Hi Team. Is it possible to issue a single query for 2 different indexes.
Lets say I have 2 index - A & B and I need to write a query where in I need the count of matches where A.xyz = B.abc , where xyz, abc = fields of respective index.
Can anyone help me with this by adding comments along these lines.
Thanks in advance.
No. You can't join 2 indices at query time.
Hi there,
How about this - Let's say I have 2 csv files - A and B
I need to ingest the csv data to my elastic server for potential search
As of now I use logstash to ingest data to my elastic server - and now I want to check the records which have a relationship like A.[fieldname]=B.[fieldname].
How can I accomplish this using ELK stack.
Urgent help!
Thanks in advance.
You can't do that.
But you can try to do join at index time.
Like instead of indexing:
PUT a/_doc/1
{
"fieldname": "foo",
"foo_a": "bar"
}
PUT b/_doc/1
{
"fieldname": "foo",
"foo_b": "bar"
}
Index:
PUT ab/_doc/1
{
"fieldname": "foo",
"foo_a": "bar",
"foo_b": "bar"
}
Logstash jdbc filter might help for that.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.