elasticsearch.helpers.BulkIndexError: document(s) failed to index.

[esebese]

Orochi Version: 2.2.3

windows.dlllist, windows.pslist, windows.pstree and other plugins except windows.cmdline, windows.netscan, windows.privileges generate the error below:

Traceback (most recent call last): File "/app/orochi/utils/volatility_dask_elk.py", line 515, in run_plugin helpers.bulk( File "/opt/conda/lib/python3.12/site-packages/elasticsearch/helpers/actions.py", line 521, in bulk for ok, item in streaming_bulk( File "/opt/conda/lib/python3.12/site-packages/elasticsearch/helpers/actions.py", line 436, in streaming_bulk for data, (ok, info) in zip( File "/opt/conda/lib/python3.12/site-packages/elasticsearch/helpers/actions.py", line 355, in _process_bulk_chunk yield from gen File "/opt/conda/lib/python3.12/site-packages/elasticsearch/helpers/actions.py", line 274, in _process_bulk_chunk_success raise BulkIndexError(f"{len(errors)} document(s) failed to index.", errors) elasticsearch.helpers.BulkIndexError: 500 document(s) failed to index.

[garanews]

Hi @esebese , sorry for delay, we had a similar issue time ago and remember we try something to fix it.
In any case we're working on a new version (you can find it in branch new) that completely remove elasticsearch and will store volatility results in postgresql in favor of a lighter system. We will provide a sort of migration tool for the existing data.
At that point it will be possible also an easy import/export having all data in a postgresql.
Some other nice difference will be a full size result page (going to hide the plugin menu after selected) and other fixes like the email validation that was not working so good. There will be also the suport for 2 factor authentication with google auth, the possibility of change the logo and more!