Index Failures / Windows Logs

yoder731 · December 13, 2019, 3:46pm

I am currently running into issues with Indexing windows logs. I am receiving the following error:

{“type”:“mapper_parsing_exception”,“reason”:“failed to parse field [level] of type [long] in document with id ‘073f1d77-1dbe-11ea-ad42-005056903b31’”,“caused_by”:{“type”:“illegal_argument_exception”,“reason”:“For input string: “Information””}}

I know I need to create a custom index and change the data type. My question is how. This is my first foray into Graylog. Any assistance would be appreciated.

yoder731 · December 13, 2019, 4:37pm

I had the “do not beats type as prefix” option checked on my Beats input.

Once I unchecked this, the indexing failures stopped. I will just change the way my dashboards looks for the event_id.

system · December 27, 2019, 4:37pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Indexer failures - Winlogbeat Graylog Central (peer support) sidecar , winlogbeat	5	881	June 23, 2020
Graylog Indexer Failures Graylog Central (peer support) windows , winlogbeat	5	94	July 11, 2024
Solve index faliure Graylog Central (peer support)	1	496	June 3, 2020
Failed to index messages coming from Windows hosts Graylog Central (peer support) sidecar , winlogbeat	3	1731	November 11, 2019
Index Error - mapper_parse_Exception Graylog Central (peer support)	1	826	January 19, 2018

Index Failures / Windows Logs

Related topics