Hi ES Team,
we are severity/protocol etc keywords for fields and while using them, none of queries work???
let's say,
severity:Error or protocol:tcp
if i rename protocol to protocol-name or something else then it works.
may i know why ?
are they reserved keywords ? if yes then kindly let me know the list of all reserved keywords .
Hi,
No reserved keywords. If you want to match keywords, you need to set the fields as not_analyzed in your mapping and then query the exact original value for a field using a term query.
i know but only concern is that why field name protocol is not working for any search query but if i rename protocol to something else then it works like a charm..
same as severity keyword
no clue what's going on ???
Do you have different document types within the same index that have a "protocol" or "severity" field?
Can you please post your mappings?
Thanks, Problem has been fixed.
Your were right.same fields having diff. data types suck 
tanguy,you are so smart !!! 
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.