Hi All ,
i have an artifact which is sending logs in elastic for about 5 months. (every month one index) . now all of a sudden business is saying one of the values in the old logs is wrong. say eg: the log field name is "average time " . now there is a work around , i can create scripted field and hide this old feild in my kibana visualization . now my scripted field will have the new value .
but i am looking a way where i can change the old value and kind of do some re-index thing . so that no scripted feild is involved. all index sizes are of few MBs in my case. more than 400 doc in every index.
any idea how to do it ?
Hello,
You can use the Reindex API. As you can see, that includes the ability to provide a script for updating the documents. An alternative to providing the script would be to set up an ingest pipeline configured with the rename processor.
I hope this suggestion is to change the field value of any of the individual log entry inside all the document. (Which are pertaining to old index ) against the option of creating a log field new entry.
Thank you for the suggestion. I will get back in couple of days to close this thread.meanwhile any more suggestions u wanna give pls welcome 
ah scripted field !! no , no scripted field. i have already scripted field.
Not scripted field, script processor in the ingest pipeline when you reindex.
still not tested , please give me some more time to test and close this thread.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.