Hi, I would like if it is possible how to compare this value of two fields field1 : 123456XXXXXX1234 field2 : 1234567890001234 I mean i want to do if first 6 chars and last 4 chars of field1 are similar to field2 then add mutate or do something... Any help would be sincerely appreciate! Thanks…

You would need to extract those characters and then compare them. I have not tested this but perhaps grok { break_on_match => false match => { "[field1]" => "^(?<[@metadata][field1][start].{6}).*(?<[@metadata][field1][end]>.{4})$" "[field2]" => "^(?<[@metadata][field2][start…

Discuss the Elastic Stack

Compare fields value

Elastic Stack Logstash

alex_vermex (alex vermex) August 5, 2022, 2:12pm 3

It works if these two fields in the same documents yes but in my case these two fields are not in the same document i created a new topic for this

Elasticsearch is a trademark of Elasticsearch BV, registered in the U.S. and in other countries
Trademarks
Terms
Privacy
Brand
Code of Conduct

Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.