DynamiteAI/dynamite-nsm

Warning in Logstash

Speedy1971 opened this issue · 1 comments

Hi, there is a logstash warning and the data are not indexed in elaticsearch, the warning is:
[WARN ][logstash.filters.split ] Only String and Array types are splittable. field:zeek is of type = NilClass
any suggestions?

Hi @Speedy1971, likely an issue with one of the Zeek logs that we do not yet support. In all likelihood conn.log records are not getting dropped. We'll attempt to replicate and address.