How do I handle fields in elasticsearch that contain a '_'?
I am using a Mongo-Connector targeting elasticsearch. This works great for keeping elasticsearch up to date, but I have a problem with one of the fields because it contains an '_'. The data is being replicated/streamed from mongodb continually if I run a rename/reindex the new documents will start showing up with underscores again.
Kibana does not support underscores at the start of a field. What is the best practice for handling this?
I have filed an issue with elastic2-doc-manager for Mongo-Connector to support ingest nodes, but this feels like a much bigger issue with kibana all my attempts at fixing this issue using scripted fields and renaming the field have failed.
This seems like a huge problem. I see underscores in data everywhere, seems like a very poor decision on the side of the kibana team.
Kibana Error:
I have found some github referencese to this issue, but no work arounds.
- Closed Issue: fields starting with underscore ( _ ) doesn't show
- Never merged Pull request: Lift restriction of not allowing '_'-prefixed fields.
- Open Issue: Allow fields prefixed with _ (originally #4291)
Fields beginning with _ are reserved for use within Elasticsearch. Kibana does not support fields with _ currently, at least not yet. A request for this - https://github.com/elastic/kibana/issues/14856 is still open.
Until then if you would like to use the field in visualizations etc, I believe you need to rename it.
While you can't rename the field easily without using logstash or filebeat and Mongo-Connector doesn't support either of them you can instead use a scripted field as below to create a new filed and copy the _ field's value. That way you can use the new field to visualize etc. Add a new scripted field for ex. itemType with the below script and see if it works.
doc['_itemType.keyword'].value
Please note though that only keyword fields can be used like this, text type fields won't work. If your _itemType field is of type text, modify the mapping to include a sub field keyword of keyword type under _itemType and try the scripted field.
- Servlet.service() for servlet [dispatcherServlet] in context with path [] threw exception [Handler dispatch failed;
- How to connect to MongoDB with certificate using DataGrip?
- mongoDB Query Unwind issue
- How does Astro Close Database Connections?
- MongoDB is Forcibly Renaming a field called id in data to _id
- MongoDB bind_ip won't work unless set to 0.0.0.0
- proper way to return json format using node or express
- MongoDB limit find results
- Slice array in mongodb after $addToSet update
- Exception in monitor thread while connecting to server localhost:27017 while accessing MongoDB with Java
- How to efficiently store and retrieve data of a user MongoDB?
- Error : "Could not connect to any servers in your MongoDB Atlas cluster"
- Why does mongoose model's hasOwnProperty return false when property does exist?
- MONGODB_URI is undefined
- How to update the value of a nested field with dynamic name in MongoDB aggregation pipeline?
- MongoDb $filter with $or not working as expected
- Store/Sync Facebook Graph in a NoSQL (MongoDB)
- MongoDB - Compare two fields inside schema validator
- PySpark MongoDB :: java.lang.NoClassDefFoundError: com/mongodb/client/model/Collation
- Does mongoose findOne on model return a promise?
- Pymongo query with dates returns no results
- Mongoose runValidators: true is giving wrong validate error when findOneAndUpdate() is using
- MongoError: No transaction started
- populate a field where references can be from two different collections
- Sort and distinct in mongoose
- What is the default ordering of Mongo distinct method?
- I can't connect ASP.NET Web API with .NET Maui
- ASP.NET Core 8 Web API : JWT token always invalid
- Why is Javascript used in MongoDB and CouchDB instead of other languages such as Java and C++?
- No bean named 'mongoTemplate' available. Spring Boot + MongoDB