Hi guys, Im new to ELK and have googled for a solution for this case. For example, in my index, one transaction has 3 records logged, they all has the same ofsID field. Then I want to update a field named durationTime in 1 record to the other 2 records based on that ofsID. The way I have found and used that is to use python code to get unique ofsID then map with durationTime then POST back to that record id using Elasticsearch API Update. Any ideas or solutions to do it faster? Thanks a lot.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.