Getting "no field found in the mapping" when creating a scripted field

mr_ph · August 25, 2023, 11:45am

Hi team,
I am using FortiGate integration in my ELK. So I need to create a new scripted fields for more visibility into that logs. Created a scripted field with the following condition.

if ( doc['fortinet.firewall.action'].value == "Add" && doc['fortinet.firewall.cfgpath'].value == "system.admin" ) { def new_field = doc.['fortinet.firewall.cfgobj'].value; }

after creating this field, the getting the error no field found in the mapping.

Added these fields into the component template mapping and also added in the index template.

Still it showing that "no field found in the mapping".
Is the script have any error or any error in the mapping in the templates. Double checked the field name and data types.
The index pattern is managed by fleet.

Thank you

system · September 22, 2023, 11:45am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Scripted field - "no field found" on field presence check Kibana	5	5738	May 21, 2020
Error related to scripted fields Kibana	9	4535	May 31, 2017
Failing scripted field in Elastic 7.4.2 Elasticsearch	3	667	December 3, 2019
Scripted Fields creation issue In Kibana Kibana	2	427	January 16, 2019
Scripts fields error Elastic 5.1 Elasticsearch	1	386	March 8, 2017

Getting "no field found in the mapping" when creating a scripted field

Related topics