Unable to Index Events
matmuts opened this issue · 0 comments
Dear Team,
I am new to open source. I have followed the guide to install suricata and used Rob's synesis_lite. All seems to be well but when I import the kibana dashboard, I am unable to see any data and get errors that Could not index event to Elasticsearch. {:status=>400, ...... like
"error"=>{"type"=>"mapper_parsing_exception", "reason"=>"failed to parse field [http.content_range] of type [keyword] in document with id 'zwhjAngBHO889NJY5rF1'
"error"=>{"type"=>"mapper_parsing_exception", "reason"=>"failed to parse field [dns.flags] of type [long] in document with id 'XAhjAngBHO889NJY77dZ'.
I hope that is enough information to point you in the right direction. I appreciate any guidance on resolving this
Server: VM
OS: Ubuntu 20.4
ELK: 7.11.1
Suricata: 6.0.1
Thanks