Spartacus
Reputation: 442
Is there a way to have field level audit in elastic search?
I have an index with say 10 fields. These fields may get modified from time to time. Is there a way to add any field level timestamp, which can store the timestamp when it was last updated and also can be retrieved by api?
Thanks in advance.
Upvotes: 0
Views: 34
Answers (1)
Musab Dogan
Reputation: 3680
field level last update time audit
#push a sample doc
PUT my_index/_doc/1
{
"created_at": "2025-02-24T13:00:00Z",
"email": "[email protected]",
"name": "dogan",
"field_update_timestamps": {
"email": "2025-02-24T13:00:00Z",
"name": "2025-02-24T13:00:00Z"
}
}
#update the doc with `_update` API call
POST my_index/_update/1
{
"script": {
"source": """
if (!ctx._source.containsKey('field_update_timestamps')) {ctx._source.field_update_timestamps = [:]; }
for (entry in params.entrySet()) {
ctx._source[entry.key] = entry.value; ctx._source.field_update_timestamps[entry.key] =
new java.text.SimpleDateFormat('yyyy-MM-dd\'T\'HH:mm:ss\'Z\'').format(new java.util.Date());
}
""",
"lang": "painless",
"params": {
"name": "musab"
}
}
}
#check the result.
GET my_index/_search
You can check if the field updated by comparing
created_atfield andfield_update_timestamps.<fieldname>.
Upvotes: 2
Related Questions
- Elastic search 8.7 default field search not working as expected
- Spring data elastic search - Query - Full text search
- detect elastic search index last modified time
- Elastic search index lifecycle policy
- Elastic Search - Conditional field query if no match found for another field
- Elastic Search ttl (time to live) in the dynamic java mapping file - Spring data elastic search
- Elastic search versioning using last updated timestamp?
- Is there a way to remove the calculation of length norms for fields in elastic search?