Parsing_exception occured when i ues es with elastalert

isummersing · November 24, 2017, 7:22am

here is my exceptions:
RequestError: TransportError(400, u'parsing_exception', u'Unknown key for a START_OBJECT in [filter].')
WARNING:elasticsearch:GET http://127.0.0.1:9200/logstash-*/_search?_source_include=%40timestamp%2C*&ignore_unavailable=true&scroll=30s&size=10000 [status:400 request:0.007s]
ERROR:root:Error running query: TransportError(400, u'parsing_exception', u'no [query] registered for [filtered]')

and my rules:
filter:

query:
query_string:
query: "INFO"
I am new to elasticsearch and i dont new how to write the rule and fileter,

dadoonet · November 24, 2017, 7:36am

You are probably mixing versions. I mean that this version of the project you are using is not compatible with elasticsearch 5 and >.

isummersing · November 24, 2017, 7:46am

i see,thank you for your reply.
and i wonder where can i download lower version es or any other projests can email me when my logs
occur "ERROR" or "WARN" .

dadoonet · November 24, 2017, 7:59am

I don't know.
The official plugin supported by elastic to do that is x-pack (commercial). It's always up to date with all elastic stack versions.

Topic		Replies	Views
ElasticSearch filter plugin "Failed to parse query" Was Expecting TO Logstash	2	623	October 24, 2020
Compatibility problem Elasticsearch	2	424	February 2, 2017
Elasticsearch filter no longer working in 2.3.1 Logstash	6	2150	July 6, 2017
Filtered Query not working with Elasticsearch 1.3.0 Elasticsearch	2	544	July 6, 2017
Elasticsearch : query does not support [filter]]; Elasticsearch	4	11159	July 5, 2017

Parsing_exception occured when i ues es with elastalert

Related topics