Skip to main content
Panther Knowledge Base

Why is my log source classification error in Panther returning an empty object?

  1. Last updated
  2. Save as PDF

Issue

When trying to ingest a log source in Panther, I'm getting a classification error that returns empty:

"errors": []

Resolution

To resolve this issue, check if your log source contains multiple CSV schemas. If it does, edit and add the columns fields for the CSV schemas.

Cause

This issue occurs when a log source has multiple CSV schemas without the columns field. Panther requires the columns fields to differentiate between logs.