I had Cisco ASA logs coming in fine awhile ago (7.4.0). Then they just stopped, no parsing happens, and this error is everywhere:
[script] Too many dynamic script compilations within, max: [75/5m]; please use indexed, or scripts with parameters instead; this limit can be changed by the [script.max_compilations_rate] setting
I'm testing out an ELK cluster, all on 7.4.1 now, for beats also. Not sure what is up, I don't see anything in the debug log on the filebeat box itself.
Hi @JSkier,
can you set script.max_compilations_per_minute at elasticsearch to a value that might fit your needs (you will need to test, but sounds like some 20 should be an starting point)?
Thank you, I tried this:
PUT /_cluster/settings
{
"transient" : {
"script.max_compilations_per_minute" : 20
}
}
And get this error:
> "type": "illegal_argument_exception",
> "reason": "transient setting [script.max_compilations_per_minute], not recognized"
> },
> "status": 400
I also tried sending a persistent command. Should I be setting this on each config file of every indexer? Doesn't seem to like the cluster setting.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.