Hello,
I am trying to use sql query on some of the beats indexes and I have observed that some indices are showing up the queries propertly while others are throwing an error:
For example:
curl -XPOST "http://localhost:9200/_xpack/sql?format=txt" -H 'Content-Type: application/json' -d'
{
"query" : " DESCRIBE \"metricbeat-6.5.1-*\" "
}'
column | type | mapping
----------------------------------------------------------------------+---------------+---------------
@timestamp |TIMESTAMP |DATE
aerospike |STRUCT |OBJECT
aerospike.namespace |STRUCT |OBJECT
aerospike.namespace.client |STRUCT |OBJECT
aerospike.namespace.client.delete |STRUCT |OBJECT
aerospike.namespace.client.delete.error |BIGINT |LONG
while:
curl -XPOST "http://localhost:9200/_xpack/sql?format=txt" -H 'Content-Type: application/json' -d'
{
"query" : " DESCRIBE \"metricbeat-6.6.0-*\" "
}'
is just giving this error:
{
"error": {
"root_cause": [
{
"type": "sql_illegal_argument_exception",
"reason": "Cannot find field container; this is likely a bug"
}
],
"type": "sql_illegal_argument_exception",
"reason": "Cannot find field container; this is likely a bug"
},
"status": 500
}