个人中心
文章发布
退出
作者热门文章
- html - 出于某种原因,IE8 对我的 Sass 文件中继承的 html5 CSS 不友好?
- JMeter 在响应断言中使用 span 标签的问题
- html - 在 :hover and :active? 上具有不同效果的 CSS 动画
- html - 相对于居中的 html 内容固定的 CSS 重复背景?
26
4
我构建了一个最新的elk(v7.3.2)集群进行测试,但是当我完成构建并在kibana中添加索引后,我从kibana日志中得到了错误:[illegal_argument_exception] Fielddata is disabled on text fields by default. Set fielddata=true on [type] in order to load fielddata in memory by uninverting the inverted index. Note that this can however use significant memory. Alternyword field instead.我用谷歌搜索了一些解决方案,从网站https://www.elastic.co/guide/en/elasticsearch/reference/current/fielddata.html找出原因,然后按照网络上的说明将其更改为关键字,但是出现了以下错误。
{
"error": {
"root_cause": [
{
"type": "mapper_parsing_exception",
"reason": "Mapping definition for [@timestamp] has unsupported parameters: [fielddata : true]"
}
],
"type": "mapper_parsing_exception",
"reason": "Mapping definition for [@timestamp] has unsupported parameters: [fielddata : true]"
},
"status": 400
}
filebeat.inputs:
- type: log
tail_files: true
paths:
- /var/log/cyk213.log
fields:
appid: appid_cyk_filebeat_config_output.kafka_cyk_213
output.kafka:
hosts:
["10.201.5.213:9092","10.201.5.213:9093","10.201.5.216:9092","10.201.5.216:9093","10.201.5.217:9092","10.201.5.217:9093"]
topic: 'topic_cyk_filebeat_config_output.kafka_cyk_213'
partition.round_robin:
reachable_only: false
required_acks: 1
compression: gzip
max_message_bytes: 1000000
cluster.initial_master_nodes:
- es_cluster_node01
- es_cluster_node02
cluster.name: cyk_es_cluster
node.name: es_cluster_node03
node.master: false
node.data: true
path.data: /data/elasticsearch/data
path.logs: /data/elasticsearch/logs
bootstrap.memory_lock: false
bootstrap.system_call_filter: false
network.host: 0.0.0.0
http.port: 9200
transport.profiles.default.port: 9300
discovery.seed_hosts: ["es_cluster_node03","es_cluster_node02","es_cluster_node01"]
#discovery.zen.minimum_master_nodes: 2
discovery.zen.ping_timeout: 150s
discovery.zen.fd.ping_retries: 10
client.transport.ping_timeout: 60s
http.cors.enabled: true
http.cors.allow-origin: “*”
logger.org.elasticsearch.cluster.coordination: TRACE
server.port: 5601
server.host: "0.0.0.0"
elasticsearch.hosts: "http://10.201.5.217:9200"
"appid_cyk_filebeat_config_output.kafka_cyk_213-2019.10.16" : {
"aliases" : { },
"mappings" : {
"properties" : {
"@timestamp" : {
"type" : "date"
},
"@version" : {
"type" : "text",
"fields" : {
"keyword" : {
"type" : "keyword",
"ignore_above" : 256
}
}
},
"agent" : {
"properties" : {
"ephemeral_id" : {
"type" : "text",
"fields" : {
"keyword" : {
"type" : "keyword",
"ignore_above" : 256
}
}
},
"hostname" : {
"type" : "text",
"fields" : {
"keyword" : {
"type" : "keyword",
"ignore_above" : 256
}
}
},
"id" : {
"type" : "text",
"fields" : {
"keyword" : {
"type" : "keyword",
"ignore_above" : 256
}
}
},
"type" : {
"type" : "text",
"fields" : {
"keyword" : {
"type" : "keyword",
"ignore_above" : 256
}
}
},
"version" : {
"type" : "text",
"fields" : {
"keyword" : {
"type" : "keyword",
"ignore_above" : 256
}
}
}
}
},
"ecs" : {
"properties" : {
"version" : {
"type" : "text",
"fields" : {
"keyword" : {
"type" : "keyword",
"ignore_above" : 256
}
}
}
}
},
"fields" : {
"properties" : {
"appid" : {
"type" : "text",
"fields" : {
"keyword" : {
"type" : "keyword",
"ignore_above" : 256
}
}
}
}
},
"host" : {
"properties" : {
"name" : {
"type" : "text",
"fields" : {
"keyword" : {
"type" : "keyword",
"ignore_above" : 256
}
}
}
}
},
"input" : {
"properties" : {
"type" : {
"type" : "text",
"fields" : {
"keyword" : {
"type" : "keyword",
"ignore_above" : 256
}
}
}
}
},
"log" : {
"properties" : {
"file" : {
"properties" : {
"path" : {
"type" : "text",
"fields" : {
"keyword" : {
"type" : "keyword",
"ignore_above" : 256
}
}
}
}
},
"offset" : {
"type" : "long"
}
}
},
"message" : {
"type" : "text",
"fields" : {
"keyword" : {
"type" : "keyword",
"ignore_above" : 256
}
}
}
}
},
"settings" : {
"index" : {
"creation_date" : "1571204138225",
"number_of_shards" : "1",
"number_of_replicas" : "1",
"uuid" : "E_ulQ3NCQQaRTZDTpcO_DQ",
"version" : {
"created" : "7030299"
},
"provided_name" : "appid_cyk_filebeat_config_output.kafka_cyk_213-2019.10.16"
}
}
}
}
最佳答案
尝试为您的索引模式放入模板:
PUT _template/appid_cyk_filebeat_template
{
"index_patterns": [
"appid_cyk_filebeat_config_otuput.kafka*"
],
"settings": {
"index": {
"number_of_replicas": "1",
"number_of_shards": "1"
}
},
"mappings": {
"properties" : {
"@timestamp" : {
"type" : "date"
},
"@version" : {
"type" : "keyword"
},
"agent" : {
"properties" : {
"ephemeral_id" : {
"type" : "text"
},
"hostname" : {
"type" : "text"
},
"id" : {
"type" : "text"
},
"type" : {
"type" : "text"
},
"version" : {
"type" : "text"
}
}
},
"ecs" : {
"properties" : {
"version" : {
"type" : "text"
}
}
},
"fields" : {
"properties" : {
"appid" : {
"type" : "text"
}
}
},
"host" : {
"properties" : {
"name" : {
"type" : "text"
}
}
},
"input" : {
"properties" : {
"type" : {
"type" : "text"
}
}
},
"log" : {
"properties" : {
"file" : {
"properties" : {
"path" : {
"type" : "text"
}
}
},
"offset" : {
"type" : "long"
}
}
},
"message" : {
"type" : "text"
}
}
}
}
PUT appid_cyk_filebeat_config_otuput.kafka/_doc/1
{
"@timestamp" : "2019-09-10"
}
{
"_index" : "appid_cyk_filebeat_config_otuput.kafka",
"_type" : "_doc",
"_id" : "2",
"_version" : 1,
"result" : "created",
"_shards" : {
"total" : 2,
"successful" : 2,
"failed" : 0
},
"_seq_no" : 1,
"_primary_term" : 1
}
Beats /
Logstash或您使用的任何方式获取它,那么您的配置就不好了。
关于elasticsearch - kibana [illegal_argument_exception],我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/58407304/
26
4
0
我构建了一个最新的elk(v7.3.2)集群进行测试,但是当我完成构建并在kibana中添加索引后,我从kibana日志中得到了错误:[illegal_argument_exception] Fiel
升级到ES 7.9后,现在在搜索时出现此错误: {"error"=>{"root_cause"=>[{"type"=>"illegal_argument_exception", "reason"=>"
嗨,我正在执行对 Elasticsearch 实例的curl请求。但是我收到如下错误。 curl -X GET "localhost:57457/mep-reports*/_search?pretty
我是 Elasticsearch 的新手,正在尝试通过将 Twitter 数据导入 Elasticsearch 并在其上运行 Kibana 来对 Twitter 数据进行一些数据分析。将 Twitte
我正在尝试将远程 elasticsearch 2.4 集群中的随机文档样本重新索引到新的 elasticsearch 6.5 集群中。我正在尝试将此示例 ( https://www.elastic.c
我正在将文档加载到Elasticsearch的新实例中。我正在使用动态映射,并且已启用“numeric_detection”。 导致异常的字段是数字... { "processes": [
我正在使用Elasticsearch-rails和elasticsearch-model在RoR应用程序中使用Elasticsearch 6.2.4。 我的索引是runninng,没有任何错误。但是当
我是一名优秀的程序员,十分优秀!