Update indexed docs based on a value from a new doc still does not indexed

Marcelo_Lavor · September 30, 2020, 10:19am

Hello! I need to update several docs into an old index based on a value of new records still do not indexed? Is there any way to implement it with Logstash?

This table below describes my index with old docs. The yellow line would be a new doc arriving.

RULE: As far the latest entry is received (NEW "not indexed entry") with STATE=OFF, all respective older entries of Group 1 (FROM EXISTING INDEX) must be set COLOR=RED

Could you please let me know any example with logstash?

Badger · September 30, 2020, 1:11pm

You could use Update by Query and an http output that posts to elasticsearch. There is an example here.

system · October 28, 2020, 1:12pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Update indexed data based on a value from a new record still does not indexed Elasticsearch	3	339	October 28, 2020
How to index a new document using existing documents? Elasticsearch	3	661	January 30, 2018
Update values based on previous documents Elasticsearch	3	265	March 24, 2022
Reindexing with logstash Logstash	2	888	December 20, 2016
Update document on multiple indices Logstash	2	944	May 3, 2017

Update indexed docs based on a value from a new doc still does not indexed

Related topics