Problem Statement

Rakesh5216 · June 22, 2018, 7:01pm

I have 3 different files ( 3 diff csv files) - transaction data, card info data and user data. I need to merge all these data into single file (I mean to perform SQL type join based on a key). I am aware that we can’t perform joins in elasticsearch.

So what approach to solve this problem. I need to join these documents and inject the data into single index on Kibana.

My options – let me know if this can be possible.

Use logstash- ETL tool, do data structuring and transformation there ( is it possible to do joins in logstash? )
Or use join queries and mapping documents and inner_hits concepts in Kibana console ?
Which of the above is feasible or if any new recommendations to solve this problem?

warkolm · June 22, 2018, 9:09pm

I'd use Logstash to do it, have a look at the translate filter for eg.

Rakesh5216 · June 22, 2018, 9:12pm

Thanks a ton. Can I know if any example solving related issue using translate filter?

warkolm · June 22, 2018, 9:21pm

There's examples in the documentation, but also lots on here if you do a search

Rakesh5216 · June 22, 2018, 9:35pm

Writing a python script on the Elasticsearch end can be easier than merging on the Logstash end?

system · July 20, 2018, 9:41pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Joining Multpile CSV files and injecting the data into Elasticsearch Logstash	2	308	July 20, 2018
Merging CSV files based on a common key column Logstash	2	1745	July 30, 2018
Best strategy to "JOIN" data from diferent .json files (Data enrichment? Rollup? Transform? Dictionary?) Elasticsearch	4	25	September 11, 2024
Joins in Kibana to Fetch Data From Multiple Indexes Kibana	20	40549	July 6, 2017
Mutate join filter Logstash	18	1097	August 2, 2019

Problem Statement

Related topics