Hello,
I have an index "jmx_metrics-*" that contains JVM monitoring data from Jconsole.
Following it the mapping of index.
{
"jmx_metrics-2021.03" : {
"aliases" : { },
"mappings" : {
"properties" : {
"@timestamp" : {
"type" : "date"
},
"@version" : {
"type" : "text",
"fields" : {
"keyword" : {
"type" : "keyword",
"ignore_above" : 256
}
}
},
"JVM_Instance" : {
"type" : "text",
"fields" : {
"keyword" : {
"type" : "keyword",
"ignore_above" : 256
}
}
},
"heapMax" : {
"type" : "long"
},
"heapUsed" : {
"type" : "long"
},
"heap_max" : {
"type" : "text",
"fields" : {
"keyword" : {
"type" : "keyword",
"ignore_above" : 256
}
}
},
"heap_used" : {
"type" : "text",
"fields" : {
"keyword" : {
"type" : "keyword",
"ignore_above" : 256
}
}
},
"host" : {
"type" : "text",
"fields" : {
"keyword" : {
"type" : "keyword",
"ignore_above" : 256
}
}
},
"metric_path" : {
"type" : "text",
"fields" : {
"keyword" : {
"type" : "keyword",
"ignore_above" : 256
}
}
},
"metric_value_number" : {
"type" : "long"
},
"path" : {
"type" : "text",
"fields" : {
"keyword" : {
"type" : "keyword",
"ignore_above" : 256
}
}
},
"tags" : {
"type" : "text",
"fields" : {
"keyword" : {
"type" : "keyword",
"ignore_above" : 256
}
}
}
}
},
"settings" : {
"index" : {
"opendistro" : {
"index_state_management" : {
"policy_id" : "delete_policy"
}
},
"number_of_shards" : "1",
"provided_name" : "jmx_metrics-2021.03",
"creation_date" : "1614556822070",
"number_of_replicas" : "1",
"uuid" : "vYh1ADkwTVuj9Yj25TbUvw",
"version" : {
"created" : "7080099",
"upgraded" : "7100299"
}
}
}
}
}
Below is the query I am trying to write.
GET jmx_metrics-*/_search?size=0
{
"query": {
"bool": {
"filter": [
{
"terms": {
"metric_path.keyword": [
"jmx.Memory.HeapMemoryUsage.max",
"jmx.Memory.HeapMemoryUsage.used"
]
}
},
{
"range": {
"@timestamp": {
"gte": "now-15m",
"lte": "now"
}
}
}
]
}
},
"aggs": {
"jvm_instance": {
"terms": {
"field": "JVM_Instance.keyword",
"size": 4
},
"aggs": {
"heap_used": {
"top_hits": {
"size": 5,
"sort": [
{
"@timestamp": {
"order": "desc"
}
}
]
}
},
"filter_used" : {
"bucket_selector": {
"buckets_path": {
"heap_Used" : "***STUCK_HERE***"
},
"script": "params.heap_Used > 0",
"gap_policy": "skip"
}
},
"heap_max": {
"top_hits": {
"size": 5,
"sort": [
{
"@timestamp": {
"order": "desc"
}
}
]
}
}
}
}
},
"size": 0,
"stored_fields": [
"*"
],
"script_fields": {},
"docvalue_fields": [
{
"field": "@timestamp",
"format": "date_time"
}
]
}
In the above query, I want to access "heapUsed" field but I am not able to access it in bucket path.
Below is the response of the query.
{
"took" : 57,
"timed_out" : false,
"_shards" : {
"total" : 2,
"successful" : 1,
"skipped" : 0,
"failed" : 1,
"failures" : [
{
"shard" : 0,
"index" : "jmx_metrics-2021.02",
"node" : "zQkWWSBvR5KRl8yt8R0OnQ",
"reason" : {
"type" : "query_shard_exception",
"reason" : "No mapping found for [heapUsed] in order to sort on",
"index_uuid" : "GlySyr7dR7qck2xutTMDnA",
"index" : "jmx_metrics-2021.02"
}
}
]
},
"hits" : {
"total" : {
"value" : 240,
"relation" : "eq"
},
"max_score" : null,
"hits" : [ ]
},
"aggregations" : {
"jvm_instance" : {
"doc_count_error_upper_bound" : 0,
"sum_other_doc_count" : 0,
"buckets" : [
{
"key" : "Transaction",
"doc_count" : 60,
"heap_used" : {
"hits" : {
"total" : {
"value" : 60,
"relation" : "eq"
},
"max_score" : null,
"hits" : [
{
"_index" : "jmx_metrics-2021.03",
"_type" : "_doc",
"_id" : "Cu9BiHgB82vNnaCaGSaG",
"_score" : null,
"_source" : {
"@timestamp" : "2021-03-31T12:27:50.732Z",
"@version" : "1",
"host" : "1.1.1.1",
"type" : null,
"heapUsed" : 2947301544, **<--- I want to access this field in bucket path**
"JVM_Instance" : "Transaction",
"path" : "/etc/logstash/conf.d/jmx/Transaction",
"metric_value_number" : 2947301544,
"metric_path" : "jmx.Memory.HeapMemoryUsage.used",
"tags" : [
"jmx",
"Transaction"
]
},
"sort" : [
1617193670732,
2947301544
]
},
{
"_index" : "jmx_metrics-2021.03",
"_type" : "_doc",
"_id" : "Z-9BiHgB82vNnaCaGSaG",
"_score" : null,
"_source" : {
"@timestamp" : "2021-03-31T12:27:50.732Z",
"@version" : "1",
"host" : "1.1.1.1",
"type" : null,
"JVM_Instance" : "Transaction",
"heapMax" : 10468982784,
"path" : "/etc/logstash/conf.d/jmx/Transaction",
"metric_value_number" : 10468982784,
"metric_path" : "jmx.Memory.HeapMemoryUsage.max",
"tags" : [
"jmx",
"Transaction"
]
},
"sort" : [
1617193670732,
-9223372036854775808
]
},
{
"_index" : "jmx_metrics-2021.03",
"_type" : "_doc",
"_id" : "C-9BiHgB82vNnaCaGSaG",
"_score" : null,
"_source" : {
"@timestamp" : "2021-03-31T12:27:50.731Z",
"@version" : "1",
"host" : "1.1.1.1",
"type" : null,
"heapUsed" : 2947256488,
"JVM_Instance" : "Transaction",
"path" : "/etc/logstash/conf.d/jmx/Transaction",
"metric_value_number" : 2947256488,
"metric_path" : "jmx.Memory.HeapMemoryUsage.used",
"tags" : [
"jmx",
"Transaction"
]
},
"sort" : [
1617193670731,
2947256488
]
},
...