VMWARE_SEV_CURRENT : Document contains at least one immense term in field #18
Comments
|
Delete the grok VMWARE_SEV_CURRENT extractor and create a new Regular expression called VMWARE_SEV_CURRENT |
|
Thanks |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi
Like in #17
but for VMWARE_SEV_CURRENT
Perharps it's because we have vcenter 8 ?
Complete error message
OpenSearchException[OpenSearch exception [type=illegal_argument_exception, reason=Document contains at least one immense term in field="VMWARE_SEV_CURRENT" (whose UTF8 encoding is longer than the max length 32766), all of which were skipped. Please correct the analyzer to not produce such terms. The prefix of the first immense term is: '[115, 99, 97, 112, 105, 46, 118, 109, 119, 97, 114, 101, 46, 99, 111, 109, 32, 116, 105, 109, 101, 100, 32, 111, 117, 116, 46, 32, 40, 99]...', original message: bytes can be at most 32766 in length; got 63018]]; nested: OpenSearchException[OpenSearch exception [type=max_bytes_length_exceeded_exception, reason=bytes can be at most 32766 in length; got 63018]];Extractor configuration
Extractor type: Regular expression
Source field: message
Regular expression: to (.*)]
The text was updated successfully, but these errors were encountered: