Querying elastic search DB using the index name - failing

ranganath_nangineni · February 14, 2018, 1:04pm

Hi

I have multiple indexes in my elastic search DB. I am trying to query one of the index among them but the query is failing and it is connecting to a differnt index rather than the one that i mentioned in the query.

The script is as below:

if [docname] {
elasticsearch {
hosts => ["XYZ.com:9200/test-myo-docs/data"]
query => 'ddocname:%{docname}'
fields => ["ddoctitle"]
#We can any number of fields

                   sort => "ddoctitle:desc"
    }

The log output:

":"query_shard_exception","reason":"No mapping found for [ddoctitle] in order to sort on","index_uuid":"kA0NmuwhSS2d9rf_gpozFQ","index":"token-prod-na-ucf-wls-2018.02.05"}},{"shard":0,"index":"token-prod-na-ucf-wls-2018.02.06","node":"hdokW_3gQFeowO0oKgOOrQ","reason":{"type":"query_shard_exception","reason":"No mapping found for [ddoctitle] in order to sort on","index_uuid":"OlkNtnNMTTmQk3xU9Tp-qw","index":"token-prod-na-ucf-wls-2018.02.06"}},{"shard":0,"index":"token-prod-na-ucf-wls-2018.02.07","node":"hdokW_3gQFeowO0oKgOOrQ","reason":{"type":"query_shard_exception","reason":"No mapping found for [ddoctitle] in order to sort on","index_uuid":"2pWHJ5HRRLWFiDkMuKQg3w","index":"token-prod-na-ucf-wls-2018.02.07"}},{"shard":0,"index":"token-prod-na-ucf-wls-2018.02.08","node":"ubu7iS9YQ3aUHB-_KWUqpw","reason":{"type":"query_shard_exception","reason":"No mapping found for [ddoctitle] in order to sort on","index_uuid":"JPf9oL4fSh-OwMzRMlxodA","index":"token-prod-na-ucf-wls-2018.02.08"}},{"shard":0,"index":"token-prod-na-ucf-wls-2018.02.09","node":"hdokW_3gQFeowO0oKgOOrQ","reason":{"type":"query_shard_exception","reason":"No mapping found for [ddoctitle] in order to sort on","index_uuid":"Keq5vxzyQWuyaVtm0t9kQQ","index":"token-prod-na-ucf-wls-2018.02.09"}},{"shard":0,"index":"token-prod-na-ucf-wls-2018.02.10","node":"hdokW_3gQFeowO0oKgOOrQ","reason":{"type":"query_shard_exception","reason":"No mapping found for [ddoctitle] in order to sort on","index_uuid":"0IaimkzuQGanvMsyXhIbIg","index":"token-prod-na-ucf-wls-2018.02.10"}}]},"status":400}>}

What is the reason behind this ? and how can I force the query to use the correct index?

dadoonet · February 14, 2018, 1:27pm

Please format your code using </> icon as explained in this guide and not the citation button. It will make your post more readable.

Or use markdown style like:

```
CODE
```

Please edit your post.

Is it a logstash "Script"? What is that?

ranganath_nangineni · February 14, 2018, 2:41pm

Yes. It is logstash script.

How can I write an exception for the no mapping.

Logstash log:
type"=>"query_shard_exception", "reason"=>"No mapping found for [@timestamp] in order to sort on"

dadoonet · February 14, 2018, 3:22pm

Is it the same question? You mentioned first something about ddoctitle.

I moved your question to #logstash

system · March 14, 2018, 3:22pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Not able to query using the elastic search filter Logstash	3	481	March 16, 2018
Error when using elasticsearch logstash filter Logstash	2	349	May 6, 2022
Elastic search query for multiple term usage Elasticsearch	1	686	May 20, 2019
Query shard exeption - all shards failed Elasticsearch	8	3519	August 4, 2018
Failed to query elasticsearch issue Logstash	3	1779	June 21, 2019

Querying elastic search DB using the index name - failing

Related topics