Hi @ravenr,
I’d be glad to help you resolve your issues with Dremio and Elasticsearch.
Dremio should support the IP data type that Elastic provides. We expose Elastic IPs as strings in the dashboard as shown below:
Where the mapping of “my_index” is:
Let me know if you have a different mapping or if you use an older version of Elasticsearch (I tested this on Elasticsearch 5.5.2).
We also support nested objects and arrays, both through the UI as well as the SQL interface.
Working with an example array field “categories”, you can flatten this field through the UI steps below, or through the flatten command which is highlighted in the last picture.
You can also employ a similar process on nested objects and arrays:
Once again, let me know if you use different mappings, object structures, or Elasticsearch versions and I’d be happy to help you get up and running with Dremio!
Thanks,
Rohan