在Elasticsearch中对 text 类型的字段进行聚合异常Fielddata is disabled，Set fielddata=true

1.问题: 

1. 在Elasticsearch中对 text 类型的字段进行聚合，报异常:

脚本调用: 

GET /logstash-jsy/nginx-access/_search 
{ 
  "aggs": { 
    "all_interests": { 
      "terms": { "field": "geoip.city_name" } 
    } 
  } 
}
    

    java.lang.IllegalArgumentException: Fielddata is disabled on text fields by default. Set fielddata=true on [geoip.city_name] in order to load fielddata in memory by uninverting the inverted index. Note that this can however use significant memory. Alternatively use a keyword field instead.
    at org.elasticsearch.index.mapper.TextFieldMapper$TextFieldType.fielddataBuilder(TextFieldMapper.java:336)

 

2. 原因, 默认 Elasticsearch 对 text 类型的字段是不可聚合的，基本类型可聚合

 

3. 解决: 

            a. 设置   Fielddata = true 
            
PUT logstash-jsy/_mapping/nginx-access/
{
  "properties": {
    "geoip.city_name": { 
      "type":     "text",
      "fielddata": true
    }
  }
}
            
            
            b. 如果 Fielddata = true 无法解决， 使用使用keyword
            
            
    查看你索引信息字段是否是这种多映射， req_url 字段既映射了  text , 又映射了 keyword
    
    
    "req_url": {

    "norms": false,
    "type": "text",
    "fields": {
        "keyword": {
            "type": "keyword"
        }
    }

}
如果是: 
        https://www.elastic.co/guide/en/elasticsearch/reference/5.4/fielddata.html#before-enabling-fielddata
    
    Use the my_field.keyword field for aggregations, sorting, or in scripts.
    即:  字段.keyword  
            
GET /logstash-jsy/nginx-access/_search 
{ 
  "aggs": { 
    "all_interests": { 
      "terms": { "field": "geoip.city_name.keyword" } 
    } 
  } 
}

TermsAggregationBuilder teamAgg = AggregationBuilders.terms("cityName_count")
                    .field("geoip.country_name.keyword").size(15);
searchResponse = elasticsearchConfig.getObject().prepareSearch(EsConstant.INDEX_NAME)
                    .setTypes(EsConstant.TYPE_NAME).setQuery(null).addAggregation(teamAgg).setSize(0).execute()
                    .actionGet();
            
            
            c. 如果还无法解决
            
                http://www.cnblogs.com/Creator/p/3722408.html

                https://elasticsearch.cn/question/2031?notification_id=14626&comment_unfold=question
    

 

如果是在程序里面，可以这样操作：

SearchRequestBuilder srb = client.prepareSearch(indexname).setTypes(typename).setSize(100);
srb.addAggregation(AggregationBuilders.terms("byfirst_name").field("first_name.keyword")
        .subAggregation(AggregationBuilders.max("maxage").field("age")));

SearchResponse sr = srb.execute().actionGet();

Terms agg = sr.getAggregations().get("byfirst_name");
for (Terms.Bucket entry : agg.getBuckets()) {
    String key = (String) entry.getKey(); // bucket key
    long docCount = entry.getDocCount(); // Doc count
    System.out.println("key " + key + " doc_count " + docCount);

    Max agg1 = entry.getAggregations().get("maxage");
    double value1 = agg1.getValue();
    System.out.println("minage:" + value1);
}