How to sort based on field in search ouput

lamp0chka · February 25, 2016, 11:49am

Hi,

It seems that .raw fields are not displayed in search results output (both discover and dashboard) and Kibana throws an error if I try to sort based on analyzed field.

For example I would like to sort by host, but this is not possible. If I use host.raw Kibana shows - instead of text. And if I use host field, it will throw "Field data loading is forbidden on host" error.

So what should I do? Disable analyze on fields that I want to sort? Or some other approach to sort logs?

lamp0chka · February 26, 2016, 8:37pm

So I ended up with writing my own templates for fields in ES. Works fine now.

https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-templates.html

Topic		Replies	Views
Sorting by .raw fields Kibana	5	1673	July 6, 2017
Issue with Kibana sorting- Caused by: SearchParseException nested: IllegalStateException[Field data loading is forbidden on severity] Kibana	4	641	April 20, 2018
Sort one field wrt another Elasticsearch	3	613	July 6, 2017
Disabling sorting an indexed field Kibana	2	1000	July 6, 2017
Unable to sort kibana UI based on time fields in few environments Kibana	8	2367	March 13, 2018

How to sort based on field in search ouput

Related topics