Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search

Error with ParseEvtx processor

Labels:
avatar
author-rank devanand007
Explorer

Created ‎07-02-2023 09:52 PM

 

 

I am ingesting an evtx files that I generated from my Windows 11 machine into the ParseEvtx processor, however, its returning the below error. 

Please advise. Thanks!

 

03:52:24 UTC ERROR

ParseEvx[id=19268a43-0189-1000-8d15-39df0b19faac] Processing failed:
org.apache.nifl,processor.exception.ProcessException: [OException thrown from
ParseEv[id=19268a43-0189-1000-8d15-39df0b19faac]: java.lo.I0Exception:
Invalid minor version. Expected 1 got 2.

 

1,192 Views
0 Kudos
4 REPLIES 4

avatar
author-rank cotopaul
Guru

Created ‎07-03-2023 07:27 AM

@devanand007,

I recommend you to provide a better description of your flow, if you would like to receive an answer to your question.

 

It would really help to know the NiFi Version and your Flow's logic.

From where are you getting the data?

How does it look before reaching ParseEvtx?

What properties you have defined in ParseEvtx?
And so on.

1,167 Views
0 Kudos

avatar
author-rank devanand007
Explorer

Created on ‎07-03-2023 09:51 PM - edited ‎07-03-2023 09:59 PM

cludera.png

 

Here is the snapshot of the flow

Getting data from an s3 bucket

using ParseEvtx to parse it

and forwarding data to Splunk via Splunk's HEC protocol

 

There wasn't much to configure in ParseEvtx other than the granularity which is set to "Chunk"

 

I then attempted to add sample data from this link - https://github.com/apache/nifi/raw/rel/nifi-1.0.0/nifi-nar-bundles/nifi-evtx-bundle/nifi-evtx-proces... which is provided within this forum post https://community.cloudera.com/t5/Community-Articles/Parsing-evtx-files-with-Apache-NiFi/ta-p/247550 and that evtx file was successfully parsed by the processor.

1,147 Views
0 Kudos

avatar
author-rank cotopaul
Guru

Created ‎07-03-2023 11:51 PM

Well in this case, if everything works with the sample data, it means that there might be a problem with your data. I suggest you to compare the structure of the files (yours and the sample one) and see what are the differences. Maybe your files contains some invalid characters which eventually get false parsed by NiFi. Or your files contain to many lines and so on.

1,133 Views
0 Kudos

avatar
author-rank DianaTorres author-rank
Community Manager

Created ‎07-07-2023 09:39 AM

@devanand007 Has the reply helped resolve your issue? If so, please mark the appropriate reply as the solution, as it will make it easier for others to find the answer in the future.  Thanks.

Regards,

Diana Torres,
Community Moderator

Was your question answered? Make sure to mark the answer as the accepted solution.
If you find a reply useful, say thanks by clicking on the thumbs up button.
Learn more about the Cloudera Community:
1,092 Views
0 Kudos
Announcements
What's New @ Cloudera
Cloudera DataFlow 2.9 now supports building GenAI pipelines ...
What's New @ Cloudera
Accelerate Data Scientist Productivity with Cloudera Copilot...
What's New @ Cloudera
[RELEASED] Cloudera Streaming Analytics - Kubernetes Operato...
Community Announcements
October 2024 Community Highlights
What's New @ Cloudera
Accelerate Your AI with the Cloudera AI Inference Service wi...
View More Announcements