Query multiple indexes

sai_16 · July 8, 2020, 4:07pm

I need to perform this,how is it possible?

I have index1 - with cpu,mem,hostname details.
index-2 with location details.
Now i need to fetch cpu,mem information of hostnames starting with host* and location is bgl.How can this be done?

I tried as below but didnt work.

{ "size": 10000, "_source" : ["@timestamp","beat.name", "system.memory.used.pct","system.cpu.total.norm.pct"], "aggs": { "4": { "date_histogram": { "field": "@timestamp", "interval": "1h", "time_zone": "US/Eastern", "min_doc_count": 1 }, "aggs": { "Avg CPU": { "avg": { "field": "system.cpu.total.norm.pct" } }, "Avg Memory": { "avg": { "field": "system.memory.used.pct" } } } } }, "query": { "bool": { "must": [ {"range" : {"@timestamp" : { "gte": "now-4h","lte": "now"}}} ], "filter": [ { "bool": { "should": [ { "query_string": { "query": "index1-*.beat.name: host* AND index2-*.city.keyword:BANGALORE","analyze_wildcard": true, "default_field": "*" } } ] } } ] } } }

warkolm · July 8, 2020, 9:42pm

That would be a join, which Elasticsearch cannot do.
You'd need to add the location field to the metrics.

system · August 5, 2020, 9:42pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Need to fetch Avg CPU values for a particular set of hosts Elasticsearch	1	310	August 5, 2020
Elastic Search - Query multiple indices Elasticsearch	1	407	July 6, 2017
Query data from multiple indexes Elasticsearch	5	414	December 14, 2018
Join the result of two different queries indices Elasticsearch	4	446	July 9, 2021
Query documents present in both indexes Elasticsearch	3	1299	May 9, 2018

Query multiple indexes

Related topics