Painless forEach + Replace failing

ramiriskis · November 20, 2020, 4:05am

Hi guys,

I'm trying to write a script within watcher that applies a transform to each log before sending it through slack. My current script is like this:

        "script": {
          "source": """
                ctx.payload.hits.hits.forEach(hit -> hit._source.python_log_message = \a\.matcher(hit._source.python_log_message).replaceAll(''));
                return ctx.payload
                """,
          "lang": "painless"
        }

For some reason, it is erroring out, but i'm using the examples in the painless guide. Any reason why this would not work? It works perfectly if I, for example, do this:

        "script": {
          "source": """
                ctx.payload.hits.hits.forEach(hit -> hit._source.python_log_message =  'hello');
                return ctx.payload
                """,
          "lang": "painless"
        }

matw · November 20, 2020, 4:43am

Hi

Did you enable Regular expressions by using script.painless.regex.enabled: true in your elasticsearch.yml?

Best,
Matthias

ramiriskis · November 20, 2020, 7:03pm

Thanks, that worked! It would probably be a good feature to warn the user that the reason why regex operators are not working is because of disabled configs, not syntax errors.

system · December 18, 2020, 7:03pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Watcher - Transform - Painless - Regular Expression / Regex - Documentation Issue? Elasticsearch	3	1497	July 24, 2017
Watcher: transform Elasticsearch	10	2253	February 5, 2018
Does kibana watcher action supports painless script? Kibana painless	3	260	January 15, 2023
How to use regex in kibana painless script? Kibana	6	2360	February 11, 2019
Scripted Field / Painless script fails upon slash for string match Kibana painless	2	1067	January 13, 2020

Painless forEach + Replace failing

Related topics