No cached mapping for this field. Refresh field list
18 views
Skip to first unread message
Ricardo Barros
Jan 21, 2026, 1:22:21 PM (20 hours ago) Jan 21
to Wazuh | Mailing List
Hi,
I have some logs with fields showing the message:
“No cached mapping for this field. Refresh field list from the Dashboards management > index patterns page”
I already refreshed the field list, but the issue was not resolved.
I need to use these fields as filters in Discover, but with this warning I’m not able to.
Is there a way to fix this issue and make these fields usable as filters?
Thanks.
Message has been deleted
Md. Nazmur Sakib
Jan 21, 2026, 11:54:21 PM (10 hours ago) Jan 21
to Wazuh | Mailing List
Hi Ricardo,
I can see that you have mentioned that you have refreshed the index pattern. Just to be sure can you recheck if you have done it in a similar way.
Go to Dashboard management > Dashboards Management > Index patterns
And select wazuh-alerts-* template.
And click on the refresh icon. Similar to the screenshot. 
If you have multiple wazuh-alerts index templates, please refresh the other one as well.
Now go to your alerts on Discover and check if these fields are searchable or not.
Looking forward to your update.
Ricardo Barros
7:40 AM (2 hours ago) 7:40 AM
to Wazuh | Mailing List
I have already completed this activity, but I was not successful.
Reply all
Reply to author
Forward
0 new messages