How to create index file which creates only type text and not type keyword.
Hi ,
my question is how to make all fields in audit index as text because audit-index file always holds text and keyword type for string fields.
so because of this that file size gets larger or double and also two names gets created for 1 field and break audit logs for mismatch fields mapping.
Thanks ,
saraswati
you can use the match mapping type within an index template, see https://www.elastic.co/guide/en/elasticsearch/reference/6.4/dynamic-templates.html#match-mapping-type
If this is an index created by one of the beats (auditbeat) I personally would try to not change the mapping unless absolutely necessary.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.