Kibana 7.6.1 : Sentinl not able to create watcher_alaram_00001 index due to parsing exception #789
Comments
|
I got the same error message on CentOS 7.8 Relevant kibana stdout log entries are below: {"type":"log","@timestamp":"2020-12-29T03:50:00Z","tags":["error","Sentinl","init"],"pid":16074,"message":"start: Error: init indices: Error: create index: [mapper_parsing_exception] Root mapping definition has unsupported parameters: [sentinl-alarm : {properties={watcher={type=text}, @timestamp={type=date}, attachment={type=binary}, payload={dynamic=true, type=object}, level={type=text}, report={type=boolean}, action={type=text}, error={type=boolean}, message={type=text}}}] :: {"path":"/_template/sentinl_watcher_alarms","query":{},"body":"{\"index_patterns\":\"watcher_alarms*\",\"mappings\":{\"sentinl-alarm\":{\"properties\":{\"payload\":{\"type\":\"object\",\"dynamic\":\"true\"},\"attachment\":{\"type\":\"binary\"},\"error\":{\"type\":\"boolean\"},\"report\":{\"type\":\"boolean\"},\"watcher\":{\"type\":\"text\"},\"action\":{\"type\":\"text\"},\"level\":{\"type\":\"text\"},\"message\":{\"type\":\"text\"},\"@timestamp\":{\"type\":\"date\"}}}},\"settings\":{\"index\":{\"lifecycle\":{\"name\":\"watcher-alarms\",\"rollover_alias\":\"watcher_alarms\"}}}}","statusCode":400,"response":"{\"error\":{\"root_cause\":[{\"type\":\"mapper_parsing_exception\",\"reason\":\"Root mapping definition has unsupported parameters: [sentinl-alarm : {properties={watcher={type=text}, @timestamp={type=date}, attachment={type=binary}, payload={dynamic=true, type=object}, level={type=text}, report={type=boolean}, action={type=text}, error={type=boolean}, message={type=text}}}]\"}],\"type\":\"mapper_parsing_exception\",\"reason\":\"Failed to parse mapping [_doc]: Root mapping definition has unsupported parameters: [sentinl-alarm : {properties={watcher={type=text}, @timestamp={type=date}, attachment={type=binary}, payload={dynamic=true, type=object}, level={type=text}, report={type=boolean}, action={type=text}, error={type=boolean}, message={type=text}}}]\",\"caused_by\":{\"type\":\"mapper_parsing_exception\",\"reason\":\"Root mapping definition has unsupported parameters: [sentinl-alarm : {properties={watcher={type=text}, @timestamp={type=date}, attachment={type=binary}, payload={dynamic=true, type=object}, level={type=text}, report={type=boolean}, action={type=text}, error={type=boolean}, message={type=text}}}]\"}},\"status\":400}"}"} Thank you very much for your support |
|
Same issue, while. using Kibana, elasticsearch and sentinl are version 7.6.1. @ashnayder Is there any workaround available. |
System Details
Versions
Original Install Method
Bug Details Not able to create watcher_alaram_00001 index due to parsing excepting
Bug Description Getting below error while starting up the kibana
log [10:49:15.099] [error][Sentinl][init] start: Error: init indices: Error: create index: [mapper_parsing_exception] Root mapping definition has unsupported parameters: [sentinl-alarm : {properties={watcher={type=text}, @timestamp={type=date}, attachment={type=binary}, payload={dynamic=true, type=object}, level={type=text}, report={type=boolean}, action={type=text}, error={type=boolean}, message={type=text}}}] :: {"path":"/_template/sentinl_watcher_alarms","query":{},"body":"{"index_patterns":"watcher_alarms*","mappings":{"sentinl-alarm":{"properties":{"payload":{"type":"object","dynamic":"true"},"attachment":{"type":"binary"},"error":{"type":"boolean"},"report":{"type":"boolean"},"watcher":{"type":"text"},"action":{"type":"text"},"level":{"type":"text"},"message":{"type":"text"},"@timestamp":{"type":"date"}}}},"settings":{"index":{"lifecycle":{"name":"watcher-alarms","rollover_alias":"watcher_alarms"}}}}","statusCode":400,"response":"{"error":{"root_cause":[{"type":"mapper_parsing_exception","reason":"Root mapping definition has unsupported parameters: [sentinl-alarm : {properties={watcher={type=text}, @timestamp={type=date}, attachment={type=binary}, payload={dynamic=true, type=object}, level={type=text}, report={type=boolean}, action={type=text}, error={type=boolean}, message={type=text}}}]"}],"type":"mapper_parsing_exception","reason":"Failed to parse mapping [_doc]: Root mapping definition has unsupported parameters: [sentinl-alarm : {properties={watcher={type=text}, @timestamp={type=date}, attachment={type=binary}, payload={dynamic=true, type=object}, level={type=text}, report={type=boolean}, action={type=text}, error={type=boolean}, message={type=text}}}]","caused_by":{"type":"mapper_parsing_exception","reason":"Root mapping definition has unsupported parameters: [sentinl-alarm : {properties={watcher={type=text}, @timestamp={type=date}, attachment={type=binary}, payload={dynamic=true, type=object}, level={type=text}, report={type=boolean}, action={type=text}, error={type=boolean}, message={type=text}}}]"}},"status":400}"}
Steps to Reproduce
Expected Behavior
Sample of data you have in Elasticsearch
Full Watcher JSON
Screenshots (if relevant)
Errors in Browser Console (if relevant)
Kibana logs and/or server output (attached if relevant)
Any additional information
Below is the sentinl configuration which am using in kibana.yaml
sentinl:
es:
host: localhost
port: 9200
rollover_index: true
timefield: '@timestamp'
alarm_index: watcher_alarms
alarm_type: sentinl-alarm
script_type: sentinl-script
settings:
authentication:
enabled: true
impersonate: true
username: 'elastic'
password: 'xxxxx'
Could some one help me how can i resolve this issue
The text was updated successfully, but these errors were encountered: