vendredi 17 juin 2016

Elasticsearch MapperParsingException with Android-Hooker

I'm playing around with Android-Hooker and when I've run elasticsearch and kibana already.

It came to the step

$ python hooker_xp.py -c signalAnalysis.conf                                                                                                       0:52:44
[MainProcess/Reporter.py:110/DEBUG] 134: Initialize the Elasticsearch reporter
[MainProcess/Es.py:397/DEBUG] 134: Initializes connection with the elasticsearch database.
[MainProcess/Es.py:407/DEBUG] 137: Cluster seems to be reachable.
[MainProcess/Es.py:411/WARNING] 140: Hooker index 'hooker_test' in elasticsearch doesn't seem to exist.
[MainProcess/Es.py:431/INFO] 142: Creating the index 'hooker_test' in the ES cluster
[MainProcess/hooker_xp.py:70/ERROR] 164: Traceback (most recent call last):
  File "hooker_xp.py", line 67, in <module>
    main()
  File "hooker_xp.py", line 54, in main
    analysis = AutomaticAnalysis(commandLineParser)
  File "/Users/Syn3iotiC/Downloads/hooker-master/hooker_xp/hooker_xp/AutomaticAnalysis.py", line 186, in __init__
    super(AutomaticAnalysis, self).__init__(MainConfiguration.build(commandLineParser), ReportingConfiguration.build(commandLineParser))
  File "/Users/Syn3iotiC/Downloads/hooker-master/hooker_xp/hooker_xp/analysis/Analysis.py", line 53, in __init__
    self.reporter = Reporter(self.reportingConfiguration)
  File "/Users/Syn3iotiC/Downloads/hooker-master/hooker_xp/hooker_xp/report/Reporter.py", line 50, in __init__
    self.__initializeReporters()
  File "/Users/Syn3iotiC/Downloads/hooker-master/hooker_xp/hooker_xp/report/Reporter.py", line 111, in __initializeReporters
    self.es = Es([{"host":self.reportingConfiguration.elasticsearchIp, 'port':self.reportingConfiguration.elasticsearchPort}])
  File "build/bdist.macosx-10.11-x86_64/egg/hooker_common/elasticsearch/Es.py", line 58, in __init__
    self.__initializeConnection()
  File "build/bdist.macosx-10.11-x86_64/egg/hooker_common/elasticsearch/Es.py", line 412, in __initializeConnection
    self.__createHookerIndex()
  File "build/bdist.macosx-10.11-x86_64/egg/hooker_common/elasticsearch/Es.py", line 432, in __createHookerIndex
    self.esInstance.indices.create(index=Es.ES_INDEX_NAME_HOOKER, body=Es.__getBodyIndex())
  File "build/bdist.macosx-10.11-x86_64/egg/elasticsearch/client/utils.py", line 69, in _wrapped
    return func(*args, params=params, **kwargs)
  File "build/bdist.macosx-10.11-x86_64/egg/elasticsearch/client/indices.py", line 103, in create
    params=params, body=body)
  File "build/bdist.macosx-10.11-x86_64/egg/elasticsearch/transport.py", line 307, in perform_request
    status, headers, data = connection.perform_request(method, url, params, body, ignore=ignore, timeout=timeout)
  File "build/bdist.macosx-10.11-x86_64/egg/elasticsearch/connection/http_urllib3.py", line 93, in perform_request
    self._raise_error(response.status, raw_data)
  File "build/bdist.macosx-10.11-x86_64/egg/elasticsearch/connection/base.py", line 105, in _raise_error
    raise HTTP_EXCEPTIONS.get(status_code, TransportError)(status_code, error_message, additional_info)
RequestError: TransportError(400, u'mapper_parsing_exception')

In elasticsearch terminal.

[2016-06-18 00:52:49,174][DEBUG][action.admin.indices.create] [Doc Samson] [hooker_test] failed to create
MapperParsingException[Failed to parse mapping [python]: Mapping definition for [_timestamp] has unsupported parameters:  [path : Timestamp]]; nested: MapperParsingException[Mapping definition for [_timestamp] has unsupported parameters:  [path : Timestamp]];
    at org.elasticsearch.cluster.metadata.MetaDataCreateIndexService$1.execute(MetaDataCreateIndexService.java:332)
    at org.elasticsearch.cluster.ClusterStateUpdateTask.execute(ClusterStateUpdateTask.java:45)
    at org.elasticsearch.cluster.service.InternalClusterService.runTasksForExecutor(InternalClusterService.java:468)
    at org.elasticsearch.cluster.service.InternalClusterService$UpdateTask.run(InternalClusterService.java:772)
    at org.elasticsearch.common.util.concurrent.PrioritizedEsThreadPoolExecutor$TieBreakingPrioritizedRunnable.runAndClean(PrioritizedEsThreadPoolExecutor.java:231)
    at org.elasticsearch.common.util.concurrent.PrioritizedEsThreadPoolExecutor$TieBreakingPrioritizedRunnable.run(PrioritizedEsThreadPoolExecutor.java:194)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
    at java.lang.Thread.run(Thread.java:745)
Caused by: MapperParsingException[Mapping definition for [_timestamp] has unsupported parameters:  [path : Timestamp]]
    at org.elasticsearch.index.mapper.DocumentMapperParser.checkNoRemainingFields(DocumentMapperParser.java:171)
    at org.elasticsearch.index.mapper.DocumentMapperParser.checkNoRemainingFields(DocumentMapperParser.java:165)
    at org.elasticsearch.index.mapper.DocumentMapperParser.parse(DocumentMapperParser.java:148)
    at org.elasticsearch.index.mapper.DocumentMapperParser.parse(DocumentMapperParser.java:99)
    at org.elasticsearch.index.mapper.MapperService.parse(MapperService.java:508)
    at org.elasticsearch.index.mapper.MapperService.merge(MapperService.java:288)
    at org.elasticsearch.cluster.metadata.MetaDataCreateIndexService$1.execute(MetaDataCreateIndexService.java:329)
    ... 8 more

This is my first time with elasticsearch, kibana and android-hooker.

I have no idea how to deal with these errors.

Please help! Thanks!

Publié par à

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)