Examine use of dynamic: "false"
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| OpenStack Searchlight |
New
|
Low
|
Unassigned | ||
Bug Description
I think in places we've been under a misapprehension that disabling dynamic mapping prevents fields from being visible in a document's source; this is not the case (see the bottom of https:/
If we don't want fields indexed at all, we need to strip them out of the source data before sending it to elasticsearch. There's already code to exclude fields based on admin_only_fields and this could be extended to strip data out of _source. Alternatively, if the intent behind not indexing fields was for securing admin fields that we might not predict, we can recommend that operators check that any sensitive data in their deployment is included in admin_only_fields.
We need to look at plugins where dynamic:false is specified, determine why it was done and make changes accordingly.
| Changed in searchlight: | |
| importance: | Undecided → Low |
