We have some fields containing sensitive information, and we do not want all users to see the original values.
We want to store these fields in a hashed form while indexing and control what different users can see.
I have a few questions:
Does Elasticsearch support hashing a field during indexing?
What are the recommended ways to implement hashing of field content at index time?
How does querying behave on hashed fields?
If a field is hashed, can we still search on it?
Can hashed content be decoded back to its original value?
Permission‑based visibility requirement:
User1 (no permission) → Should see only the hashed value
User2 (has permission) → Should see the original clear-text value
Is this possible in Elasticsearch using field‑level security or any other feature?
Yes, you can use the fingerprint processor on an Ingest Pipeline or in Logstash.
It works as any other field, but you can only search by the hashed value, you cannot search by the value of the field before generating the hash.
No, once you generate a hash for a f ield and index it, the original value is lost, if you want the original value you need to index it on a different field.
Yes, if you have a license you can use the field-level security, but again, if you want to search on the original value you need to index it on a field.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.