Hello,
I recently updated our security dashboard Elasticsearch based version to latest 5.63 , since then we having issues in some of our visualization , i can see its related to “Fielddata is disabled on text fields” , any suggestion for fixing it, or another way to query same result?
Thanks
{
"root_cause": [
{
"type": "illegal_argument_exception",
"reason": "Fielddata is disabled on text fields by default. Set fielddata=true on [SrcIp] in order to load fielddata in memory by uninverting the inverted index. Note that this can however use significant memory. Alternatively use a keyword field instead."
}
],
"type": "search_phase_execution_exception",
"reason": "all shards failed",
"phase": "query",
"grouped": true,
"failed_shards": [
{
"shard": 0,
"index": "ids_sensors",
"node": "pYd_mhyPTvO01n9wGK1pLQ",
"reason": {
"type": "illegal_argument_exception",
"reason": "Fielddata is disabled on text fields by default. Set fielddata=true on [SrcIp] in order to load fielddata in memory by uninverting the inverted index. Note that this can however use significant memory. Alternatively use a keyword field instead."
}
}
]
}