hello, I am a newbie with elasticstack .
I am working with filebeats, logstash and elasticsearch 5.5. after creating an index I found out that the terms are duplicated .
example user and user.keyword
Any idea how to fix this thx.
If you don't want to do both fulltext search and aggregations on such fields, then you can remove one or the other in the mapping template.
-
useris used for fulltext search -
user.keywordis used for aggregations
Have a look at https://www.elastic.co/guide/en/elasticsearch/reference/5.5/indices-templates.html
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.