Details
-
Bug
-
Status: Open
-
Minor
-
Resolution: Unresolved
-
None
-
None
-
None
Description
Lets say for audit, we configure an elasticsearch alias(rollover alias). And if there are 2 or more indices for an alias then audit API doesn't work. Because while fetching the records, ranger uses multi get request on an alias.
It results in below error:
Alias [alias-name] has more than one indices associated with it [[index-000002, index-000001]], can't execute a single index op
MultiGetRequest multiGetRequest = new MultiGetRequest();
for (SearchHit hit : hits) {
MultiGetRequest.Item item = new MultiGetRequest.Item(index, null, hit.getId());
item.fetchSourceContext(FetchSourceContext.FETCH_SOURCE);
multiGetRequest.add(item);
}
So there can be 2 possible approaches to resolve this:
- Approach 1(Quick and fast):
Use hit.getIndex() instead of index(in this case its has alias) for a MultiGetRequest.Item object.
So that all the documents can be get by id with its index only instead of alias.
- Approach 2(Change the MultiGet to search):
POST /_search{ "query": { "ids" : { "values" : ["id1", "id2"] } } }
This would be a recommended approach.
Correct me if I am wrong. If not, Can I pick this up and fix it? I have already fixed it in my local with approach 1 as a quick fix.
