Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Logs+] Change default of ignore_malformed to true in logs-*-* data streams #95329

Merged
merged 9 commits into from
Apr 27, 2023
Merged

[Logs+] Change default of ignore_malformed to true in logs-*-* data streams #95329

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
5cb8d3d
[Logs+] Change default of ignore_malformed to true in logs-*-* data s…
eyalkoren Apr 18, 2023
21d1d74
Merge remote-tracking branch 'upstream/main' into logs-data-streams-i…
eyalkoren Apr 18, 2023
15c5f24
Remove redundant mapping
eyalkoren Apr 18, 2023
570560b
Add @timestamp mapping exception in logs-mappings.json
eyalkoren Apr 18, 2023
2887001
Update docs/changelog/95329.yaml
eyalkoren Apr 19, 2023
d81b782
Adjust changlog entry
eyalkoren Apr 19, 2023
0bdb3c2
Update docs/changelog/95329.yaml
eyalkoren Apr 19, 2023
92acc54
Apply review suggestions
eyalkoren Apr 19, 2023
f1de318
Merge remote-tracking branch 'eyalkoren/logs-data-streams-ignore_malf…
eyalkoren Apr 19, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions docs/changelog/95329.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
pr: 95329
summary: Change default of `ignore_malformed` to `true` in `logs-*-*` data streams
eyalkoren marked this conversation as resolved.
Show resolved Hide resolved
area: Data streams
type: enhancement
issues:
- 95224
108 changes: 108 additions & 0 deletions ...rc/yamlRestTest/resources/rest-api-spec/test/data_stream/200_logs_datastream_defaults.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,108 @@
---
Verify default logs-*-* settings and mappings:
- do:
indices.create_data_stream:
name: logs-generic-default
- is_true: acknowledged

- do:
indices.get_data_stream:
name: logs-generic-default
- set: { data_streams.0.indices.0.index_name: idx0name }

# default backing index settings should be "ignore_malformed": true
- do:
indices.get_settings:
index: $idx0name
- match: { .$idx0name.settings.index.mapping.ignore_malformed: "true" }

# add test field mapping
- do:
indices.put_mapping:
index: $idx0name
body:
properties:
numeric_field:
type: integer
- is_true: acknowledged

# default backing index mapping should contain an exception for the @timestamp field - "ignore_malformed": false
- do:
indices.get_mapping:
index: $idx0name
- match: { [email protected]_malformed: false }
- match: { .$idx0name.mappings.properties.numeric_field.type: "integer" }

- do:
index:
index: logs-generic-default
refresh: true
body:
'@timestamp': '2023-04-18'
message: 'valid'
numeric_field: 42
- match: {result: "created"}

- do:
search:
index: logs-generic-default
body:
query:
term:
message:
value: 'valid'
fields:
- field: 'numeric_field'
- length: { hits.hits: 1 }
- length: { hits.hits.0.fields: 1 }
- match: { hits.hits.0.fields.numeric_field.0: 42 }

- do:
index:
index: logs-generic-default
refresh: true
body:
'@timestamp': '2023-04-18'
message: 'number_as_string'
numeric_field: "42"
- match: {result: "created"}

- do:
eyalkoren marked this conversation as resolved.
Show resolved Hide resolved
search:
index: logs-generic-default
body:
query:
term:
message:
value: 'number_as_string'
fields:
- field: 'numeric_field'
- length: { hits.hits: 1 }
- length: { hits.hits.0.fields: 1 }
- match: { hits.hits.0.fields.numeric_field.0: 42 }

- do:
index:
index: logs-generic-default
refresh: true
body:
'@timestamp': '2023-04-18'
message: 'invalid'
numeric_field: "forty-two"
- match: {result: "created"}

- do:
search:
index: logs-generic-default
body:
query:
term:
message:
value: 'invalid'
fields:
- field: 'numeric_field'
- length: { hits.hits: 1 }
- length: { hits.hits.0._ignored: 1 }
- match: { hits.hits.0._ignored.0: 'numeric_field' }
- length: { hits.hits.0.ignored_field_values.numeric_field: 1 }
- match: { hits.hits.0.ignored_field_values.numeric_field.0: 'forty-two' }
3 changes: 2 additions & 1 deletion x-pack/plugin/core/src/main/resources/data-streams-mappings.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,8 @@
"date_detection": false,
"properties": {
"@timestamp": {
"type": "date"
"type": "date",
"ignore_malformed": false
},
"data_stream": {
"properties": {
Expand Down
4 changes: 4 additions & 0 deletions x-pack/plugin/core/src/main/resources/logs-mappings.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,10 @@
"template": {
"mappings": {
"properties": {
"@timestamp": {
"type": "date",
"ignore_malformed": false
eyalkoren marked this conversation as resolved.
Show resolved Hide resolved
},
"data_stream": {
"properties": {
"type": {
Expand Down
3 changes: 3 additions & 0 deletions x-pack/plugin/core/src/main/resources/logs-settings.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,9 @@
"codec": "best_compression",
"query": {
"default_field": ["message"]
},
"mapping": {
"ignore_malformed": true
}
}
}
Expand Down