Search code examples
regexelasticsearchkibanaelastic-stack

Scripted field regex not working on multiple node

I would like to create a scripted field based on cs_uri_query column. I was using elasticsearch 7.5 until 7.6 when i created this regex formula. It was working fine in scripted field on index A. Now i've upgraded my elasticsearch into 7.7 and i've ingested index B to my elasticsearch. Index B and Index A have the same format (same everything in columns) so i would like to use the same regex formula. But unfortunately when i copy my index A scripted field into index B.

it returning this error on index B

{
 "root_cause": [
  {
   "type": "script_exception",
   "reason": "compile error",
   "script_stack": [
    "... = 0) return '';\r\ndef m = /(...(?=&custid))/.matche ...",
    "                             ^---- HERE"
   ],
   "script": "if (doc['cs_uri_query.keyword'].size() == 0) return '';\r\ndef m = /(...(?=&custid))/.matcher(doc['cs_uri_query.keyword'].value);\r\nif(m.find () )\r\n{return m.group(1) } \r\nelse { return \"No ID\" }",
   "lang": "painless",
   "position": {
    "offset": 65,
    "start": 40,
    "end": 90
   }
  }
 ],
 "type": "search_phase_execution_exception",
 "reason": "all shards failed",
 "phase": "query",
 "grouped": true,
 "failed_shards": [
  {
   "shard": 0,
   "index": "janmei",
   "node": "KVuYPKPBRIO-mIQu0lS3LQ",
   "reason": {
    "type": "script_exception",
    "reason": "compile error",
    "script_stack": [
     "... = 0) return '';\r\ndef m = /(...(?=&custid))/.matche ...",
     "                             ^---- HERE"
    ],
    "script": "if (doc['cs_uri_query.keyword'].size() == 0) return '';\r\ndef m = /(...(?=&custid))/.matcher(doc['cs_uri_query.keyword'].value);\r\nif(m.find () )\r\n{return m.group(1) } \r\nelse { return \"No ID\" }",
    "lang": "painless",
    "position": {
     "offset": 65,
     "start": 40,
     "end": 90
    },
    "caused_by": {
     "type": "illegal_state_exception",
     "reason": "Regexes are disabled. Set [script.painless.regex.enabled] to [true] in elasticsearch.yaml to allow them. Be careful though, regexes break out of Painless's protection against deep recursion and long loops."
    }
   }
  }
 ]
}

sample

id=000&custid=77777777&[email protected]

scripted field

if (doc['cs_uri_query.keyword'].size() == 0) return '';
def m = /(...(?=&custid))/.matcher(doc['cs_uri_query.keyword'].value);
if(m.find () )
{return m.group(1) } 
else { return "No ID" }

i was copy the exact same script from index A to index B. Can someone explain this to me? Thank you so much

Solution

  • As the error states,

    Regexes are disabled. Set [script.painless.regex.enabled] to [true] in elasticsearch.yaml to allow them. Be careful though, regexes break out of Painless's protection against deep recursion and long loops.

    You need to set

    script.painless.regex.enabled: true

    in your elasticsearch.yml fiel and restart ES.