Runtime fields let you create new fields on the fly when you search your data. You don't need to change your stored data.
{
"runtime_mappings": {
"field_name": {
"type": "keyword|long|double|date|boolean|ip",
"script": {
"source": "emit(your_script_here)"
}
}
}
}The runtime_mappings section defines new fields for the search request.
The script uses painless language to calculate the field's value.
full_name field by joining first and last names.{
"runtime_mappings": {
"full_name": {
"type": "keyword",
"script": {
"source": "emit(doc['first_name'].value + ' ' + doc['last_name'].value)"
}
}
}
}is_adult that is true if age is 18 or more.{
"runtime_mappings": {
"is_adult": {
"type": "boolean",
"script": {
"source": "emit(doc['age'].value >= 18)"
}
}
}
}price_with_tax by adding 20% tax to the price.{
"runtime_mappings": {
"price_with_tax": {
"type": "double",
"script": {
"source": "emit(doc['price'].value * 1.2)"
}
}
}
}This search query returns all documents. It adds a runtime field full_name by joining first_name and last_name. The results show only full_name and age.
{
"query": {
"match_all": {}
},
"runtime_mappings": {
"full_name": {
"type": "keyword",
"script": {
"source": "emit(doc['first_name'].value + ' ' + doc['last_name'].value)"
}
}
},
"_source": ["full_name", "age"]
}Runtime fields are calculated at search time, so they can slow down queries if complex.
They do not change your stored data or index mappings permanently.
Use runtime fields to experiment or add temporary fields without reindexing.
Runtime fields create new fields dynamically during search without changing stored data.
They use painless scripts to calculate values from existing fields.
Useful for quick calculations, testing, or adding fields without reindexing.