Unable to make a field aggregatable in kibana

sid_nikhil · December 22, 2018, 2:16pm

I did this in Dev tools
PUT /filebeat
{

      "mappings": {

        "_doc": {

          "properties": {

            "message": {

              "type":  "keyword"

            }

          }

        }

      }

    }

But still message field is not aggregatable
Capture_kibana_aggregation

If my field is message , do you mean i should use message.doc_values

This is my painless script to extract last word from message:
String parts = /-/.split(doc['message'].value);
return parts[-1]

Can you please explain with example . I am very new to ES/kibana.
Thanks

Topic		Replies	Views
How to make a field aggregatable in Kibana Kibana	13	45234	July 20, 2017
How to make a field aggregable in Kibana Kibana	5	405	July 14, 2018
Field not aggregatable! Kibana	2	774	September 12, 2018
Making text field aggregatable in kibana using elasticsearch Elasticsearch	2	3560	September 29, 2017
Searchable, aggregatable Kibana	5	4620	May 19, 2017

Unable to make a field aggregatable in kibana

Related Topics