Painless script not work

Jongz_Puangput · January 11, 2022, 12:15am

I try to add runtime field to the current index.

Name: store_hostname
Value:

if (doc['message.keyword'].size() == 0) return;
def source = doc['message.keyword'].value;
if (source != null) {
    Matcher matcher = /((thas1z|mypmfs)\d{4}.(my.foo.com|th-foo.org))/i.matcher(source);
    if (matcher.find()) {
        emit(matcher.group());
        return;
    }
}
emit('no data');

But it didn't work.. I also try to check with "Painless Lab" in the Kibana with below script and it success. so I don't know what is the issue.

def source = 'FooTokenService - Error Response from Foo Token : {"request":{"method":"POST","uri":"http://thas1z2911.th-foo.org:5558/api/Login","headers":{},"body":{"username":"bar","password":"..."}},"response":null,"error":"UnknownHostException : thas1z2911.th-foo.org: Try again","method":"com.foo.xxx.yyy.service.FooTokenService.requestAccessToken(...)"}';

if (source != null) {
    Matcher matcher = /((thas1z|mypmfs)\d{4}.(my.foo.com|th-foo.org))/i.matcher(source);
    if (matcher.find()) {
        return matcher.group();
    }
}
return ('no data');

system · February 8, 2022, 12:15am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.