Hi Jochen, I am sorry, but I am not sure what to do with the index mapping.. I am not really familer with the elasticsearch nor graylog. Can you guide me with this please?
Thanks On Thursday, September 8, 2016 at 1:19:37 PM UTC+3, Jochen Schalanda wrote: > > Hi Aviv, > > you have to create a custom index mapping and template for the schema of > your data: > http://docs.graylog.org/en/2.1/pages/configuration/elasticsearch.html#custom-index-mappings > > Afterwards, you have to cycle indices (System -> Indices -> Maintenance). > > Cheers, > Jochen > > On Thursday, 8 September 2016 11:45:22 UTC+2, [email protected] > wrote: >> >> Hi, >> >> >> >> I've upgraded my GrayLog to the latest version (2.1). After doing so, my >> Palo Alto Content Pack & Active Directory Content Pack stopped working. >> >> All indexes fails with the following error (150k errors): >> >> MapperParsingException[failed to parse [EventDate]]; nested: >> IllegalArgumentException[Invalid format: "2016/09/08" is malformed at >> "/09/08"]; >> >> >> >> I am not really familar with this, can anyone address me where is the >> issue and how to fix it? >> >> >> >> Thanks, >> >> Aviv Malka >> >> >> > -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/0981ca17-3abc-44e2-b075-58403c57c4c3%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
