Right now we don’t send this property when the pattern is created. All the log fields, other than message, should be not_analysed and the filed added using Add Log Fields activity should have the option to toggle this property.
2 Likes
Agree. But there is a workaround using elasticsearch templates.
1 Like
We need not_analysed fields for our kibana reports. Because of missing feature Teodor mentioned we had to create these fields using elasticsearch templates created with curl.
It works and is ok because you do not add new fields for a process every day 
But of course i would prefer an update of activity addlogfields if possible.
1 Like
@b_s can you share with us the mapping command?
how are you dealing with the different indexes? Every month a new index is created, this is why I’m asking.
With Orchestrator 2016.2 we use
curl -XPUT --noproxy SERVER “http://SERVER:9200/_template/TEMPLATENAME*” --data “{"template":"INDEXNAME","order":1,"mappings":{"logEvent":{"properties":{"TransactionGuid":{"type":"string","index":"not_analyzed"},"TransactionMessage":{"type":"string","index":"not_analyzed"}}}}}”
to create fields TransactionGuid and TransactionMessage “not analysed”.
You can define TEMPLATENAME yourself. Use * in the end.
INDEXNAME is tenant name using lower case letters and without blanks.
Restarting elasticsearch is necessary.
For each new created index which name starts with TEMPLATENAME these defined fields are created automatically.
2 Likes
Anil_G
arjunshenoy
Yoichi
gibl.rpa
Hazem_Saleh
adishjain
yikwen.goo
trajkoskisara
Parvathy
DanRagh