You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@metron.apache.org by updates on tube <ab...@gmail.com> on 2019/12/27 14:18:55 UTC
apache metron alert ui not loading from kibana
after I see the log on elastic search(kibana dashboard) ingesting asa log from apache metron sample data available in Github, I can't see it on metron alert ui.. and the error i see on elastic search is as follow
........
org.elasticsearch.transport.RemoteTransportException: [worker2.sip.com][192.168.111.119:9300][indices:data/read/search[phase/query]]
Caused by: java.lang.IllegalArgumentException: Field [timestamp] of type [long] does not support custom time zones
at org.elasticsearch.index.mapper.NumberFieldMapper$NumberFieldType.docValueFormat(NumberFieldMapper.java:1007) ~[elasticsearch-5.6.16.jar:5.6.16]
at org.elasticsearch.search.aggregations.support.ValuesSourceConfig.resolve(ValuesSourceConfig.java:115) ~[elasticsearch-5.6.16.jar:5.6.16]
at org.elasticsearch.search.aggregations.support.ValuesSourceAggregationBuilder.resolveConfig(ValuesSourceAggregationBuilder.java:297) ~[elasticsearch-5.6.16.jar:5.6.16]
at org.elasticsearch.search.aggregations.support.ValuesSourceAggregationBuilder.doBuild(ValuesSourceAggregationBuilder.java:290) ~[elasticsearch-5.6.16.jar:5.6.16]
at org.elasticsearch.search.aggregations.support.ValuesSourceAggregationBuilder.doBuild(ValuesSourceAggregationBuilder.java:39) ~[elasticsearch-5.6.16.jar:5.6.16]
at org.elasticsearch.search.aggregations.AbstractAggregationBuilder.build(AbstractAggregationBuilder.java:126) ~[elasticsearch-5.6.16.jar:5.6.16]
at org.elasticsearch.search.aggregations.AggregatorFactories$Builder.build(AggregatorFactories.java:347) ~[elasticsearch-5.6.16.jar:5.6.16]
at org.elasticsearch.search.SearchService.parseSource(SearchService.java:655) ~[elasticsearch-5.6.16.jar:5.6.16]
at org.elasticsearch.search.SearchService.createContext(SearchService.java:485) ~[elasticsearch-5.6.16.jar:5.6.16]
at org.elasticsearch.search.SearchService.createAndPutContext(SearchService.java:461) ~[elasticsearch-5.6.16.jar:5.6.16]
at org.elasticsearch.search.SearchService.executeQueryPhase(SearchService.java:257) ~[elasticsearch-5.6.16.jar:5.6.16]
at org.elasticsearch.action.search.SearchTransportService$6.messageReceived(SearchTransportService.java:343) ~[elasticsearch-5.6.16.jar:5.6.16]
at org.elasticsearch.action.search.SearchTransportService$6.messageReceived(SearchTransportService.java:340) ~[elasticsearch-5.6.16.jar:5.6.16]
at org.elasticsearch.transport.RequestHandlerRegistry.processMessageReceived(RequestHandlerRegistry.java:69) ~[elasticsearch-5.6.16.jar:5.6.16]
at org.elasticsearch.transport.TcpTransport$RequestHandler.doRun(TcpTransport.java:1556) ~[elasticsearch-5.6.16.jar:5.6.16]
at org.elasticsearch.common.util.concurrent.ThreadContext$ContextPreservingAbstractRunnable.doRun(ThreadContext.java:675) ~[elasticsearch-5.6.16.jar:5.6.16]
at org.elasticsearch.common.util.concurrent.AbstractRunnable.run(AbstractRunnable.java:37) ~[elasticsearch-5.6.16.jar:5.6.16]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) ~[?:1.8.0_112]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) ~[?:1.8.0_112]
at java.lang.Thread.run(Thread.java:745) [?:1.8.0_112]