Created
January 18, 2017 15:27
-
-
Save madchap/1acf24a25695858955dfe5aae4ae1665 to your computer and use it in GitHub Desktop.
ES exception graylog parsing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 2017-01-18T15:08:23.751Z ERROR [AlertScannerThread] Skipping alert check that threw an exception. | |
| org.elasticsearch.action.search.SearchPhaseExecutionException: all shards failed | |
| at org.elasticsearch.action.search.AbstractSearchAsyncAction.onFirstPhaseResult(AbstractSearchAsyncAction.java:206) ~[graylog.jar:?] | |
| at org.elasticsearch.action.search.AbstractSearchAsyncAction$1.onFailure(AbstractSearchAsyncAction.java:152) ~[graylog.jar:?] | |
| at org.elasticsearch.action.ActionListenerResponseHandler.handleException(ActionListenerResponseHandler.java:46) ~[graylog.jar:?] | |
| at org.elasticsearch.transport.netty.MessageChannelHandler.handleException(MessageChannelHandler.java:212) ~[graylog.jar:?] | |
| at org.elasticsearch.transport.netty.MessageChannelHandler.handlerResponseError(MessageChannelHandler.java:202) ~[graylog.jar:?] | |
| at org.elasticsearch.transport.netty.MessageChannelHandler.messageReceived(MessageChannelHandler.java:136) ~[graylog.jar:?] | |
| at org.jboss.netty.channel.SimpleChannelUpstreamHandler.handleUpstream(SimpleChannelUpstreamHandler.java:70) ~[graylog.jar:?] | |
| at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:564) ~[graylog.jar:?] | |
| at org.jboss.netty.channel.DefaultChannelPipeline$DefaultChannelHandlerContext.sendUpstream(DefaultChannelPipeline.java:791) ~[graylog.jar:?] | |
| at org.jboss.netty.channel.Channels.fireMessageReceived(Channels.java:296) ~[graylog.jar:?] | |
| at org.jboss.netty.handler.codec.frame.FrameDecoder.unfoldAndFireMessageReceived(FrameDecoder.java:462) ~[graylog.jar:?] | |
| at org.jboss.netty.handler.codec.frame.FrameDecoder.callDecode(FrameDecoder.java:443) ~[graylog.jar:?] | |
| at org.jboss.netty.handler.codec.frame.FrameDecoder.messageReceived(FrameDecoder.java:310) ~[graylog.jar:?] | |
| at org.jboss.netty.channel.SimpleChannelUpstreamHandler.handleUpstream(SimpleChannelUpstreamHandler.java:70) ~[graylog.jar:?] | |
| at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:564) ~[graylog.jar:?] | |
| at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:559) ~[graylog.jar:?] | |
| at org.jboss.netty.channel.Channels.fireMessageReceived(Channels.java:268) ~[graylog.jar:?] | |
| at org.jboss.netty.channel.Channels.fireMessageReceived(Channels.java:255) ~[graylog.jar:?] | |
| at org.jboss.netty.channel.socket.nio.NioWorker.read(NioWorker.java:88) ~[graylog.jar:?] | |
| at org.jboss.netty.channel.socket.nio.AbstractNioWorker.process(AbstractNioWorker.java:108) ~[graylog.jar:?] | |
| at org.jboss.netty.channel.socket.nio.AbstractNioSelector.run(AbstractNioSelector.java:337) ~[graylog.jar:?] | |
| at org.jboss.netty.channel.socket.nio.AbstractNioWorker.run(AbstractNioWorker.java:89) ~[graylog.jar:?] | |
| at org.jboss.netty.channel.socket.nio.NioWorker.run(NioWorker.java:178) ~[graylog.jar:?] | |
| at org.jboss.netty.util.ThreadRenamingRunnable.run(ThreadRenamingRunnable.java:108) ~[graylog.jar:?] | |
| at org.jboss.netty.util.internal.DeadLockProofWorker$1.run(DeadLockProofWorker.java:42) ~[graylog.jar:?] | |
| at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [?:1.8.0_111] | |
| at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [?:1.8.0_111] | |
| at java.lang.Thread.run(Thread.java:745) [?:1.8.0_111] | |
| Caused by: org.elasticsearch.common.io.stream.NotSerializableExceptionWrapper: token_mgr_error: Lexical error at line 1, column 223. Encountered: <EOF> after : "" | |
| at org.apache.lucene.queryparser.classic.QueryParserTokenManager.getNextToken(QueryParserTokenManager.java:1130) ~[graylog.jar:?] | |
| at org.apache.lucene.queryparser.classic.QueryParser.jj_scan_token(QueryParser.java:589) ~[graylog.jar:?] | |
| at org.apache.lucene.queryparser.classic.QueryParser.jj_3R_2(QueryParser.java:472) ~[graylog.jar:?] | |
| at org.apache.lucene.queryparser.classic.QueryParser.jj_3_1(QueryParser.java:479) ~[graylog.jar:?] | |
| at org.apache.lucene.queryparser.classic.QueryParser.jj_2_1(QueryParser.java:465) ~[graylog.jar:?] | |
| at org.apache.lucene.queryparser.classic.QueryParser.Clause(QueryParser.java:216) ~[graylog.jar:?] | |
| at org.apache.lucene.queryparser.classic.QueryParser.Query(QueryParser.java:202) ~[graylog.jar:?] | |
| at org.apache.lucene.queryparser.classic.QueryParser.TopLevelQuery(QueryParser.java:160) ~[graylog.jar:?] | |
| at org.apache.lucene.queryparser.classic.QueryParserBase.parse(QueryParserBase.java:117) ~[graylog.jar:?] | |
| at org.apache.lucene.queryparser.classic.MapperQueryParser.parse(MapperQueryParser.java:880) ~[graylog.jar:?] | |
| at org.elasticsearch.index.query.QueryStringQueryParser.parse(QueryStringQueryParser.java:227) ~[graylog.jar:?] | |
| at org.elasticsearch.index.query.QueryParseContext.parseInnerQuery(QueryParseContext.java:250) ~[graylog.jar:?] | |
| at org.elasticsearch.index.query.BoolQueryParser.parse(BoolQueryParser.java:76) ~[graylog.jar:?] | |
| at org.elasticsearch.index.query.QueryParseContext.parseInnerQuery(QueryParseContext.java:250) ~[graylog.jar:?] | |
| at org.elasticsearch.index.query.IndexQueryParserService.innerParse(IndexQueryParserService.java:320) ~[graylog.jar:?] | |
| at org.elasticsearch.index.query.IndexQueryParserService.parse(IndexQueryParserService.java:223) ~[graylog.jar:?] | |
| at org.elasticsearch.index.query.IndexQueryParserService.parse(IndexQueryParserService.java:218) ~[graylog.jar:?] | |
| at org.elasticsearch.search.query.QueryParseElement.parse(QueryParseElement.java:33) ~[graylog.jar:?] | |
| at org.elasticsearch.search.SearchService.parseSource(SearchService.java:856) ~[graylog.jar:?] | |
| at org.elasticsearch.search.SearchService.createContext(SearchService.java:667) ~[graylog.jar:?] | |
| at org.elasticsearch.search.SearchService.createAndPutContext(SearchService.java:633) ~[graylog.jar:?] | |
| at org.elasticsearch.search.SearchService.executeQueryPhase(SearchService.java:377) ~[graylog.jar:?] | |
| at org.elasticsearch.search.action.SearchServiceTransportAction$SearchQueryTransportHandler.messageReceived(SearchServiceTransportAction.java:368) ~[graylog.jar:?] | |
| at org.elasticsearch.search.action.SearchServiceTransportAction$SearchQueryTransportHandler.messageReceived(SearchServiceTransportAction.java:365) ~[graylog.jar:?] | |
| at org.elasticsearch.transport.TransportRequestHandler.messageReceived(TransportRequestHandler.java:33) ~[graylog.jar:?] | |
| at org.elasticsearch.transport.RequestHandlerRegistry.processMessageReceived(RequestHandlerRegistry.java:77) ~[graylog.jar:?] | |
| at org.elasticsearch.transport.netty.MessageChannelHandler$RequestHandler.doRun(MessageChannelHandler.java:293) ~[graylog.jar:?] | |
| at org.elasticsearch.common.util.concurrent.AbstractRunnable.run(AbstractRunnable.java:37) ~[graylog.jar:?] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment