This repository has been archived by the owner on Oct 19, 2020. It is now read-only.
ESS queries not working - error #13
Comments
|
Update: Started using the splunk time-picker and made some progress. Now, I get the following: |
|
Hi @bossi6of9, this last error indicates a problem with your elasticsearch search. Does the same search with the same time range in kibana produce different results? Which version of elasticsearch are you searching against? |
|
Sorry for not getting back earlier - this is all set. Issue on my side. |
|
@bossi6of9 what was the issue?! |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Hi,
I'm trying to query an elastic search instance, but I never get any results and the logs are showing an error. Am I doing something wrong?
Query:
|ess eaddr="http://1.2.3.4:9200" tsfield="@timestamp" index=netflow-2018.05.01 earliest="now-2h" query="host:1.2.3.4" fields=host
Error:
5-02-2018 12:40:47.197 ERROR ScriptRunner - stderr from '/opt/splunk/bin/python /opt/splunk/etc/apps/elasticsplunk-master/bin/elasticsplunk.py EXECUTE eaddr="http://1.2.3.4:9200" tsfield="@timestamp" index=netflow-2018.05.01 earliest="now-2h" query="host:1.2.3.4" fields=host': 2018-05-02 12:40:47,197, Level=DEBUG, Pid=3948, Logger=splunklib, File=search_command.py, Line=624, ElasticSplunk.process finished under protocol_version=1
05-02-2018 12:40:47.238 INFO script - Invoked script ess with 399 input bytes (0 events). Returned 0 output bytes in 403 ms.
The text was updated successfully, but these errors were encountered: