Change a type in the index

WarriorHarb · April 12, 2019, 1:44pm

Hello,
I'm a beginner at ElasticSearch. I'm having a big confusion.
I have got log lines, i parsed them via grok filter. the Date type in index was string.
I asked how to chage it to date. i was told to reindex it. i read the documentations below:

I didn't get how exactly to manipulate the mapping ? shall i map every field and then parse logs via logstash's filter grok or what ?

spinscale · April 12, 2019, 5:45pm

The idea here is not to change the mapping of an existing index (as this is not possible like changing a string to a date), but create a new index fix a fixed mapping and then use the reindex API to reindex the existing content into that new index with the new mapping being applied.

Hope this makes more sense.

WarriorHarb · April 15, 2019, 10:03am

thanks @spinscale for your response.
I know how to create a new index, but how exactly could i set its mapping to make the date a "DATE" type and not a "STARING"?

spinscale · April 15, 2019, 7:13pm

See https://www.elastic.co/guide/en/elasticsearch/reference/7.0/date.html

system · May 13, 2019, 7:13pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Change the type in index from String to Date Elasticsearch	4	2617	May 9, 2019
Change the type of a field Elasticsearch	2	750	February 14, 2017
Updating the Mapping of an existing Index Kibana	3	287	September 19, 2019
Reindex string to date field exception Elasticsearch reindex	2	1362	February 11, 2021
Change type of mapping field without reindex? Elasticsearch painless , reindex	1	318	May 27, 2024

Change a type in the index

Related topics