The enrich processor helps add extra information to your documents automatically. It looks up data from another source and adds it to your data.
{
"enrich": {
"policy_name": "policy_name_here",
"field": "field_to_match",
"target_field": "field_to_add_data",
"max_matches": 1
}
}policy_name is the name of the enrich policy you created.
field is the field in your document to match with the enrich index.
{
"enrich": {
"policy_name": "user_policy",
"field": "user_id",
"target_field": "user_details"
}
}{
"enrich": {
"policy_name": "product_policy",
"field": "product_code",
"target_field": "product_info",
"max_matches": 1
}
}This example creates an enrich policy to add user name and email from the users index. Then it simulates adding this info to a document with user_id 123.
PUT /users/_doc/1 { "user_id": "123", "name": "John Doe", "email": "john@example.com" } PUT /_enrich/policy/user_policy { "match": { "indices": ["users"], "match_field": "user_id", "enrich_fields": ["name", "email"] } } POST /_enrich/policy/user_policy/_execute POST /_ingest/pipeline/_simulate { "pipeline": { "processors": [ { "enrich": { "policy_name": "user_policy", "field": "user_id", "target_field": "user_info" } } ] }, "docs": [ { "_source": { "user_id": "123" } } ] }
You must create and execute the enrich policy before using the enrich processor.
The enrich processor works during ingest, so it adds data as documents are indexed.
Use max_matches to control how many matches to add; default is 1.
The enrich processor adds extra data to documents by matching fields.
It uses enrich policies created from other data sources.
This helps keep your data enriched without changing original sources.