Briefly, this error occurs when Elasticsearch receives a sequence query with less than two queries. A sequence query is used to find a sequence of events in logs and requires at least two queries to define the sequence. To resolve this issue, ensure that your sequence query includes at least two queries. If you’re dynamically generating queries, check your code to ensure it’s correctly creating multiple queries. Also, validate your query syntax and structure to ensure it’s correctly formatted.
This guide will help you check for common problems that cause the log ” A sequence requires a minimum of 2 queries; found [{}] ” to appear. To understand the issues related to this log, read the explanation below about the following Elasticsearch concepts: parser, plugin.
Log Context
Log “A sequence requires a minimum of 2 queries; found [{}]” class name is LogicalPlanBuilder.java. We extracted the following from Elasticsearch source code for those seeking an in-depth context :
queries.add(sequenceTerm); } } if (queries.size() < 2) { throw new ParsingException(source; "A sequence requires a minimum of 2 queries; found [{}]"; queries.size()); } // until is already parsed through sequenceTerm() above if (ctx.until != null) { until = queries.remove(queries.size() - 1);