All geek questions in one place

Kibana: combining two documents into a table visualization

I have a data table visualization that displays fields from documents that have an email address and ID:

timestamp |         email       |  field_id
 Feb 5th       jdoe@gmail.com       xyz123

These fields refer to the same elastic document. However, I have other documents with additional information related to this unique identifier, and can display them as their own table:

timestamp |  field_id   |    key1   |   key2   |  key3
  Feb 6th     xyz123         val1       val2      val3

You can see the row in the first table, and in the second table - the field. I would like to know if it is possible to display a merged string with Kibana and / or elastic query:

 field_id   |     email      |    key1   |   key2   |  key3
   xyz123     jdoe@gmail.com      val1       val2      val3

This will be somewhat equivalent to joining a relationship database in SQL. If this is not possible in Kibana, is there perhaps a way to achieve this indirectly using a request using json-input with elastic and make a peculiar connection on the application side?

+4
source share
1 answer

It looks like you are trying to use your knowledge of relational databases with non-SQL databases such as Elasticsearch (ES). There are several options.

№1. , . , . ( ), ES. , ES , , / ES.

№2. types id/ id/keys, index. : a) id; b) , email ( id a), , Kibana id c) , keys ( , id email, , , )

№ 3. , , indices types. (, docs-email docs-keys),

№ 4. , . ES API REST . , , ( , ES ).

+4

Source: https://habr.com/ru/post/1627807/

More articles:


All Articles