Higher level of details for parsing error in CSV import #7647
Comments
|
The field name should be included. Could you provide the CSV you're using and a screen shot of the type mapping step? |
|
@Bargs here is the file I'm using: https://drive.google.com/open?id=0B2nTr5APsKxcbjNLMm52M0RySTg Here is the mapping screenshot:
This is the parsing error output:
With +13000 lines displayed in the list (#7648)
|
|
@bahaaldine those output screenshots look different than the one in your original post, in this case it's correctly identifying |
|
@Bargs that's true and I don't know how I got the first screenshot, and I can't reproduce it. My point for this issue is:
So far so good.
|
|
Hmmm yeah that does stink. I wonder if Elasticsearch returns both errors, or if I'm only getting timestamp back. I'll have to check.
Could you add your thoughts on that to this ticket #7632? I'm not sure yet what the perfect error message looks like. For some users the full Elasticsearch error info might be overwhelming, but as you mentioned other users are just gonna want to see the full details from ES. |
|
I'm going to close this since CSV upload was pulled. We can always refer back to this issue if/when we revisit the feature. |
…he list of assigned users (elastic#7647)
…he list of assigned users (elastic#7647)
…he list of assigned users (elastic#7647)
…he list of assigned users (#7647) (#166845) ## Summary Closes elastic/security-team#7647 This PR extends alert's schema. We add a new field `kibana.alert.workflow_assignee_ids` where assignees will live.
The current level of details a user get for parsing error does not allow for debugging:
Could be good to have at least the field and the related parsing error details.
The text was updated successfully, but these errors were encountered: