Hi,
New to logstash and wondering if it is possible for the following use case. Doing some searching it is not entirely clear if it is possible to query elasticsearch in filter stage for multiple documents and nest into a single output document. This is what we are hoping to accomplish.
Input:
Kafka event with a particular term.
Filter:
Query time series indices for multiple documents containing that term, within the date range. (Our indices are named index_2019-07-28, index_2019-07-29....
Output:
Index a single elasticsearch document in a "rollup" index that nests the documents returned in the filter stage within a single nested field of the output document.