How to access and sort many documents using scripting fields?

Elastic Stack Kibana
1

In my Elasticsearch index I store multiple documents with fields like date, sequence etc. It looks like shown below. My goal is to find reordering. It means that I should sort all documents by date and check whether all sequence numbers are ordered by date. If some of them are reordered I write in chosen document field packet_reordered and the number of documents for which the package has been reordered based on the date. If document is ordered in a correct way I write the value 0 in the packet_reordered field. I tried to use scripted field however I have some problems when it comes to do operations on multiple documents using Painless.
Is it possible to use for example python instead of painless in scripted fields using Elasticsearch 7.4.2?

{
  "took": 4632,
  "timed_out": false,
  "_shards": {
    "total": 1,
    "successful": 1,
    "skipped": 0,
    "failed": 0
  },
  "hits": {
    "total": {
      "value": 130,
      "relation": "eq"
    },
    "max_score": 1.0,
    "hits": [
      {
        "_index": "logs",
        "_type": "log",
        "_id": "yrsas24BmxPy23WAM2TeeQ",
        "_score": 1.0,
        "_source": {
          "name": "something23",
          "date": "2019-11-26T01:30:40",
          "sequence": 34
        }
      },
      {
        "_index": "logs",
        "_type": "log",
        "_id": "y7sas24BmxPy23WAM2TeeQ",
        "_score": 1.0,
        "_source": {
          "name": "something",
          "date": "2019-11-26T01:32:23",
          "sequence": 23
        }
      },
...
2

Using python for scripted fields was deprecated in 5.0 and is not longer supported from Kibana, https://www.elastic.co/guide/en/kibana/current/scripted-fields.html.

Script fields only have access to the current document and can not access multiple documents https://www.elastic.co/guide/en/elasticsearch/reference/7.5/search-request-body.html#request-body-search-script-fields.

3

@Nathan_Reese Thank you very much for you reply. Can you recommend any other alternative solution to this problem?

4

You can run Elasticsearch queries with simple REST requests. What you are trying to do is not possible in Kibana and needs to be done with a script in your favorite programming language.

5

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.