TechQA.

Elasticserach sql query with passing parameters so we prevent sql Injection

731 views Asked by At

I am using elastic search 7.6.2 version. Passing parameters to a query not working in kibana. When I am trying to add params query not working in kibana dev tool if we try with params query will work fine.

       POST /_sql?format=txt
                   {
                     "query": "SELECT count(*) as aa  from student where  st_category = ?",
                     "params": [
                       39
                     ]
                   }
       ```  
                     {
                     "error" : {
                       "root_cause" : [
                         {
                           "type" : "x_content_parse_exception",
                           "reason" : "[5:3] [params] Expected START_OBJECT but was: END_ARRAY"
                         }
                       ],
                       "type" : "x_content_parse_exception",
                       "reason" : "[5:3] [sql/query] failed to parse field [params]",
                       "caused_by" : {
                         "type" : "x_content_parse_exception",
                         "reason" : "[5:3] [params] Expected START_OBJECT but was: END_ARRAY"
                       }
                     },
                     "status" : 400
                   }
elasticsearch kibana elasticsearch-x-pack elasticsearch-sql
Original Q&A
1

There are 1 answers

1
Jaycreation On

Reproduced on a 7.6.0 cluster but not on my 7.9+ This functionality first appear on the 7.7. So, unfortunately you will have to upgrade your cluster if you want to use it.

Related Questions in ELASTICSEARCH

Related Questions in KIBANA

Related Questions in ELASTICSEARCH-X-PACK

Related Questions in ELASTICSEARCH-SQL

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions