I'm using the Elasticsearch filter and a percolate query to search documents as I index them with Logstash. My ruby debug output currently lists each log as it is indexed and the ones which have matched a search have an extra field "query" which details the query that has been matched - so I know it's working but I'm not sure how to harness that information.
I basically want to add a tag to the records that match as they are processed. If I put an add_tag command in the Elasticsearch filter as is it just tags all the documents so I presume I need some sort of conditional structure?
If anyone has any ideas I'd be very grateful.