Bluebird.js error when trying to create pipeline rules

afc · April 24, 2023, 6:42pm

Due to some recent network changes, the daily number of pfSense log messages increased to ~1 million. My goal was to create a pipeline to filter out specific messages before they are indexed (sourceip / destip) as a majority of this new traffic is noise going to AWS.

But when creating a pipeline rule, graylog UI shows:
Could not save processing rule “undefined”

rule tried:
rule “test”
when
then
end

Browser console shows:
bluebird.js:1590 Unhandled rejection TypeError: Cannot read properties of undefined (reading 'includes') at C (https://example.com/assets/ae0f3247-1536.e118909090ce9bf2c317.js:1:5068) at l (https://example.com/assets/app.50b56439819b6a88b253.js:2:1146326) at O._settlePromiseFromHandler (https://example.com/assets/app.50b56439819b6a88b253.js:2:1119200) at O._settlePromise (https://example.com/assets/app.50b56439819b6a88b253.js:2:1120000) at O._settlePromise0 (https://example.com/assets/app.50b56439819b6a88b253.js:2:1120699) at O._settlePromises (https://example.com/assets/app.50b56439819b6a88b253.js:2:1121940) at s (https://example.com/assets/app.50b56439819b6a88b253.js:2:1073176) at a (https://example.com/assets/app.50b56439819b6a88b253.js:2:1073115) at i._drainQueues (https://example.com/assets/app.50b56439819b6a88b253.js:2:1074241) at drainQueues (https://example.com/assets/app.50b56439819b6a88b253.js:2:1073049)From previous event: at O.L [as _captureStackTrace] (https://example.com/assets/app.50b56439819b6a88b253.js:2:1088283) at O._then (https://example.com/assets/app.50b56439819b6a88b253.js:2:1114599) at O.then (https://example.com/assets/app.50b56439819b6a88b253.js:2:1112955) at O.caught.O.catch (https://example.com/assets/app.50b56439819b6a88b253.js:2:1112607) at h (https://example.com/assets/ae0f3247-1536.e118909090ce9bf2c317.js:1:2436) at https://example.com/assets/ae0f3247-1536.e118909090ce9bf2c317.js:1:3424 at https://example.com/assets/ae0f3247-1536.e118909090ce9bf2c317.js:1:3203 at https://example.com/assets/ae0f3247-9138.6269d02caa6722c14ef2.js:1:27344

Graylog OS:
Ubuntu server 20.04
Graylog Version:
graylog-enterprise 5.0.6 (from graylog 5.0 repository)

client os:
ubuntu 22.04
client browser versions:
chrome 112.0.5615.165
firefox 112.0.1

Both Chrome and Firefox have the issue

Looking for help on this, but I don’t know where to begin.

Thank you!

Joel_Duffield · April 24, 2023, 7:58pm

Was this the actual rule

rule “test”
when
then
end

Off the top of my head i think that would give you some red Xs to warn of format error, and it generally won’t let you save while there is a format error.

afc · April 24, 2023, 8:29pm

Thanks for the reply!
No, I pasted incorrect data from clipboard apparently. However in replying to your question I found the issue. I was escaping something incorrectly.

Thanks again!

system · May 8, 2023, 8:29pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.