Index1:
index1 has 2 below fields.
RRN Flag
1 nofraud
2 nofraud
3 nofraud
4 fraud
Index2:
this has only 1 field
RRN
1
2
3
10
15
Requirement: We need to update flag fields values of index1 from "nofraud" to "fraud" if for all RRN of index1 which have matching RRN values in index2.
Please suggest how to do.I understand elaticsearch is nosql hence we can not join 2 indexes.But is there any other alternate way to do this
If this is a one-off fix or update I would recommend using update by query. Either run one task per value or a single task with a script that sets the value correctly based on the data in the event.
Thanks for reply..but how we can do using update by query... here data is on two different indexes .in update by query elastic documentation all the examples are given using update based on some condition within same index..
Can yopu please share any example how we can do this with update query with 2 indexs..
You would need to specify the content of the reference index as parameters to your update by query as you correctly cannot do it from one index to another. You could run one update by query per RRN or put the mapping of a few values at a time in a scripted update. If you have a large number of values it may be easier to create an external reindexing script.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.