I had Cisco ASA logs coming in fine awhile ago (7.4.0). Then they just stopped, no parsing happens, and this error is everywhere:
[script] Too many dynamic script compilations within, max: [75/5m]; please use indexed, or scripts with parameters instead; this limit can be changed by the [script.max_compilations_rate] setting
I'm testing out an ELK cluster, all on 7.4.1 now, for beats also. Not sure what is up, I don't see anything in the debug log on the filebeat box itself.
Hi @JSkier,
can you set script.max_compilations_per_minute at elasticsearch to a value that might fit your needs (you will need to test, but sounds like some 20 should be an starting point)?
Thank you, I tried this:
PUT /_cluster/settings
{
"transient" : {
"script.max_compilations_per_minute" : 20
}
}
And get this error:
> "type": "illegal_argument_exception",
> "reason": "transient setting [script.max_compilations_per_minute], not recognized"
> },
> "status": 400
I also tried sending a persistent command. Should I be setting this on each config file of every indexer? Doesn't seem to like the cluster setting.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.