- error message
Error that cannot be inserted into the index because the field type does not match when using Graylog.
- how-to
Change the field type to the index as shown below and then PUT. Applies to the next number from the current index.
curl -X PUT "<elasticsearch-endpoint>/<index-name>_1" -H 'Content-Type: application/json' -d'
- resolution
After updating field type, execute re-caculate index on Graylog Web Console.
curl -X PUT "<elasticsearch-endpoint>/<index-name>_1" -H 'Content-Type: application/json' -d'
{
"settings" : {
"number_of_shards" : 4,
"number_of_replicas" : 0
},
"mappings" : {
"properties" : {
"app_id" : {
"type" : "long"
},
"app_name" : {
"type" : "keyword"
},
"app_user_id" : {
"type" : "long"
},
"application" : {
"type" : "keyword"
},
"cache_hit" : {
"type" : "long"
},
"cache_id" : {
"type" : "keyword"
},
"cache_saved" : {
"type" : "long"
},
"cache_type" : {
"type" : "keyword"
},
"class" : {
"type" : "keyword"
},
"class_method" : {
"type" : "keyword"
},
"client_id" : {
"type" : "long"
},
"client_name" : {
"type" : "keyword"
},
"client_type" : {
"type" : "keyword"
},
"cron_expression" : {
"type" : "keyword"
},
"error_code" : {
"type" : "keyword"
},
"error_exception" : {
"type" : "keyword"
},
"error_message" : {
"type" : "keyword"
},
"error_root_exception" : {
"type" : "keyword"
},
"error_root_message" : {
"type" : "keyword"
},
"error_trace" : {
"type" : "keyword"
},
"execution_start_time" : {
"type" : "long"
},
"execution_time" : {
"type" : "long"
},
"full_message" : {
"type" : "text",
"analyzer" : "standard"
},
"full_profile" : {
"type" : "keyword"
},
"gl2_accounted_message_size" : {
"type" : "long"
},
"gl2_message_id" : {
"type" : "keyword"
},
"gl2_processing_timestamp" : {
"type" : "date",
"format" : "uuuu-MM-dd HH:mm:ss.SSS"
},
"gl2_receive_timestamp" : {
"type" : "date",
"format" : "uuuu-MM-dd HH:mm:ss.SSS"
},
"gl2_remote_ip" : {
"type" : "keyword"
},
"gl2_remote_port" : {
"type" : "long"
},
"gl2_source_input" : {
"type" : "keyword"
},
"gl2_source_node" : {
"type" : "keyword"
},
"guest_id" : {
"type" : "keyword"
},
"is_app_by_api_key_cache_saved" : {
"type" : "long"
},
"is_app_by_api_key_cache_used" : {
"type" : "long"
},
"is_app_cache_saved" : {
"type" : "long"
},
"is_client_by_api_key_cache_saved" : {
"type" : "long"
},
"is_client_by_api_key_cache_used" : {
"type" : "long"
},
"is_client_cache_saved" : {
"type" : "long"
},
"is_stream_key_cache_saved" : {
"type" : "long"
},
"is_user_by_username_cache_saved" : {
"type" : "long"
},
"is_user_by_username_cache_used" : {
"type" : "long"
},
"is_user_cache_saved" : {
"type" : "long"
},
"level" : {
"type" : "long"
},
"log_date_time_utc_iso8601" : {
"type" : "date"
},
"log_level" : {
"type" : "keyword"
},
"log_type" : {
"type" : "keyword"
},
"logger_name" : {
"type" : "keyword"
},
"main_profile" : {
"type" : "keyword"
},
"media_service_rest_api_base_url" : {
"type" : "keyword"
},
"media_service_rest_api_request_body" : {
"type" : "keyword"
},
"media_service_rest_api_request_method" : {
"type" : "keyword"
},
"media_service_rest_api_request_path" : {
"type" : "keyword"
},
"media_service_rest_api_response_body" : {
"type" : "keyword"
},
"media_service_rest_api_response_code" : {
"type" : "long"
},
"member_id" : {
"type" : "long"
},
"message" : {
"type" : "text",
"analyzer" : "standard"
},
"method" : {
"type" : "keyword"
},
"method_args" : {
"type" : "keyword"
},
"node_ip_address" : {
"type" : "keyword"
},
"raw_message" : {
"type" : "keyword"
},
"request_body" : {
"type" : "keyword"
},
"request_id" : {
"type" : "keyword"
},
"request_ip_address" : {
"type" : "keyword"
},
"request_method" : {
"type" : "keyword"
},
"request_path" : {
"type" : "keyword"
},
"request_platform" : {
"type" : "keyword"
},
"request_query_string" : {
"type" : "keyword"
},
"request_user_agent" : {
"type" : "keyword"
},
"response_status_code" : {
"type" : "long"
},
"schedule_id" : {
"type" : "keyword"
},
"source" : {
"type" : "text",
"analyzer" : "analyzer_keyword",
"fielddata" : true
},
"stream_key" : {
"type" : "keyword"
},
"stream_key_id" : {
"type" : "long"
},
"stream_key_live_url" : {
"type" : "keyword"
},
"stream_key_state" : {
"type" : "keyword"
},
"streams" : {
"type" : "keyword"
},
"thread_name" : {
"type" : "keyword"
},
"timestamp" : {
"type" : "date",
"format" : "uuuu-MM-dd HH:mm:ss.SSS"
},
"user_id" : {
"type" : "long"
},
"user_role" : {
"type" : "keyword"
},
"user_username" : {
"type" : "keyword"
},
"video_room_id" : {
"type" : "long"
},
"video_room_member_id" : {
"type" : "long"
},
"video_room_state" : {
"type" : "keyword"
}
}
}
}
'
- reference