What is the bug?
When defining a new detector and selecting the "System Logs" type, the "Configure field mapping" are empty.
How can one reproduce the bug?
Steps to reproduce the behavior:
- Go to Security Analytics>Detectors>Create detector
- Select any index
- Click on 'System logs':
- See that 'Configure field mapping' is empty
- When following the link (mappings/view?indexName=index_*&ruleTopic=linux), following message is displayed:
{"ok":false,"error":"[illegal_argument_exception] Mapper not found: [linux]"}
What is the expected behavior?
Like the other types (Azure logs for example):
Also, when following the link:
{"ok":true,"response":{"properties":{},"unmapped_index_fields":
What is your host/environment?
- OS: Centos7
- Opensearch Version: 2.7.0
- Opensearch-Dashboards Version: 2.7.0
What is the bug?
When defining a new detector and selecting the "System Logs" type, the "Configure field mapping" are empty.
How can one reproduce the bug?
Steps to reproduce the behavior:
{"ok":false,"error":"[illegal_argument_exception] Mapper not found: [linux]"}What is the expected behavior?
Like the other types (Azure logs for example):
Also, when following the link:
{"ok":true,"response":{"properties":{},"unmapped_index_fields":What is your host/environment?