There are a lot of discussions around this topic but haven't found a solution for my problem.
I am trying to compare fields of different documents in the same index. For example,let's say i have three documents as below : Index1 Doc 1
Field1 = Value1
Field2 = Value2 Doc 2
field1 = Value1
field2 = Value_2 Doc 3
field1 = Value_1
field2 = Value_2
I want to display all the documents where Field1.value == field1.value (according to the example, it should display Doc1 and Doc2). I don't know what the value will be, so I can't make a query by value and also I read that scripted fields can't be used here since it works only within a document.
Documents are bulk imported from two different sources, the comparison can't be done on the client's side.
I really appreciate any help since I am struggling with this for a long time now. Thanks in advance.
It sounds like you want to explore individual documents with filters that you don't know ahead of time. Can you add filters in Discover? For example, Field1.value: "Value1" is a query you could run. If you want to provide a nicer UI for this, you could save your Discover search and embed it into a dashboard, and then add an Input Controls widget.
Thank you Wylie.
But let me try to explain my problem more clearly. Below is a simplified structure of my docs. Index1 Doc 1 (ingested by source1)
Field1 = "ABC"
Field2 = "DEF" Doc 2 (ingested by source2)
field1 = "ABC"
field2 = "EDF" Doc 3 (ingested by source1)
Field1 = "GHI"
Field2 = "JKL" Doc 4 (ingested by source2)
field1 = "GHI"
field2 = "JL"
Now, I want to loop through all the different field1.value values(docs ingested by source2) and find all the docs (ingested by source1) if field1.value==Field1.value.
Is this even possible in kibana?
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.