Hello all,
I have a chunk of data of the format below. I am trying to store this data in Elasticsearch. I understand how to get this data through logstash, but I am not sure how to construct a template that will properly parse this data for storage in Elasticsearch. I read all about Elasticsearch nested mapping templates and how Elasticsearch makes separate invisible documents for each item in a json array in order to be able to keep track of the array items properly, but I am confused as to how Elasticsearch would handle more than one nested layer. I also am not sure if I should use "type"="nested" for nested data where the nested data is not an array, and is rather a single value. Lastly, I am not sure if Grafana 3.0.4 is even capable of displaying this nested information (if you guys deal with Grafana at all). Do any of you know any of the answers to my questions?
I know I've asked a lot of questions, but please help if you know how, as I've been working on this all day.
Thanks,
Joel
{
"deviceVersion": "test1",
"data": {
"device": "test2",
"updated": "test3",
"items":
[
{
"number": 10,
"identifier": "2211",
"location": "east",
"customer": "burgermart",
"saleStats": {
"sales": 10,
"salesman": 5,
},
"purchaseStats": {
"purchased": 50,
"sold": 15,
"log": {
"problems": 0,
"damages": 0,
},
"hr": {
"firings": 0,
"hirings": 0,
}
}
},
{
"number": 11,
"identifier": "2211",
"location": "east",
"customer": "burgermart",
"saleStats": {
"sales": 10,
"salesman": 5,
},
"purchaseStats": {
"purchased": 50,
"sold": 15,
"log": {
"problems": 0,
"damages": 0,
},
"hr": {
"firings": 0,
"hirings": 0,
}
}
}
]
}
}