Unable to make a field aggregatable in kibana

sid_nikhil · December 22, 2018, 2:16pm

I did this in Dev tools
PUT /filebeat
{

      "mappings": {

        "_doc": {

          "properties": {

            "message": {

              "type":  "keyword"

            }

          }

        }

      }

    }

But still message field is not aggregatable
Capture_kibana_aggregation

If my field is message , do you mean i should use message.doc_values

This is my painless script to extract last word from message:
String parts = /-/.split(doc['message'].value);
return parts[-1]

Can you please explain with example . I am very new to ES/kibana.
Thanks

Topic		Replies	Views
Unable to make a field aggregatable in kibana/ES Kibana	3	1492	February 8, 2019
How to make a field aggregatable in Kibana Kibana	13	45739	July 20, 2017
Painless script query giving error for "message" field and working fine for other fields in filebeats Kibana	4	996	January 23, 2019
How to make a field aggregable in Kibana Kibana	5	440	July 14, 2018
Mapping text field with keyword not aggregatable Elasticsearch	5	3665	February 1, 2017

Unable to make a field aggregatable in kibana

Related topics