Defender_atp module error message

phager · June 8, 2023, 3:01pm

I have Filebeat configured with defender atp module and am seeing very few valid records coming into Elasticsearch. Most records contain the following

cannot access method/field [length] from a null def reference

Can anyone provide insight as to why I am seeing this?

Filebeat 7.17.0
Elasticsearch 8.8.0

phager · June 8, 2023, 3:43pm

Could this possibly due to strict json parsing being set to true by default?

strict_json_parsing

system · July 6, 2023, 5:44pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Defender_atp module error message Beats filebeat	1	287	December 28, 2022
Filebeat 7.17, error "cannot access method/field [size] from a null def reference" while trying to download IOCs from MISP Beats filebeat	0	175	May 10, 2024
Error retrieving logs when using Defender ATP (under Microsoft Module) Beats beats-module , filebeat	1	335	June 15, 2021
Filebeat 7.9.1 parsing http_json data Beats filebeat	10	1437	October 30, 2020
Object type vs Data type in Filebeat Beats filebeat	2	341	August 17, 2021

Defender_atp module error message

Related topics