0

I have created a mapping eventlog in Elasticsearch 5.1.1. I added it successfully however while adding data under it, I am getting Illegal_argument_exception with reason unknown setting [index._id]. My result from getting the indices is yellow open eventlog sX9BYIcOQLSKoJQcbn1uxg 5 1 0 0 795b 795b

My mapping is:

{
  "mappings" : {
    "_default_" : {
      "properties" : {
          "datetime" : {"type": "date"},
          "ip" : {"type": "ip"},
          "country" : { "type" : "keyword" },
          "state" : { "type" : "keyword" },
          "city" : { "type" : "keyword" }
         }
      }
   }
}

and I am adding the data using

curl -u elastic:changeme -XPUT 'http://localhost:8200/eventlog' -d '{"index":{"_id":1}}
{"datetime":"2016-03-31T12:10:11Z","ip":"100.40.135.29","country":"US","state":"NY","city":"Highland"}';

If I don't include the {"index":{"_id":1}} line, I get Illegal_argument_exception with reason unknown setting [index.apiKey].

khateeb
  • 5,265
  • 15
  • 58
  • 114

1 Answers1

0

The problem was arising with sending the data from the command line as a string. Keeping the data in a JSON file and sending it as binary solved it. The correct command is:

curl -u elastic:changeme -XPUT 'http://localhost:8200/eventlog/_bulk?pretty' --data-binary @eventlogs.json
khateeb
  • 5,265
  • 15
  • 58
  • 114