TypeError: no implicit conversion from nil to integer

Samvid_Kulkarni · December 14, 2018, 6:21pm

I am getting this error and I am not able to understand what it means. i am parsing CISCO ASA logs and I am getting this error. Below is my config file.

input {
    file {
        path => "/⁨Users⁩/samvidkulkarni⁩/Desktop⁩/input⁩/asa.txt"
        start_position => "beginning"
    }
}


filter {
    grok {
      match => ["message", "%{TIMESTAMP_ISO8601:timestamp}\|\|%{NUMBER:syslog_cat}\|\|%{NUMBER:syslog_severity}\|\|%{IP:client}\|\|%{GREEDYDATA:message}"]
    }

    grok {
      match => [
        "message", "%{CISCOFW106001}",
        "message", "%{CISCOFW106006_106007_106010}",
        "message", "%{CISCOFW106014}",
        "message", "%{CISCOFW106015}",
        "message", "%{CISCOFW106021}",
        "message", "%{CISCOFW106023}",
        "message", "%{CISCOFW106100}",
        "message", "%{CISCOFW110002}",
        "message", "%{CISCOFW302010}",
        "message", "%{CISCOFW302013_302014_302015_302016}",
        "message", "%{CISCOFW302020_302021}",
        "message", "%{CISCOFW305011}",
        "message", "%{CISCOFW313001_313004_313008}",
        "message", "%{CISCOFW313005}",
        "message", "%{CISCOFW402117}",
        "message", "%{CISCOFW402119}",
        "message", "%{CISCOFW419001}",
        "message", "%{CISCOFW419002}",
        "message", "%{CISCOFW500004}",
        "message", "%{CISCOFW602303_602304}",
        "message", "%{CISCOFW710001_710002_710003_710005_710006}",
        "message", "%{CISCOFW713172}",
        "message", "%{CISCOFW733100}"
      ]
    }
}

output {
    
        elasticsearch {
            hosts => ["localhost:9200"]
            manage_template => false
            index => "firewall-%{+YYYY.MM.dd}"
        }
}

Below is the output on the console.

[2018-12-14T10:19:09,739][INFO ][logstash.outputs.elasticsearch] New Elasticsearch output {:class=&gt;"LogStash::Outputs::ElasticSearch", :hosts=&gt;["//localhost:9200"]}

[2018-12-14T10:19:16,061][ERROR][logstash.pipeline ] Error registering plugin {:pipeline_id=&gt;"main", :plugin=&gt;"&lt;LogStash::Inputs::File start_position=&gt;\"beginning\", path=&gt;[\"/⁨Users⁩/samvidkulkarni⁩/Desktop⁩⁩/input⁩/asa.txt\"], id=&gt;\"0c79863f76c432a5cc655e9f6cee11085f24b17e364647302db720ad5936d743\", enable_metric=&gt;true, codec=&gt;&lt;LogStash::Codecs::Plain id=&gt;\"plain_a69fa7a5-5c17-4a0d-bf86-211f8db99412\", enable_metric=&gt;true, charset=&gt;\"UTF-8\"&gt;, stat_interval=&gt;1.0, discover_interval=&gt;15, sincedb_write_interval=&gt;15.0, delimiter=&gt;\"\\n\", close_older=&gt;3600.0, mode=&gt;\"tail\", file_completed_action=&gt;\"delete\", sincedb_clean_after=&gt;1209600.0, file_chunk_size=&gt;32768, file_chunk_count=&gt;140737488355327, file_sort_by=&gt;\"last_modified\", file_sort_direction=&gt;\"asc\"&gt;", :error=&gt;"no implicit conversion from nil to integer", :thread=&gt;"#&lt;Thread:0x62ce4127 run&gt;"}

[2018-12-14T10:19:16,764][ERROR][logstash.pipeline ] Pipeline aborted due to error {:pipeline_id=&gt;"main", :exception=&gt;#&lt;TypeError: no implicit conversion from nil to integer&gt;, :backtrace=&gt;["org/jruby/RubyString.java:2995:in `[]'", "uri:classloader:/META-INF/jruby.home/lib/ruby/stdlib/pathname.rb:44:in `chop_basename'", "uri:classloader:/META-INF/jruby.home/lib/ruby/stdlib/pathname.rb:240:in `relative?'", "/Users/samvidkulkarni/Downloads/logstash-6.5.3/vendor/bundle/jruby/2.3.0/gems/logstash-input-file-4.1.8/lib/logstash/inputs/file.rb:268:in `block in register'", "org/jruby/RubyArray.java:1734:in `each'", "/Users/samvidkulkarni/Downloads/logstash-6.5.3/vendor/bundle/jruby/2.3.0/gems/logstash-input-file-4.1.8/lib/logstash/inputs/file.rb:267:in `register'", "/Users/samvidkulkarni/Downloads/logstash-6.5.3/logstash-core/lib/logstash/pipeline.rb:242:in `register_plugin'", "/Users/samvidkulkarni/Downloads/logstash-6.5.3/logstash-core/lib/logstash/pipeline.rb:253:in `block in register_plugins'", "org/jruby/RubyArray.java:1734:in `each'", "/Users/samvidkulkarni/Downloads/logstash-6.5.3/logstash-core/lib/logstash/pipeline.rb:253:in `register_plugins'", "/Users/samvidkulkarni/Downloads/logstash-6.5.3/logstash-core/lib/logstash/pipeline.rb:396:in `start_inputs'", "/Users/samvidkulkarni/Downloads/logstash-6.5.3/logstash-core/lib/logstash/pipeline.rb:294:in `start_workers'", "/Users/samvidkulkarni/Downloads/logstash-6.5.3/logstash-core/lib/logstash/pipeline.rb:200:in `run'", "/Users/samvidkulkarni/Downloads/logstash-6.5.3/logstash-core/lib/logstash/pipeline.rb:160:in `block in start'"], :thread=&gt;"#&lt;Thread:0x62ce4127 run&gt;"}

[2018-12-14T10:19:16,804][ERROR][logstash.agent ] Failed to execute action {:id=&gt;:main, :action_type=&gt;LogStash::ConvergeResult::FailedAction, :message=&gt;"Could not execute action: PipelineAction::Create&lt;main&gt;, action_result: false", :backtrace=&gt;nil}

I dont understand what is this error. This same code was working in previous version of logstash is not woking for latest one. i have logstash 6.5.3. i did clean installation (not upgrade) yesterday.

system · January 11, 2019, 6:21pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.