Panw module (Palo Alto) ingest reports Object Object.getClass() error because receiver is null

srpine · August 12, 2020, 3:21pm

I am seeing errors for some of the TRAFFIC entries in the log.
Pipeline complains about:
Object Object.getClass() because receiver is null

After breaking down the csv I found the following fields 12,13,19 were null in cases where the pipeline failed.

These are mapped while parsing TRAFFIC to:
client.user.name: 12
source.user.name: 12
server.user.name: 13
destination.user.name: 13
panw.panos.destination.interface: 19
observer.ingress.interface.name: 19

Is this a know issue?
is there a solution for this?

Thanks in advance for your help.

shaunak · August 12, 2020, 6:36pm

(Moving post to SIEM category as that team at Elastic maintains this module)

system · September 9, 2020, 8:36pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Array of objects in pipeline Elasticsearch	2	598	June 24, 2020
Pipeline containsKey check fails when top-level object does not exist Elasticsearch ingest-pipeline	2	797	August 17, 2022
Mapper_parsing_exception when trying to append object to array Elasticsearch ingest-pipeline	6	806	August 18, 2021
Trouble Ingesting JSON Logstash	4	327	August 10, 2019
Error while executing painless script : Cannot invoke \"Object.getClass()\" because \"receiver\" is null". Same script is working fine in Dev tools Elasticsearch elastic-stack-alerting , painless	3	2956	March 15, 2022

Panw module (Palo Alto) ingest reports Object Object.getClass() error because receiver is null

Related topics