Github user nickwallen commented on the issue:
https://github.com/apache/metron/pull/768
Thanks for the thoughts and links @justinleet and @iraghumitra .
> @iraghumitra: but the current search api doesn't support searching on
empty value ie we cannot fire a search query that says 'give me all rows where
host is empty'
Right. We would have to change the backend to do something like this.
https://www.elastic.co/guide/en/elasticsearch/reference/current/query-dsl-exists-query.html#_literal_missing_literal_query
> @iraghumitra: Do you think this is a must-have for this PR or can we
handle it in a follow-up PR ?
Based on the level of work to get this done, I think this is definitely a
separate effort. I will create a JIRA for this.
I will run up your latest code. It's looking really solid.
---
