Field name [hello.world] cannot contain '.' error, when registering query with Percolate on ES 2.2.2

Elastic Stack Elasticsearch
1

Hi,

I am trying to save a query in the Elasticsearch percolator, but it throws this error "Field name [hello.world] cannot contain '.'".

The mapping is:
{
"hello": {
"properties":{
"world":{
"type":"string"
}
}
}
}

The query I am trying to save is
{
"query":{
"terms":{
"hello.world":["me"]
}
}
}

Can someone please help me?

1 Like
2

Hi Sahil,

Dots in field names was disallowed in elasticsearch version 2.0, so unfortunately this will probably require you to change your field name to something without dots like an underscore or to use a nested field mapping instead.

See here for the change detail in 2.0: https://www.elastic.co/guide/en/elasticsearch/reference/2.0/breaking_20_mapping_changes.html#_field_names_may_not_contain_dots

If you're using logstash there's a de_dot filter to help out converting dots to either underscores or nested fields, elaborated on in this blog post:

With this filter, you can probably use logstash to reindex your data in 1.x cluster to a mapping without dots in field names before upgrading to 2.x

3

Hey! I just ran into this, too. Same kind of sub-field situation.

I understand that dots were disallowed because they could be confused with fields. But this is a field, right? "world" is a field of "hello", so the dot syntax should make sense to Elasticsearch?

tldr: change terms to term

I tried this query:

{
  "query": {
    "term": {
      "hello.world": "foo"
    }
  }
}

and it worked,

{
  "took": 8,
  "timed_out": false,
  "_shards": {
    "total": 4,
    "successful": 4,
    "failed": 0
  },
  "hits": {
    "total": 1,
    "max_score": 0.30685282,
    "hits": [
      {
        "_index": "ave_perc_test",
        "_type": "apt_type_1",
        "_id": "1",
        "_score": 0.30685282,
        "_source": {
          "hello": {
            "world": "foo"
          }
        }
      }
    ]
  }
}

So then I tried that as a percolator:

curl -XPUT 'https://host/ave_perc_test/.percolator/1' -d '{
  "query": {
    "term": {
      "hello.world": "foo"
    }
  }
}'

and got

{
  "_index": "ave_perc_test",
  "_type": ".percolator",
  "_id": "1",
  "_version": 1,
  "_shards": {
    "total": 3,
    "successful": 3,
    "failed": 0
  },
  "created": true
}

Awesome! Then I percolated the doc and got:

{
  "took": 52,
  "_shards": {
    "total": 4,
    "successful": 4,
    "failed": 0
  },
  "total": 1,
  "matches": [
    {
      "_index": "ave_perc_test",
      "_id": "1"
    }
  ]
}

So, there ya go. Just use term if you have a subfield?

-ave

1 Like
4

I have the same issue, in my case I am trying to acces a subfield (.raw) previously mapped:

{
   "query":{
      "query_string":{
         "query":"\"foo\"",
         "default_operator":"AND"
      }
   },
   "filter":{
      "bool":{
         "must":[
            {
               "range":{
                  "date":{
                     "lt":"2016-04-30",
                     "gte":"1950-01-01"
                  }
               }
            },
            {
               "term":{
                  "state.raw":"foo"
               }
            }
         ],
         "should":{ }
      }
   }
}

And I get the same error as @sahilc2200

relevant mapping:

"state": {
        "type": "string",
        "fields": {
          "state": {
            "type": "string"
          },
          "raw": {
            "type": "string",
            "index": "not_analyzed"
          }
        }
      },