Update document in elasticsearch

richagautam · October 1, 2018, 5:17am

Hi Team,

I have used logstash to parse the log file then using elasticsearch to save the index and kibana to visualize it.

My problem is that for a particular log file (Path) i am getting value of one filed only once and for rest of the rows, for same file(Path), i want to update that filed with the same value which i got in one of the record.

sample sql query:

update Path A set A.Filed = B.Filed
from Path A, Path B
where A.Path = B.Path and A.Filed = null.

Is it possible to update it in elasticsearch using kibana dev tool or how can i achieve this. Any sample query to handle such type of situation

Thanks

richagautam · October 3, 2018, 11:40am

Hi,

Any suggestion for above scenario.
Can i update it in logstash using ruby filter

warkolm · October 4, 2018, 3:44am

You cannot do this with a query, you would need to do it before you sent it to Elasticsearch for indexing.

richagautam · October 4, 2018, 5:05am

Thanks for the confirmation.

Can I update it in logstash using Ruby filter.

Thanks

system · November 1, 2018, 5:05am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Logstash Update a document in elasticsearch Logstash	11	25638	March 6, 2017
Update document while uploading mapping with logstash Logstash	1	273	August 30, 2019
Update single fileds in a given document already stored in ES? Logstash	1	322	March 12, 2018
Elasticsearch update the document without updating the existing field value Logstash	2	815	March 17, 2017
Update ElasticSearch existing documents with new fields Logstash	2	762	May 8, 2019

Update document in elasticsearch

Related topics