Error…
While retrieving data for this widget, the following error(s) occurred:
Search type returned error: failed to parse date field [2021-02-11 16:49:14.192] with format [8yyyy-MM-dd HH:mm:ss.SSS].
4.0.1 does work but once I run 4.0.2 I have to delete the data to get 4.0.1 to work.
Any insight would be appreciated.
with a little grain of more information someone might have the ability to check - but with the given information, it looks like a local problem. Because I do not see that on my 4.0.2
Sorry. This a production system so I just put it back on 4.0.1 to keep it working. I just briefly went back to 4.0.2 to reproduce, which it did instantly. I wiped all the data first and immediate get this in the log repeatedly.
2021-02-23 14:20:19,368 WARN : org.graylog.storage.elasticsearch6.MessagesAdapterES6 - Failed to index message: index=<graylog_0> id= error=<{“type”:“mapper_parsing_exception”,“reason”:“failed to parse field [timestamp] of type [date]”,“caused_by”:{“type”:“illegal_argument_exception”,“reason”:"Invalid format: “2021-02-23 19:18:28.726"”}}>
did you see this without having any kind of inputs @tbmay is this error just given when you start Graylog?
Or did you spine up a Graylog input and ingest data to that? Maybe do some additional processing with that data?
Upgrading elasticsearch from 6.X to 7.X seems to have fixed it. Thanks.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.