Reputation: 1
Elasticsearch: how to find a document by number in logs
I have an error in kibana "The length [2658823] of field [message] in doc[235892]/index[mylog-2023.02.10] exceeds the [index.highlight.max_analyzed_offset] limit [1000000]. To avoid this error, set the query parameter [max_analyzed_offset] to a value less than index setting [1000000] and this will tolerate long field values by truncating them."
I know how to deal with it (change "index.highlight.max_analyzed_offset" for an index, or set the query parameter), but I want to find the document with long field and examine it.
If i try to find it by id, i get this:
q:
GET mylog-2023.02.10/_search { "query": { "terms": { "_id": [ "235892" ] } } }
a:
{ "took" : 1, "timed_out" : false, "_shards" : { "total" : 1, "successful" : 1, "skipped" : 0, "failed" : 0 }, "hits" : { "total" : { "value" : 0, "relation" : "eq" }, "max_score" : null, "hits" : [ ] } }
q:
GET mylog-2023.02.10/_doc/235892
a:
{ "_index" : "mylog-2023.02.10", "_type" : "_doc", "_id" : "235892", "found" : false }
Maybe this number (doc[235892]) is not id? How can i find this document?
Upvotes: 0
Views: 231
Answers (1)
Reputation: 3261
try use Query IDs:
GET /_search
{
"query": {
"ids" : {
"values" : ["1", "4", "100"]
}
}
}
Upvotes: 0
Related Questions
- Converting coordinate ETRS89/LCC to WGS84 Lat Long
- Transform a triangle on a plane
- OpenGL convert coordinates of object to another coordinate system
- Math: converting coordinate system to other system
- How to convert longitude/latitude (WGS-84) to X / Y coordinates (Pixmap)
- Overview for converting local plane coordinates to WGS84
- Longitude Latitude (WGS84) to Polyconic Transformation Conversion
- Transform coordinates into another coordinate system
- transforming coordinates to a rotated coordinate system
- Find Polygon Coordinates WP7