Hi I am a bit new in elastic and started in a project that has more than 800 indexes and I need to rename some old names to the new ones requested.
I already found some indexes that has parameters with values that need rename.
Is it possible to run a query on all indexes and retrieve one document per index?
What would be a good approach to rename the values in a index based on a list of current and desired values with 80 values to be renamed?
Thanks
Welcome to our community! 
Hey Mark,
Thanks for replying.
1 - The main goal is:
context: As some (80) of the access points from a provider model were renamed in our CMDB system, to get the data right, the monitoring tool will be renamed soon, the names in the existing indice's docs fields also needs to be updated so this doesn't impact the metrics in the dashboards.
In the code that feeds elastic I already identified 28 indexes to be renamed, but we have a lot of indices with ML and other stuff, that I want to be sure which indice's have docs that needs to be updated and the field names if different from the 3 ones I already identified.
2
"version" : {
"number" : "7.13.4",
"build_flavor" : "default",
"build_type" : "docker",
...
"build_snapshot" : false,
"lucene_version" : "8.8.2",
"minimum_wire_compatibility_version" : "6.8.0",
"minimum_index_compatibility_version" : "6.0.0-beta1"
}
No, not really, a synonyms for each of the values I need to rename could work best for the use case, but we would not like to change the queries or reindex the documents.
I managed to do an update_by_query script with elasticsearch_dsl.
response = ubq.script(source="pm_data_source.hw_alias' = params.new_ap_name",lang="painless",params={"new_ap_name": new_ap})\
.query("match", pm_data_source.hw_alias = old_ap ).execute()
Current problem is: in the query() I am unable to match fields inside an object. Do you happen to know how to do this?
I managed to solve this by using the _mapping api set like this:
GET */_mapping/field/<field-to-look-for>
can also use * with field name in case to match more then one fields with name patterns
It returns the mapping of all the indexes that contain the field name. Than you can import it on python or do some data cleaning with your IDE.
For the other issue in update by query I replied here: in this separate post while looking for help.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.