BULK API : Malformed action/metadata line [3], expected START_OBJECT but found [VALUE_STRING]

elasticsearch elasticsearch-bulk-api
balaji thiruvengadam picture balaji thiruvengadam · Aug 21, 2017 · Viewed 21k times · Source

Using Elasticsearch 5.5,getting the following error while posting this bulk request, unable to figure out what is wrong with the request.

"type": "illegal_argument_exception",
"reason": "Malformed action/metadata line [3], expected START_OBJECT but found [VALUE_STRING]"

POST http://localhost:9200/access_log_index/access_log/_bulk

{ "index":{ "_id":11} }
{  
   "id":11,
   "tenant_id":682,
   "tenant_name":"kcc",
   "user.user_name":"k0772251",
   "access_date":"20170821",
   "access_time":"02:41:44.123+01:30",
   "operation_type":"launch_service",
   "remote_host":"qlsso.quicklaunchsso.com",
   "user_agent":"Mozilla/5.0 (Linux; Android 7.0; LGLS775 Build/NRD90U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Mobile Safari/537.36",
   "browser":"",
   "device":"",
   "application.application_id":1846,
   "application.application_name":"Desire2Learn",
   "geoip.ip":"192.95.18.163",
   "geoip.country_code":"US",
   "geoip.country_name":"United States",
   "geoip.region_code":"NJ",
   "geoip.region_name":"New Jersey",
   "geoip.city":"Newark",
   "geoip.zip_code":7102,
   "geoip.time_zone":"America/New_York",
   "geoip.latitude":40.7355,
   "geoip.longitude":-74.1741,
   "geoip.metro_code":501
}
{ "index":{"_id":12} }
{  
   "id":12,
   "tenant_id":682,
   "tenant_name":"kcc",
   "user.user_name":"k0772251",
   "access_date":"20170821",
   "access_time":"02:50:44.123+01:30",
   "operation_type":"launch_service",
   "remote_host":"qlsso.quicklaunchsso.com",
   "user_agent":"Mozilla/5.0 (Linux; Android 7.0; LGLS775 Build/NRD90U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Mobile Safari/537.36",
   "browser":"",
   "device":"",
   "application.application_id":2341,
   "application.application_name":"Gmail",
   "geoip.ip":"192.95.18.163",
   "geoip.country_code":"US",
   "geoip.country_name":"United States",
   "geoip.region_code":"NJ",
   "geoip.region_name":"New Jersey",
   "geoip.city":"Newark",
   "geoip.zip_code":7102,
   "geoip.time_zone":"America/New_York",
   "geoip.latitude":40.7355,
   "geoip.longitude":-74.1741,
   "geoip.metro_code":501
}

Answer

Neutrino picture Neutrino · Sep 7, 2018

Your resource objects have to be specified on a single line like this

post /test322/type/_bulk
{ "index": {} }
{ "name": "Test1", "data": "This is my test data" }
{ "index": {} }
{ "name": "Test2", "data": "This is my test data2" }

Which seems really stupid and unintuitive I know since resources don't have to be on a single line when you create them using PUT or POST for non-bulk operations.

Related questions

How to use Bulk API to store the keywords in ES by using Python

I have to store some message in ElasticSearch integrate with my python program. Now what I try to store the message is: d={"message":"this is message"} for index_nr in range(1,5): ElasticSearchAPI.addToIndex(index_nr, d) print d That …

Read More
How do I update multiple items in ElasticSearch?

Let's say I have a tag type in an ElasticSearch index, with the following mapping: { "tag": { "properties": { "tag": {"type": "string", "store": "yes"}, "aliases": {"type": "string"} } } } Each entry is a tag, and an array of aliases to that tag. Here is …

Read More
What is the ideal bulk size formula in ElasticSearch?

I believe there should be a formula to calculate bulk indexing size in ElasticSearch. Probably followings are the variables of such a formula. Number of nodes Number of shards/index Document size RAM Disk write speed LAN speed I wonder …

Read More