Open
Description
If you search for an index using a wildcard pattern, and the pattern does not match any indices, you will receive a successful response with no results from the _search API, but an error from the _query API:
> GET /missing*/_search
{
"took": 0,
"timed_out": false,
"_shards": {
"total": 0,
"successful": 0,
"skipped": 0,
"failed": 0
},
"hits": {
"total": {
"value": 0,
"relation": "eq"
},
"max_score": 0.0,
"hits": []
}
}
> POST /_query
> {"query": "FROM missing*"}
{
"error": {
"root_cause": [
{
"type": "verification_exception",
"reason": "Found 1 problem\nline 1:1: Unknown index [missing*]"
}
],
"type": "verification_exception",
"reason": "Found 1 problem\nline 1:1: Unknown index [missing*]"
},
"status": 400
}
This can also be seen when searching a data stream's failure store if the failure store does not exist yet (e.g. there have been no failures logged yet).
> GET /my_ds-1::failures/_search
{
"took": 0,
"timed_out": false,
"_shards": {
"total": 0,
"successful": 0,
"skipped": 0,
"failed": 0
},
"hits": {
"total": {
"value": 0,
"relation": "eq"
},
"max_score": 0.0,
"hits": []
}
}
> POST /_query
> {"query": "FROM my_ds-1::failures"}
{
"error": {
"root_cause": [
{
"type": "verification_exception",
"reason": "Found 1 problem\nline 1:1: Unknown index [my_ds-1::failures]"
}
],
"type": "verification_exception",
"reason": "Found 1 problem\nline 1:1: Unknown index [my_ds-1::failures]"
},
"status": 400
}
Executing the query operation with error tracing enabled on the latest mainline version reveals the following stack traces:
org.elasticsearch.xpack.esql.VerificationException: Found 1 problem
line 1:1: Unknown index [missing*]
at org.elasticsearch.xpack.esql.analysis.Analyzer.verify(Analyzer.java:196)
at org.elasticsearch.xpack.esql.analysis.Analyzer.analyze(Analyzer.java:190)
at org.elasticsearch.xpack.esql.session.EsqlSession.lambda$analyzedPlan$12(EsqlSession.java:342)
at org.elasticsearch.xpack.esql.session.EsqlSession.analyzeAndMaybeRetry(EsqlSession.java:555)
at org.elasticsearch.xpack.esql.session.EsqlSession.lambda$analyzedPlan$21(EsqlSession.java:387)
at [email protected]/org.elasticsearch.action.ActionListenerImplementations$ResponseWrappingActionListener.onResponse(ActionListenerImplementations.java:261)
at [email protected]/org.elasticsearch.action.support.SubscribableListener$SuccessResult.complete(SubscribableListener.java:394)
at [email protected]/org.elasticsearch.action.support.SubscribableListener.tryComplete(SubscribableListener.java:314)
at [email protected]/org.elasticsearch.action.support.SubscribableListener.setResult(SubscribableListener.java:343)
at [email protected]/org.elasticsearch.action.support.SubscribableListener.onResponse(SubscribableListener.java:250)
at org.elasticsearch.xpack.esql.session.EsqlSession.lambda$analyzedPlan$20(EsqlSession.java:384)
at [email protected]/org.elasticsearch.action.ActionListenerImplementations$ResponseWrappingActionListener.onResponse(ActionListenerImplementations.java:261)
at [email protected]/org.elasticsearch.action.support.SubscribableListener$SuccessResult.complete(SubscribableListener.java:394)
at [email protected]/org.elasticsearch.action.support.SubscribableListener.tryComplete(SubscribableListener.java:314)
at [email protected]/org.elasticsearch.action.support.SubscribableListener.setResult(SubscribableListener.java:343)
at [email protected]/org.elasticsearch.action.support.SubscribableListener.onResponse(SubscribableListener.java:250)
at org.elasticsearch.xpack.esql.session.EsqlSession.lambda$preAnalyzeIndices$27(EsqlSession.java:489)
at [email protected]/org.elasticsearch.action.ActionListenerImplementations$DelegatingFailureActionListener.onResponse(ActionListenerImplementations.java:233)
at org.elasticsearch.xpack.esql.session.IndexResolver.lambda$resolveAsMergedMapping$0(IndexResolver.java:91)
at [email protected]/org.elasticsearch.action.ActionListenerImplementations$ResponseWrappingActionListener.onResponse(ActionListenerImplementations.java:261)
at [email protected]/org.elasticsearch.action.ActionListener$3.onResponse(ActionListener.java:413)
at [email protected]/org.elasticsearch.tasks.TaskManager$1.onResponse(TaskManager.java:203)
at [email protected]/org.elasticsearch.tasks.TaskManager$1.onResponse(TaskManager.java:197)
at [email protected]/org.elasticsearch.action.ActionListenerImplementations$RunBeforeActionListener.onResponse(ActionListenerImplementations.java:350)
at [email protected]/org.elasticsearch.action.ActionListener$3.onResponse(ActionListener.java:413)
at [email protected]/org.elasticsearch.action.support.ContextPreservingActionListener.onResponse(ContextPreservingActionListener.java:33)
at [email protected]/org.elasticsearch.action.ActionListenerImplementations$MappedActionListener.onResponse(ActionListenerImplementations.java:111)
at [email protected]/org.elasticsearch.action.fieldcaps.TransportFieldCapabilitiesAction.doExecuteForked(TransportFieldCapabilitiesAction.java:165)
at [email protected]/org.elasticsearch.action.fieldcaps.TransportFieldCapabilitiesAction.lambda$executeRequest$1(TransportFieldCapabilitiesAction.java:136)
at [email protected]/org.elasticsearch.action.ActionRunnable$4.doRun(ActionRunnable.java:101)
at [email protected]/org.elasticsearch.common.util.concurrent.AbstractRunnable.run(AbstractRunnable.java:27)
at [email protected]/org.elasticsearch.common.util.concurrent.TimedRunnable.doRun(TimedRunnable.java:34)
at [email protected]/org.elasticsearch.common.util.concurrent.ThreadContext$ContextPreservingAbstractRunnable.doRun(ThreadContext.java:1044)
at [email protected]/org.elasticsearch.common.util.concurrent.AbstractRunnable.run(AbstractRunnable.java:27)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1144)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:642)
at java.base/java.lang.Thread.run(Thread.java:1583)