Hi All
please hell me to Compare two document in Kibana by some string array field, that contains a string unique values, No order required. this array string may contain till to 3000 strings
thank you in avance
Hi,
You will have to give more details. Have you ingested these two documents in Elasticsearch and then trying to show comparision in Kibana? Where do you want to show the comparision in Kibana? In one of the visualizations?
Thanks,
Bhavya
Yes n one of the visualizations?
the sample of document:
{
"message": "All 102 data ...",
"bId": "102",
"sha256": " 102_sha256_2",
"tags": [ "tag_1", "tag_N" ],
"indicators": [ "Ind1", "Ind2, "IND_NN"],
"meta_json": " 102_2 meta / json --- ..... "
}
bid, sha256 and indicators fields have a unique values.
i should compare indicators and meta_json fields between 2 documents, these documents I get by bid and sha256
for instance diff bid 102 and 101 indicators:
{
"message": "All 101 data ...",
"bId": "101",
"sha256": " 101_sha256_1",
"tags": [ "tag_1", "tag_N" ],
"indicators": [ "Ind1", "Ind12"],
"meta_json": " 102_2 meta / json --- ..... "
}
the result in indicators should be like "indicators": ["Ind12", "--Ind2", "--Ind_NN"]
or in 2 lines
"indicators": ["Ind12", "--Ind2", "--Ind_NN"]
"indicators_missing": ["Ind2", "Ind_NN"]
the meta_json should be treated in the same way.
thanks
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.