Mapping modifications in index template breaks search queries

Simon_thepiman · August 1, 2013, 9:28am

Just wanted to say thanks again for your help David.

I've updated my gist with the working Elasticsearch index template that
takes into account the fact that additional fields created by grok in
Logstash are sent into Elasticsearch to be indexed in the '@fields' object

gist.github.com

https://gist.github.com/WPsites/4685598

logstash.index.json

{
 "template_logstash":{
    "template" : "logstash*",
    "settings" : {
        "number_of_shards" : 5,
        "index.cache.field.type" : "soft",
        "index.refresh_interval" : "5s",
        "index.store.compress.stored" : true,
        "index.query.default_field" : "message",
        "index.routing.allocation.total_shards_per_node" : 5

This file has been truncated. show original

--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

Topic		Replies	Views
Mapping modifications in index template breaks search queries Elasticsearch	1	334	July 6, 2017
Mapping and Dynamic Mapping Elasticsearch	14	755	July 6, 2017
"index":"no" does not work Elasticsearch	11	500	July 6, 2017
Index mapping via template file Elasticsearch	15	905	July 6, 2017
Query problem Elasticsearch	13	500	July 6, 2017

Mapping modifications in index template breaks search queries

Related topics