Parsing_exception occured when i ues es with elastalert

isummersing · November 24, 2017, 7:22am

here is my exceptions:
RequestError: TransportError(400, u'parsing_exception', u'Unknown key for a START_OBJECT in [filter].')
WARNING:elasticsearch:GET http://127.0.0.1:9200/logstash-*/_search?_source_include=%40timestamp%2C*&ignore_unavailable=true&scroll=30s&size=10000 [status:400 request:0.007s]
ERROR:root:Error running query: TransportError(400, u'parsing_exception', u'no [query] registered for [filtered]')

and my rules:
filter:

query:
query_string:
query: "INFO"
I am new to elasticsearch and i dont new how to write the rule and fileter,

dadoonet · November 24, 2017, 7:36am

You are probably mixing versions. I mean that this version of the project you are using is not compatible with elasticsearch 5 and >.

isummersing · November 24, 2017, 7:46am

i see,thank you for your reply.
and i wonder where can i download lower version es or any other projests can email me when my logs
occur "ERROR" or "WARN" .

dadoonet · November 24, 2017, 7:59am

I don't know.
The official plugin supported by elastic to do that is x-pack (commercial). It's always up to date with all elastic stack versions.

system · December 22, 2017, 8:00am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Issue with logstash input elasticsearch plugin with ES 5.4 Elasticsearch	6	1310	June 8, 2017
Logstash raising json_parse_exception when input events are coming from elastisearch Logstash	2	957	August 19, 2017
Mapping parser exception Elasticsearch	6	1382	June 23, 2023
Problem elastic "document_parsing_exception" type field Elasticsearch elastic-stack-alerting	15	909	May 7, 2024
ParsingException[Unknown key for a START_OBJECT in [filter].] Elasticsearch	4	6399	November 15, 2017

Parsing_exception occured when i ues es with elastalert

Related topics