Querying elastic search DB using the index name - failing

ranganath_nangineni · February 14, 2018, 1:04pm

Hi

I have multiple indexes in my elastic search DB. I am trying to query one of the index among them but the query is failing and it is connecting to a differnt index rather than the one that i mentioned in the query.

The script is as below:

if [docname] {
elasticsearch {
hosts => ["XYZ.com:9200/test-myo-docs/data"]
query => 'ddocname:%{docname}'
fields => ["ddoctitle"]
#We can any number of fields

                   sort => "ddoctitle:desc"
    }

The log output:

":"query_shard_exception","reason":"No mapping found for [ddoctitle] in order to sort on","index_uuid":"kA0NmuwhSS2d9rf_gpozFQ","index":"token-prod-na-ucf-wls-2018.02.05"}},{"shard":0,"index":"token-prod-na-ucf-wls-2018.02.06","node":"hdokW_3gQFeowO0oKgOOrQ","reason":{"type":"query_shard_exception","reason":"No mapping found for [ddoctitle] in order to sort on","index_uuid":"OlkNtnNMTTmQk3xU9Tp-qw","index":"token-prod-na-ucf-wls-2018.02.06"}},{"shard":0,"index":"token-prod-na-ucf-wls-2018.02.07","node":"hdokW_3gQFeowO0oKgOOrQ","reason":{"type":"query_shard_exception","reason":"No mapping found for [ddoctitle] in order to sort on","index_uuid":"2pWHJ5HRRLWFiDkMuKQg3w","index":"token-prod-na-ucf-wls-2018.02.07"}},{"shard":0,"index":"token-prod-na-ucf-wls-2018.02.08","node":"ubu7iS9YQ3aUHB-_KWUqpw","reason":{"type":"query_shard_exception","reason":"No mapping found for [ddoctitle] in order to sort on","index_uuid":"JPf9oL4fSh-OwMzRMlxodA","index":"token-prod-na-ucf-wls-2018.02.08"}},{"shard":0,"index":"token-prod-na-ucf-wls-2018.02.09","node":"hdokW_3gQFeowO0oKgOOrQ","reason":{"type":"query_shard_exception","reason":"No mapping found for [ddoctitle] in order to sort on","index_uuid":"Keq5vxzyQWuyaVtm0t9kQQ","index":"token-prod-na-ucf-wls-2018.02.09"}},{"shard":0,"index":"token-prod-na-ucf-wls-2018.02.10","node":"hdokW_3gQFeowO0oKgOOrQ","reason":{"type":"query_shard_exception","reason":"No mapping found for [ddoctitle] in order to sort on","index_uuid":"0IaimkzuQGanvMsyXhIbIg","index":"token-prod-na-ucf-wls-2018.02.10"}}]},"status":400}>}

What is the reason behind this ? and how can I force the query to use the correct index?

dadoonet · February 14, 2018, 1:27pm

Please format your code using </> icon as explained in this guide and not the citation button. It will make your post more readable.

Or use markdown style like:

```
CODE
```

Please edit your post.

Is it a logstash "Script"? What is that?

ranganath_nangineni · February 14, 2018, 2:41pm

Yes. It is logstash script.

How can I write an exception for the no mapping.

Logstash log:
type"=>"query_shard_exception", "reason"=>"No mapping found for [@timestamp] in order to sort on"

dadoonet · February 14, 2018, 3:22pm

Is it the same question? You mentioned first something about ddoctitle.

I moved your question to #logstash

system · March 14, 2018, 3:22pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Error when using elasticsearch logstash filter Logstash	2	348	May 6, 2022
Failed to query elasticsearch issue Logstash	3	1774	June 21, 2019
Elastic Search - Query multiple indices Elasticsearch	1	407	July 6, 2017
Querying Multiple Indexes (of different field mappings) causing Failed Shards Exception Kibana	4	2526	May 18, 2018
Get elastic shards failure upon search query across multiple indices (while creating indices) Elasticsearch	1	187	February 8, 2023

Querying elastic search DB using the index name - failing

Related Topics