Hello!
Working with this post:
https://www.elastic.co/blog/analyzing-network-packets-with-wireshark-elasticsearch-and-kibana
and it appears that with 7.0 the template JSON file isn't supported anymore... and I'm at a loss.
Every single time I try to post it, I get this error message..
{
"error": {
"root_cause": [
{
"type": "mapper_parsing_exception",
"reason": "Root mapping definition has unsupported parameters: [pcap_file : {dynamic=false, properties={layers={properties={udp={properties={udp_udp_srcport={type=integer}, udp_udp_dstport={type=integer}}}, ip={properties={ip_ip_src={type=ip}, ip_ip_dst={type=ip}}}, frame={properties={frame_frame_len={type=long}, frame_frame_protocols={type=keyword}}}}}, timestamp={type=date}}}]"
}
],
"type": "mapper_parsing_exception",
"reason": "Failed to parse mapping [_doc]: Root mapping definition has unsupported parameters: [pcap_file : {dynamic=false, properties={layers={properties={udp={properties={udp_udp_srcport={type=integer}, udp_udp_dstport={type=integer}}}, ip={properties={ip_ip_src={type=ip}, ip_ip_dst={type=ip}}}, frame={properties={frame_frame_len={type=long}, frame_frame_protocols={type=keyword}}}}}, timestamp={type=date}}}]",
"caused_by": {
"type": "mapper_parsing_exception",
"reason": "Root mapping definition has unsupported parameters: [pcap_file : {dynamic=false, properties={layers={properties={udp={properties={udp_udp_srcport={type=integer}, udp_udp_dstport={type=integer}}}, ip={properties={ip_ip_src={type=ip}, ip_ip_dst={type=ip}}}, frame={properties={frame_frame_len={type=long}, frame_frame_protocols={type=keyword}}}}}, timestamp={type=date}}}]"
}
},
"status": 400
}
and I've been working on this for a few hours.... anything I'm missing other than a whole rewrite?