This can be frustrating! i have googled this all my day without a solution.
I trying to parse grok field into ES and i have this message "This field is present in your elasticsearch mapping but not in any documents in the search results. You may still be able to visualize or search on it."
someone help out.
This is a Kibana related questions so you should post this question in the appropriate forum. Regarding the meaning of the message:
Kibana has a discovery function that tries to discover which fields are present in your collections. To do so it analyzes the first results and checks the fields that are present or missing in the top documents. One field in your mapping is not present in the first documents that show up in the discovery tab so it appears as a missing field. I don't think it causes any problem since as the message says you can still visualize or search on it.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.