Hi everyone,
I've seen a post or two about the needs for SQL-like joins and being a little new to Elasticsearch, I wanted to get some feedback as to the best approach for some data visualization. I am getting SNMP data from a wireless controller using Telegraf. The data sits in two distinct datasets but has the same timestamp. It's one set (FOO) that has elements A, B, and C with values in each. The other set (BAR) has C and D with values in each.
What I am trying to do is as follows:
For every timestamp, find every value of BAR.D where FOO.C and BAR.C are equal and create a new dataset with timestamp, FOO.A, FOO.B, FOO.C, BAR.D.
I am not the greatest programmer in the world and have put about 30 hours into the effort so far and have come up empty, other than learning a ton which is always a good thing. I tried using Kapacitor to do a join but couldn't make it work the way I wanted. I also tried using Python with PySNMP and managed to gather the data together, and that's the path I'm currently taking, but I think there has to be a better way.
I'm willing to do just about anything in terms of collection mechanisms and data storage, and just think Elasticsearch has to be able to do something like this.
Thanks.
Sal