khateeb
Reputation: 5469
how to define an array of IPs in Elasticsearch?
I am using Elasticsearch 5.3. In an index, I want to define a field as an array of ip fields. How do I define this in a mapping?
Upvotes: 0
Views: 758
Answers (2)
Simon
Reputation: 175
The mapping for IPs can also be used for arrays of IPs.
PUT my_index
{
"mappings": {
"my_type": {
"properties": {
"ip_addr": {
"type": "ip"
}
}
}
}
}
Here you just index the IPs as an array.
PUT my_index/my_type/1
{
"ip_addr": ["192.168.1.1", "192.168.1.2"]
}
And then you can search them as usual.
GET my_index/_search
{
"query": {
"term": {
"ip_addr": "192.168.0.0/16"
}
}
}
The mapping for single entries and arrays is actually always the same in Elasticsearch (for primitive datatypes).
Upvotes: 4
groo
Reputation: 4448
You should use ip data type:
PUT my_index
{
"mappings": {
"my_type": {
"properties": {
"ip_addr": {
"type": "ip"
}
}
}
}
}
Official docs for ip data type
Upvotes: 2
Related Questions
- binding to specific ip address in elasticsearch 5
- How to query IP range in Elastic search?
- Elasticsearch make field an array
- How to aggregate over 'ip' field using script
- elasticsearch listen to multiple ips
- How to Map IP type
- Storing CIDR in IP type field in ElasticSearch
- Data type IP in ElasticSearch
- How to execute an IP Range Query/Filter
- ElasticSearch Assign Index to Server