Skip to main content
Panther Knowledge Base

Why is my log source classification error in Panther returning an empty object?

  1. Last updated
  2. Save as PDF

Issue

When trying to ingest a log source in Panther, I'm getting a classification error that returns empty:

"errors": []

Resolution

To resolve this issue:

  • Please check if your log source contains multiple CSV schemas. If so, please edit and add the columns fields for the CSV schemas.

Cause

This issue occurs when a log source has multiple CSV schemas without the columns field. Panther requires the columns fields to differentiate between logs.

 

 

  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Page type
    Topic
  2. Tags
    This page has no tags.