Finding if a Field exist using painless inline

v6nerd · August 9, 2017, 10:31am

I'm trying to run the _update_by_query to create a new field that takes a value of an existing field and adds say 1 for example.

POST newlogstash/_update_by_query
{
"script": {
"lang": "painless",
"inline": "if (ctx._source.alert.severity > 2) {ctx._source.cmertic += 1;}"
}
}

but I get the following error, and my hunch is that because the field alert.severity is not always present. So how do I check if a field exist within the inline syntax

{
"error": {
"root_cause": [
{
"type": "script_exception",
"reason": "runtime error",
"script_stack": [
"if (ctx._source.alert.severity > 2) {",
" ^---- HERE"
],
"script": "if (ctx._source.alert.severity > 2) {ctx._source.cmertic += 1;}",
"lang": "painless"
}
],
"type": "script_exception",
"reason": "runtime error",
"script_stack": [
"if (ctx._source.alert.severity > 2) {",
" ^---- HERE"
],
"script": "if (ctx._source.alert.severity > 2) {ctx._source.cmertic += 1;}",
"lang": "painless",
"caused_by": {
"type": "null_pointer_exception",
"reason": null
}
},
"status": 500
}

s1monw · August 11, 2017, 9:41am

I am sure @Jack_Conradson can help you here but I'd guess you can do if (ctx._source.alter != null) or something similar for the other fields?

Jack_Conradson · August 11, 2017, 3:13pm

@s1monw is correct. You should be able to use his code snippet to check for fields this way using _source.

system · September 8, 2017, 3:13pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.