-
Created by
Marco Grawunder on Feb 18, 2026
1 minute read
This feature needs to be installed and can be used to write or read JSON documents to an elastic search engine.
Elasticsearchwriter
Example
#PARSER PQL
#RUNQUERY
person = TOKEYVALUE(nexmark:person)
bid = TOKEYVALUE(nexmark:bid)
auction = TOKEYVALUE(nexmark:auction)
category = TOKEYVALUE(nexmark:category)
out1 = ELASTICSEARCHWRITER({hosts = [['192.168.2.153',9200]], INDEX = 'nexmark', BULKSIZE = 10, idAttribute="id"}, person)
out2 = ELASTICSEARCHWRITER({hosts = [['192.168.2.153',9200]], INDEX = 'nexmark', BULKSIZE = 10}, bid)
out3 = ELASTICSEARCHWRITER({hosts = [['192.168.2.153',9200]], INDEX = 'nexmark', BULKSIZE = 10, idAttribute="id"}, auction)
out4 = ELASTICSEARCHWRITER({hosts = [['192.168.2.153',9200]], INDEX = 'nexmark', BULKSIZE = 10, idAttribute="id"}, category)
ElasticsearchEnrich
Example
#PARSER PQL
#ADDQUERY
timer = TIMER({PERIOD = 1000, TIMEFROMSTART = true, SOURCE = 'source'})
map = MAP({EXPRESSIONS = [['counter()','id']]}, timer)
query = ELASTICSEARCHENRICH({hosts = [['192.168.2.153',9200]], INDEX = 'nexmark',
QUERY = `{
"query": {
"term": {
"id": "?"
}
}
}`,
attributes=["id"]
}, map)