Error message in aggregation fields: No Compatible Fields: The "test1" index pattern does not contain any of the following field types: number, boolean, date, ip or string
AM NOT GETTING ANY FIELDS FOR CHARTS. CHECKED HOW TO INDEX BUT THINK THE CURRENT CONFIRMATION IS CORRECT PER MY KNOWLEDGE. PLS HELP AS IF MY TEST POC IS SUCCESS THEN WE SUGGEST TO USE PROD
Below mentioned elasticsearch kibana index mapping details and logstash configuration
elasticsearch-2.3.2 kibana-4.5.1-windows index mappings
Sense editor
GET test1
{
"test1": {
"aliases": {},
"mappings": {
"visualization": {
"properties": {
"description": {
"type": "string"
},
"kibanaSavedObjectMeta": {
"properties": {
"searchSourceJSON": {
"type": "string"
}
}
},
"savedSearchId": {
"type": "string"
},
"title": {
"type": "string"
},
"uiStateJSON": {
"type": "string"
},
"version": {
"type": "integer"
},
"visState": {
"type": "string"
}
}
},
"config": {
"properties": {
"buildNum": {
"type": "long"
},
"defaultIndex": {
"type": "string"
}
}
},
"index-pattern": {
"properties": {
"fieldFormatMap": {
"type": "string"
},
"fields": {
"type": "string"
},
"intervalName": {
"type": "string"
},
"notExpandable": {
"type": "boolean"
},
"timeFieldName": {
"type": "string"
},
"title": {
"type": "string"
}
}
},
"logs": {
"properties": {
"@timestamp": {
"type": "date",
"format": "strict_date_optional_time||epoch_millis"
},
"@version": {
"type": "string"
},
"host": {
"type": "string"
},
"message": {
"type": "string"
},
"nbr1": {
"type": "long"
},
"nbr2": {
"type": "long"
},
"nbr3": {
"type": "long"
},
"path": {
"type": "string"
}
}
}
},
"settings": {
"index": {
"creation_date": "1464871970804",
"number_of_shards": "5",
"number_of_replicas": "1",
"uuid": "H699gIDJRaKcZNMEjYNokg",
"version": {
"created": "2030299"
}
}
},
"warmers": {}
}
}
logstash-2.3.2
Test log used
1 11 111 2015-12-01 11:10:05
2 22 222 2015-12-01 11:10:06
3 33 333 2015-12-01 11:10:07
4 44 444 2015-12-01 11:10:08
input {
file {
path => "D:/BEEP/BEEP_Config/log/*1beeplog1.log"
start_position => "beginning"
sincedb_path => "D:/BEEP/tempfile/.test.log.sincedb"
codec => multiline {
pattern => "^\s"
what => "previous"
}
}
}
filter {
grok {
match => [ "message", "%{NUMBER:nbr1:int} %{NUMBER:nbr2:int} %{NUMBER:nbr3:int}" ]
}
date {
locale => "en"
match => ["mytimestamp", "YYYY-MM-dd HH:mm:ss"]
target => "@timestamp"
}
}
output {
elasticsearch {
index => "test1"
hosts => [ "localhost"]
}
stdout{
codec => rubydebug
}
}
io/console not supported; tty will not be manipulated
Settings: Default pipeline workers: 4
←[31mConnection refused: connect {:class=>"Manticore::SocketException", :level=>:error}←[0m
Pipeline main started
{
"@timestamp" => "2016-06-02T12:52:37.467Z",
"message" => "1 11 111 2015-12-01 11:10:05\r",
"@version" => "1",
"path" => "D:/BEEP/BEEP_Config/log/JSRR_100_20160322_1beeplog_jsrr1.log",
"host" => "CHNMCT114536L",
"nbr1" => 1,
"nbr2" => 11,
"nbr3" => 111
}
{
"@timestamp" => "2016-06-02T12:52:45.054Z",
"message" => "2 22 222 2015-12-01 11:10:06\r",
"@version" => "1",
"path" => "D:/BEEP/BEEP_Config/log/JSRR_100_20160322_1beeplog_jsrr1.log",
"host" => "CHNMCT114536L",
"nbr1" => 2,
"nbr2" => 22,
"nbr3" => 222
}
{
"@timestamp" => "2016-06-02T12:52:45.055Z",
"message" => "3 33 333 2015-12-01 11:10:07\r",
"@version" => "1",
"path" => "D:/BEEP/BEEP_Config/log/JSRR_100_20160322_1beeplog_jsrr1.log",
"host" => "CHNMCT114536L",
"nbr1" => 3,
"nbr2" => 33,
"nbr3" => 333
}