What does one index work and other index throw an error using sql queries

zozo6015 · February 18, 2019, 8:29pm

Hello,

I am trying to use sql query on some of the beats indexes and I have observed that some indices are showing up the queries propertly while others are throwing an error:

For example:

curl -XPOST "http://localhost:9200/_xpack/sql?format=txt" -H 'Content-Type: application/json' -d'
{
  "query" : " DESCRIBE \"metricbeat-6.5.1-*\" "
}'

                                column                                |     type      |    mapping    
----------------------------------------------------------------------+---------------+---------------
@timestamp                                                            |TIMESTAMP      |DATE           
aerospike                                                             |STRUCT         |OBJECT         
aerospike.namespace                                                   |STRUCT         |OBJECT         
aerospike.namespace.client                                            |STRUCT         |OBJECT         
aerospike.namespace.client.delete                                     |STRUCT         |OBJECT         
aerospike.namespace.client.delete.error                               |BIGINT         |LONG

while:

curl -XPOST "http://localhost:9200/_xpack/sql?format=txt" -H 'Content-Type: application/json' -d'
{
  "query" : " DESCRIBE \"metricbeat-6.6.0-*\" "
}'

is just giving this error:

{
  "error": {
    "root_cause": [
      {
        "type": "sql_illegal_argument_exception",
        "reason": "Cannot find field container; this is likely a bug"
      }
    ],
    "type": "sql_illegal_argument_exception",
    "reason": "Cannot find field container; this is likely a bug"
  },
  "status": 500
}

Andrei_Stefan · February 18, 2019, 9:16pm

Hey there.
We had a somewhat related bug (that issue is here), but I am not sure if it's the same one.
You can check the mappings of your metricbeat-6.6.0-* indices and see if there are any alias type of fields in them. If there are, then there are high chances the issue is the same.

zozo6015 · February 18, 2019, 9:23pm

Yeah, there are few alias type of fields in the mapping of that index while the working indices has no alias.

Andrei_Stefan · February 20, 2019, 9:08am

Ok, then yes, very likely this is the issue you are encountering: https://github.com/elastic/elasticsearch/issues/37224. In the issue you can find labels with versions where the issue is fixed.

system · March 20, 2019, 9:08am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Elasticsearch sql query does not work when index name contains "-" Elasticsearch	6	3060	February 1, 2019
Elasticsearch sql is not working for some index Elasticsearch	3	724	May 2, 2020
Elasticsearch sql not accepting index with - in it Elasticsearch elastic-stack-sql	2	465	May 6, 2019
SQL Query errors Elasticsearch elastic-stack-sql	5	474	April 17, 2020
Failed to parse timestamp exception, (only) when using a new Elasticsearch index name Beats metricbeat	2	690	May 1, 2018

What does one index work and other index throw an error using sql queries

Related topics