Upgrading to Elasticsearch 5.6.x
Cloudera Cybersecurity Platform (CCP) has deprecated support for Elasticsearch 2.x. You must upgrade to Elasticsearch 5.x to CCP queries in the current release. In addition to upgrading to Elasticsearch 5.x, you must also update Elasticsearch type mappings, templates, and existing sensors.
QueryParsingException[[nested] failed to find nested object under path [alert]];