for some time now I have been trying to incorporate the Elastic Java 8.10 client into my code, I have a big ELK stack with a lot of data. I am trying to fetch continuously data from it, but I am encountering some inconsistent behavior.
My code is following the Elastic tutorial on their website and I have a simple function to get the data:
/**
* Method for querying a search in ELK using search_after.
* @param search_size
* @param index
* @param sort_options
* @param field
* @param value
* @return SearchResponse
* @throws IOException on failed search
*/
public final SearchResponse<JsonData> querySearch(final int search_size,
final String index, final List<SortOptions> sort_options,
final List<FieldValue> search_after, final String field,
final String value) throws IOException {
SearchResponse<JsonData> result = this.el_client.search(s -> s
.index(index)
.size(search_size)
.sort(sort_options)
.query(q -> q
.term(t -> t
.field(field)
.value(v -> v.stringValue(value))
)),
JsonData.class);
return result;
}
The strange thing is that it works fine for some time, but then I always receive the following error:
Error deserializing co.elastic.clients.elasticsearch.core.search.Hit: jakarta.json.stream.JsonParsingException: Illegal unquoted character ((CTRL-CHAR, code 10)): has to be escaped using backslash to be included in name
it is inconsistent as it happens at random entries retrieved from Elasticsearch, I looked the previous entries that were retrieved and it is never the same time window (i am using the @timestamp field to cross-reference which entries might provoke the error)
Here is a GitHubgist with the stack trace: gist:a28bd2e4b4732ed25837b4fdddf2468d · GitHub
At this point I have the feeling that the error is not from my code, but how the Elastic API sends the data and then the transformation from the raw JSON to JsonData. I tried using Object instead, but the same thing happens.
Is there a way to sanitize the JSON at the moment of fetching it or any way to correct this strange behavior?