Suggestions about Elasticsearch implementation
Hi guys, I'm pretty a newbie in Elasticsearch world and I have to implement a new solution with 4 indixes in this way:
- basic_soap_log
- basic_rest_log
- soap_payload
- rest_payload
Consider that
- documents that will be stored inside payload indexes are pretty big
- I would like to have a correlation between basic_* docs and their related payload_* docs (basic_soap_log > soap_payload)
I need this kind of correlation (or similar) in order to let business search as faster as possible on basic logs and then obtain more details searching on related payloads.
This is an example:
Search on basic_soap_log
Time period: 12:00-13:00
docs _id: 1,2,3,4,5,6,7,8
Search on soap_paylod_log docs for _id: 3:
docs _id: 9,14,21
I have read about parent/child relationship but since it works inside the same index (with differet types) I don't think it is efficient and moreover I read that index types will be deprecated in future releases..
Thank you,
Andrea