kibana – How can I get information from 2 different ElasticSearch indexes?

The foreach processor is for ingest pipelines, meaning, stuff that gets done at indexing time. So it won’t help you when you are trying to gather the results.

In general, it’s not going to be possible to query another index (which might live on another shard) from within a query.

In some cases, you can use a join field. There are performance implications, it’s only recommended in specific cases.

If you are not in the join field use case, and you can restructure your data to use nested objects, it will be more performant than join fields.

Otherwise, you’ll be better off running multiple queries in the application code (maybe you can fetch all the “secondary” results using just one query, so you’d have 2 queries in total?)