Develop Reference

Getting error action_request_validation_exception while mapping new field in already exist Elasticsearch index

I am trying to add a new field to my already exist Elasticsearch index but I'm getting the below exception:
{
"type": "action_request_validation_exception",
"reason": "Validation Failed: 1: mapping type is missing;"
}
I'm using the below API
PUT order/_mapping
{
"properties": {
"title": { "type": "text"}
}
}

You need to add the mapping type to the PUT request, and modify the request as :
PUT order/{{mapping-type}}/_mapping
{
"properties": {
"title": { "type": "text"}
}
}

Remove Join Relations in Elastic Search 7.x

Is it possible to remove relations in Elastic Search 7.x?
It says in the documentation that "It is possible to add a new relation to an existing join field." but it doesn't say anything about removing relations.
For example, when I put a mapping onto an index, it initially works.
PUT /randomindex/_mapping
{
"properties":{
"my_property": {
"type":"join",
"relations": {
"parent_1": "child_1"
}
}
}
}
Then, when I try to change it, I get an error:
PUT /randomindex/_mapping
{
"properties":{
"my_property": {
"type":"join",
"relations": {
"parent_2": "child_2"
}
}
}
}
This is the response:
{
"error": {
"root_cause": [
{
"type": "remote_transport_exception",
"reason": "[tiebreaker-0000000002][xxx.xxx.xxx.xxx:xxxxx][indices:admin/mapping/put]"
}
],
"type": "illegal_state_exception",
"reason": "invalid update for join field [my_property]:\n[cannot remove parent [parent_1] in join field [my_property]]"
},
"status": 500
}

How to create a mutlitype index in Elasticsearch?

In several pages in Elasticsearch documentation is mentioned how to query a multi-type index.
But I failed to create one at the first place.
Here is my minimal example (on a Elasticsearch 6.x server):
PUT /myindex
{
"settings" : {
"number_of_shards" : 1
}
}
PUT /myindex/people/123
{
"first name": "John",
"last name": "Doe"
}
PUT /myindex/dog/456
{
"name": "Rex"
}
Index creation and fist insert did well, but at the dog type insert attempt:
{
"error": {
"root_cause": [
{
"type": "illegal_argument_exception",
"reason": "Rejecting mapping update to [myindex] as the final mapping would have more than 1 type: [people, dog]"
}
],
"type": "illegal_argument_exception",
"reason": "Rejecting mapping update to [myindex] as the final mapping would have more than 1 type: [people, dog]"
},
"status": 400
}
But this is exactly what I'm trying to do, buddy! Having "more than 1 type" in my index.
Do you know what I have to change in my calls to achieve this?
Many thanks.

Multiple mapping types are not supported from Elastic 6.0.0 onwards. See breaking changes for details.
You can still effectively use multiple types by implementing your own custom type field.
For example:
{
"mappings": {
"doc": {
"properties": {
"type": {
"type": "keyword"
},
"first_name": {
"type": "text"
},
"last_name": {
"type": "text"
}
}
}
}
}
This is described in removal of types.

Can't update mapping in elasticsearch

When putting an anaylzer into mapping using PUT /job/_mapping/doc/ but get conflicts.
But there isn't a anaylzer in mappings.
PUT /job/_mapping/doc/
{
"properties":{
"title": {
"type": "text",
"analyzer":"ik_smart",
"search_analyzer":"ik_smart"
}
}
}
{
"error": {
"root_cause": [
{
"type": "illegal_argument_exception",
"reason": "Mapper for [title] conflicts with existing mapping in other types:\n[mapper [title] has different [analyzer]]"
}
],
"type": "illegal_argument_exception",
"reason": "Mapper for [title] conflicts with existing mapping in other types:\n[mapper [title] has different [analyzer]]"
},
"status": 400
}
"title": {
"type": "text",
"fields": {
"keyword": {
"type": "keyword",
"ignore_above": 256
}
},
"fielddata": true
},
The output config is like this.
output {
elasticsearch {
hosts => ["<Elasticsearch Hosts>"]
user => "<user>"
password => "<password>"
index => "<table>"
document_id => "%{<MySQL_PRIMARY_KEY>}"
}
}

You cant update mapping in elasticsearch, you can add mapping but not update mapping. Elasticsearch use mapping at the indexation time, that s why you cant update mapping of an existing field. Analyzer is part of the mapping, in fact if you don't specify one es a default one, analyzer tell elastic how to index the documents.
create a new index with your new mappings (include analyzer)
reindex your documents from your existing index to the new one (https://www.elastic.co/guide/en/elasticsearch/reference/current/docs-reindex.html)

Updating Mapping:
Once a document is indexed to an index i.e. the mapping is generated under a given type as like in our case Mapping of EmployeeCode, EmployeeName & isDevelopers' is generated under type "customtype", we cannot modify it afterwards. In case if we want to modify it, we need to delete the index first and then apply the modified mapping manually and then re-index the data. But If you want to add an a new property under a given type, then it is feasible. For example, our document attached our index "inkashyap-1002" under type "customtype" is as follows:
{
"inkashyap-1002": {
"mappings": {
"customtype": {
"properties": {
"EmployeeCode": {
"type": "long"
},
"isDeveloper": {
"type": "boolean"
},
"EmployeeName": {
"type": "text",
"fields": {
"keyword": {
"type": "keyword",
"ignore_above": 256
}
}
}
}
}
}
}
}
now let's add another property "Grade" :
curl -XPUT localhost:9200/inkashyap-1002(IndexName)/customtype(TypeName)/2 — d '{
"EmployeeName": "Vaibhav Kashyap",
"EmployeeCode": 13629,
"isDeveloper": true,
"Grade": 5
}'
Now hit the GET mapping API. In the results, you can see there is another field added called "Grade".
Common Error:
In the index "inkashyap-1002", so far we have indexed 2 documents. Both the documents had the same type for the field "EmployeeCode" and the type was "Long". Now let us try to index a document like below:
curl -XPUT localhost:9200/inkashyap-1002/customtype/3 -d '{
"EmployeeName": "Vaibhav Kashyap",
"EmployeeCode": "onethreesixtwonine",
"isDeveloper": true,
"Grade": 5
}'
Note that here the "EmployeeCode" is given in string type, which indicates that it is a string field. The response to the above request will be like below:
{
"error": {
"root_cause": [
{
"type": "mapper_parsing_exception",
"reason": "failedtoparse[
EmployeeCode
]"
}
],
"type": "mapper_parsing_exception",
"reason": "failedtoparse[
EmployeeCode
]",
"caused_by": {
"type": "number_format_exception",
"reason": "Forinputstring: \"onethreesixtwonine\""
}
},
"status": 400
}
In the above response, we can see the error "mapper_parsing_exception" on the field "EmployeeCode". This indicates that the expected field here was of another type and not string. In such cases re-index the document with the appropriate type

Update type of a field in Elasticsearch

I have a index in Elasticsearch, and want to update the type of a field named currentTimeStamp from long to date, so that Kibana can work on it. Following is my current output of _mapping (Other fields have been removed for brevity).
{
"myIndexname": {
"mappings": {
"myType": {
"properties": {
"currentTimeStamp": {
"type": "long"
}
}
}
}
}
}
When I try to run the following command for updating the type of the column to date type, I get the below mentioned error response. Any help on this is highly appreciated.
curl -X PUT myIndexname/_mapping/myType with the following payload
{
"myIndexname": {
"properties": {
"currentTimeStamp": {
"type": "date",
"format": "date_optional_time || epoch_millis"
}
}
}
}
Error response:
{
"error": {
"root_cause": [
{
"type": "mapper_parsing_exception",
"reason": "Root mapping definition has unsupported parameters: [optimizationframework : {properties={currentTimeStamp={type=date, format=date_optional_time || epoch_millis}}}]"
}
],
"type": "mapper_parsing_exception",
"reason": "Root mapping definition has unsupported parameters: [optimizationframework : {properties={currentTimeStamp={type=date, format=date_optional_time || epoch_millis}}}]"
},
"status": 400
}