search

Yelp / elastalert

Easy & Flexible Alerting With ElasticSearch
https://elastalert.readthedocs.org
Apache License 2.0
7.97k stars 1.73k forks source link

error when creating index #3247

Closed mike-santana closed 2 years ago

mike-santana commented 2 years ago

Hello all, I'm new with elastic, elastalert and git. This is my first time trying to setup elasticsearch and was thinking of incorporating elastalert into it. I followed the steps here and I hit an error when trying to create index for elastalert: C:\Users\SVC-CRP-RPA-WebDev\Elastalert>elastalert-create-index Elastic Version: 8.0.0 Reading Elastic 6 index mappings: Reading index mapping 'es_mappings/6/silence.json' Reading index mapping 'es_mappings/6/elastalert_status.json' Reading index mapping 'es_mappings/6/elastalert.json' Reading index mapping 'es_mappings/6/past_elastalert.json' Reading index mapping 'es_mappings/6/elastalert_error.json' Traceback (most recent call last): File "C:\Users\SVC-CRP-RPA-WebDev\AppData\Local\Programs\Python\Python310\Scripts\elastalert-create-index-script.py", line 33, in sys.exit(load_entry_point('elastalert==0.2.4', 'console_scripts', 'elastalert-create-index')()) File "C:\Users\SVC-CRP-RPA-WebDev\AppData\Local\Programs\Python\Python310\lib\site-packages\elastalert-0.2.4-py3.10.egg\elastalert\create_index.py", line 264, in main create_index_mappings(es_client=es, ea_index=index, recreate=args.recreate, old_ea_index=old_index) File "C:\Users\SVC-CRP-RPA-WebDev\AppData\Local\Programs\Python\Python310\lib\site-packages\elastalert-0.2.4-py3.10.egg\elastalert\create_index.py", line 63, in create_index_mappings es_client.indices.put_mapping(index=ea_index, doc_type='_doc', File "C:\Users\SVC-CRP-RPA-WebDev\AppData\Local\Programs\Python\Python310\lib\site-packages\elasticsearch\client\utils.py", line 84, in _wrapped return func(*args, params=params, **kwargs) File "C:\Users\SVC-CRP-RPA-WebDev\AppData\Local\Programs\Python\Python310\lib\site-packages\elasticsearch\client\indices.py", line 320, in put_mapping return self.transport.perform_request( File "C:\Users\SVC-CRP-RPA-WebDev\AppData\Local\Programs\Python\Python310\lib\site-packages\elasticsearch\transport.py", line 318, in perform_request status, headers_response, data = connection.perform_request(method, url, params, body, headers=headers, ignore=ignore, timeout=timeout) File "C:\Users\SVC-CRP-RPA-WebDev\AppData\Local\Programs\Python\Python310\lib\site-packages\elasticsearch\connection\http_requests.py", line 91, in perform_request self._raise_error(response.status_code, raw_data) File "C:\Users\SVC-CRP-RPA-WebDev\AppData\Local\Programs\Python\Python310\lib\site-packages\elasticsearch\connection\base.py", line 131, in _raise_error raise HTTP_EXCEPTIONS.get(status_code, TransportError)(status_code, error_message, additional_info) elasticsearch.exceptions.RequestError: RequestError(400, 'no handler found for uri [/elastalert_status/_mapping/_doc?include_type_name=true] and method [PUT]', 'no handler found for uri [/elastalert_status/_mapping/_doc?include_type_name=true] and method [PUT]')

Any idea what I may be doing wrong here? I'm using Python 3.10 & Elasticsearch 8.0.0 I did pip install "elasticsearch==7.0.0" because 8.0.0 is giving me incompatible with elastalert Thanks in advance!

Regards, Mike

nsano-rururu commented 2 years ago

https://pypi.org/project/elastalert2/

mike-santana commented 2 years ago

Hi @nsano-rururu san,

I tried elastalert2 as well and it threw the same error message: C:\Users\SVC-CRP-RPA-WebDev\Elastalert2>elastalert-create-index Elastic Version: 8.0.0 Reading Elastic 6 index mappings: Reading index mapping 'es_mappings/6/silence.json' Reading index mapping 'es_mappings/6/elastalert_status.json' Reading index mapping 'es_mappings/6/elastalert.json' Reading index mapping 'es_mappings/6/past_elastalert.json' Reading index mapping 'es_mappings/6/elastalert_error.json' Traceback (most recent call last): File "C:\Users\SVC-CRP-RPA-WebDev\AppData\Local\Programs\Python\Python310\Scripts\elastalert-create-index-script.py", line 33, in sys.exit(load_entry_point('elastalert2==2.4.0', 'console_scripts', 'elastalert-create-index')()) File "C:\Users\SVC-CRP-RPA-WebDev\AppData\Local\Programs\Python\Python310\lib\site-packages\elastalert-0.2.4-py3.10.egg\elastalert\create_index.py", line 264, in main create_index_mappings(es_client=es, ea_index=index, recreate=args.recreate, old_ea_index=old_index) File "C:\Users\SVC-CRP-RPA-WebDev\AppData\Local\Programs\Python\Python310\lib\site-packages\elastalert-0.2.4-py3.10.egg\elastalert\create_index.py", line 63, in create_index_mappings es_client.indices.put_mapping(index=ea_index, doc_type='_doc', File "C:\Users\SVC-CRP-RPA-WebDev\AppData\Local\Programs\Python\Python310\lib\site-packages\elasticsearch\client\utils.py", line 84, in _wrapped return func(*args, params=params, **kwargs) File "C:\Users\SVC-CRP-RPA-WebDev\AppData\Local\Programs\Python\Python310\lib\site-packages\elasticsearch\client\indices.py", line 320, in put_mapping return self.transport.perform_request( File "C:\Users\SVC-CRP-RPA-WebDev\AppData\Local\Programs\Python\Python310\lib\site-packages\elasticsearch\transport.py", line 318, in perform_request status, headers_response, data = connection.perform_request(method, url, params, body, headers=headers, ignore=ignore, timeout=timeout) File "C:\Users\SVC-CRP-RPA-WebDev\AppData\Local\Programs\Python\Python310\lib\site-packages\elasticsearch\connection\http_requests.py", line 91, in perform_request self._raise_error(response.status_code, raw_data) File "C:\Users\SVC-CRP-RPA-WebDev\AppData\Local\Programs\Python\Python310\lib\site-packages\elasticsearch\connection\base.py", line 131, in _raise_error raise HTTP_EXCEPTIONS.get(status_code, TransportError)(status_code, error_message, additional_info) elasticsearch.exceptions.RequestError: RequestError(400, 'no handler found for uri [/elastalert_status/_mapping/_doc?include_type_name=true] and method [PUT]', 'no handler found for uri [/elastalert_status/_mapping/_doc?include_type_name=true] and method [PUT]')

Thank you,

Regards, Michael

nsano-rururu commented 2 years ago

You haven't uninstalled elastalert 0.2.4.

nsano-rururu commented 2 years ago 
pip uninstall elastalert
pip uninstall elasticsearch
pip install elastalert2
nsano-rururu commented 2 years ago

https://elastalert2.readthedocs.io/en/latest/recipes/faq.html#does-elastalert-2-support-elasticsearch-8

nsano-rururu commented 2 years ago

If you use elastalert2 please ask in the discussion below https://github.com/jertel/elastalert2/discussions

mike-santana commented 2 years ago

Thank you @nsano-rururu san, I will try those steps and if I encounter any issue with elastalert2 I will ask there.