How to merge different objects inside the same event

josemaia · November 27, 2018, 5:17pm

Hello! I have a fairly complex JSON object as an input, and I want to flatten it so it's easier to work with in Kibana.

An example is below:

{
  "sprints": [
    {
      "id": 17193,
      "sequence": 17193,
      "name": "Sprint 12",
      "state": "CLOSED"
    },
    {
      "id": 16510,
      "sequence": 16510,
      "name": "Sprint 11",
      "state": "CLOSED"
    }
  ],
  "velocityStatEntries": {
    "16510": {
      "estimated": {
        "value": 49
      },
      "completed": {
        "value": 36
      }
    },
    "17193": {
      "estimated": {
        "value": 52
      },
      "completed": {
        "value": 70
      }
    }
  }
}

Ideally I would want to, given the name of the objects inside [velocityStatEntries], find the object in [sprints] with that ID and add the estimated/completed values there. However, if it's easier, the other way around would also make sense.

Am I looking at a complex ruby script to do this, or am I missing a feature that would let me handle this quickly? Or am I going about this in the entirely wrong way and this data is actually in a format that Kibana/Grafana/Elastic can already work with easily?

Thanks.

EDIT:

the information is coming in through http_poller

josemaia · November 28, 2018, 5:29pm

FWIW, the Ruby solution is simple:

  ruby {
    code => "
        sprintId = event.get('[sprints][id]');
        estimated = event.get('[velocityStatEntries]['+(sprintId).to_s+'][estimated][value]');
        completed = event.get('[velocityStatEntries]['+(sprintId).to_s+'][completed][value]');
        event.set('[sprints][estimatedUnits]', estimated);
        event.set('[sprints][completedUnits]', completed);
      "
  }

system · December 26, 2018, 5:29pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.