for missing records (d1, d4).

warkolm · May 20, 2020, 4:14am

Welcome!

This is not something that Elasticsearch can do for you, you'd need to handle this in your client code.

Veer · May 20, 2020, 1:11pm

Thank you @warkolm

Hendrik_Muhs · May 20, 2020, 1:22pm

I think this might be helpful:

https://www.elastic.co/guide/en/elasticsearch/reference/current/transform-painless-examples.html#painless-compare

If the indexes are large you need something like transform

system · June 17, 2020, 1:22pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.