elasticsearch 7 support

Question

elasticsearch 7 support

dsvetlov opened this issue 5 years ago · comments

Does 411 support ES 7.0?

rhadw · Answer 1 · Wed May 29 2019 15:45:08 GMT+0800 (China Standard Time)

Hey dsvetlov. No, it does not support ES7 but maybe the dev could make it work with ES7.
I'm also interested if there are any plans on upgrading the compatibility to ES7.

dsvetlov · Answer 2 · Wed May 29 2019 16:20:15 GMT+0800 (China Standard Time)

@rhadw , did you tried to install it with ES7? What exactly doesn't work?

rhadw · Answer 3 · Wed May 29 2019 16:25:31 GMT+0800 (China Standard Time)

@dsvetlov
Yes, I did try to use with ES7 but it complains about some mappings which I believe it has something to do with a different schema used on ES7.

dsvetlov · Answer 4 · Sat Jul 13 2019 20:24:22 GMT+0800 (China Standard Time)

@rhadw , we made PR to fix these issues. Unless it would be meged you can use 411 fork in @golaso repository or in mine.
https://github.com/golaso/411
https://github.com/dsvetlov/411

Vladimir Grujic · Answer 5 · Thu Aug 01 2019 19:20:48 GMT+0800 (China Standard Time)

Yeah that worked for me. The part when you want to select all the alerts from the gui (when you click on "click here to select all alerts in the group") The Error 500 is returned. I've investigated the issue back to the query sent to the ES with fields:"id" . The error is Unknown key for a START_ARRAY in [fields]"". I've tried to change fields to stored_fields or even _source and query is executed and scroll id is returned. But the scrolls are empty.