Parse Failure [No mapping found for [@timestamp] in order to sort on

Hi,

I have been trying to use the following query to get data back, sorted by @timestamp:

var my_indices=["news","oct", "finance", "othernews","bing","reports","fda",
"research","twitter","facebook","indeed","discussion","craigslist","jobs", "newsfeed"];

       query = {
        size: 1000,
        from: 1,
        "query": {
            "indices": {
                "indices":my_indices,
                "query": {
                  "query_string": {
                    "query": event.term,
                     "default_operator":"OR"
                  }
                },
                "no_match_query": "none"
              }
        },
        "aggs": {
          "types": {
            "terms": {
              "field": "datasource",
              size:0
            }
          }
          
        },
        "sort" : [
            { "@timestamp" : {"order" : "desc"}
            }
        ]
    };

This is the error, I get though (I am using AWS ElasticSearch with ES version 1.5):

 {"took":324,"timed_out":false,"_shards":{"total":426,"successful":425,"failed":1,"failures":[{"index":".kibana-4","shard":0,"status":400,"reason":"SearchParseException[[.kibana-4][0]: query[MatchNoDocsQuery],from[1],size[1000]: Parse Failure [Failed to parse source [{\"size\":1000,\"from\":1,\"query\":{\"indices\":{\"indices\":[\"news\",\"oct\",\"finance\",\"othernews\",\"bing\",\"reports\",\"fda\",\"research\",\"twitter\",\"facebook\",\"indeed\",\"discussion\",\"craigslist\",\"jobs\"],\"query\":{\"query_string\":{\"query\":\"my search term\",\"default_operator\":\"OR\"}},\"no_match_query\":\"none\"}},\"aggs\":{\"types\":{\"terms\":{\"field\":\"datasource\",\"size\":0}}},\"sort\":[{\"@timestamp\":{\"order\":\"desc\"}}]}]]]; nested: SearchParseException[[.kibana-4][0]: query[MatchNoDocsQuery],from[1],size[1000]: Parse Failure [No mapping found for [@timestamp] in order to sort on]]; "}]},"hits":{"total":4177,"max_score":nu ...

Based on what was suggested on this post , I tired both of the following:

1. Adding "ignore_unmapped" : true
2. Adding "unmapped_type" : "long"

Both of which get rid of the error, but the results that come back are still not sorted.

I have some questions here:

1. ElasticSearch is trying to search within .kibana-4 index, while I have explicitly specified the indices it should search and set "no_match_query"to"none". How is that happening? Am I missing something?

2. Is there any other way for me to explicitly eliminate searching within Kibana index?

3. What else can I do to get this query to work?

I truly appreciate any help.
Thanks

Normally the list of indices you wish to query is passed as part of the search request (ie. outside of the JSON body).

I am not sure how to do so. Can you please elaborate a little bit more? I am using Node.js 4.3. Here is how I am sending the search request (using the query mentioned above):

var options={
        hostname: 'search-dev-compete-search-my_elastic_search_instance.us-east-1.es.amazonaws.com',
        port: 80,
        path: '/_search',
        method: 'POST',
        headers: {
            'accept': 'application/json'
        }
    };


const req = http.request(options, function(res){
     var body = '';
    res.setEncoding('utf8');
    res.on('data', function(chunk){
        body += chunk;
        
    });
    res.on('end', function(){
        // If we know it's JSON, parse it
        if (res.headers['content-type'] === 'application/json') {
            body = JSON.parse(body);
        }
        callback(null, body);
    });
});
req.on('error', callback);
req.write(JSON.stringify(query)); // This is the query mentioned in the first post
req.end();

};

Not used the JS client but the path is normally:
/[index names here....]/_search

Thank you very much

My issue was in the client side! The query is working fine, just by adding "ignore_unmapped" : true or "unmapped_type" : "long", the sorting will work.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.