Kibana - Dashboard is empty. Let’s fill it up!
452 views
Skip to first unread message
Max S.
Sep 3, 2018, 2:34:22 PM9/3/18
to security-onion
Hi All,
I am running Kibana 6.3.2 and currently stuck on "dashboard is empty. Let’s fill it up!." I have restarted Kibana, Elastic Search, Logstash, and Curator but no change.
Please see attached for the screenshot of my Kibana after reboot; and please advise.
Thanks in advance.
-Max
I am running Kibana 6.3.2 and currently stuck on "dashboard is empty. Let’s fill it up!." I have restarted Kibana, Elastic Search, Logstash, and Curator but no change.
Please see attached for the screenshot of my Kibana after reboot; and please advise.
Thanks in advance.
-Max
Wes Lambert
Sep 4, 2018, 8:52:03 AM9/4/18
to securit...@googlegroups.com
Have you tried logging out and back in as well, ensuring you clear the browser cache?
I would even consider rebooting for good measure.
Thanks,
Wes
--
Follow Security Onion on Twitter!
https://twitter.com/securityonion
---
You received this message because you are subscribed to the Google Groups "security-onion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to security-onio...@googlegroups.com.
To post to this group, send email to securit...@googlegroups.com.
Visit this group at https://groups.google.com/group/security-onion.
For more options, visit https://groups.google.com/d/optout.
Max S.
Sep 4, 2018, 10:30:53 AM9/4/18
to security-onion
GET _search
{
"query": {
"match_all": {}
}
}
Please see attached screenshots for the response from the GET script and please advise.
Thanks again.
-Max
Wes Lambert
Sep 4, 2018, 2:27:35 PM9/4/18
to securit...@googlegroups.com
You may want to try running so-elastic-configure-kibana to see if it helps at all.
Thanks,
Wes
Max S.
Sep 4, 2018, 3:12:08 PM9/4/18
to security-onion
=========================================================================
Configuring Kibana dashboards
=========================================================================
......................................................
=========================================================================
Configuring Kibana
=========================================================================
Applying Kibana config...
{"message":"[doc][config:6.3.2]: version conflict, document already exists (current version [8]): [version_conflict_engine_exception] [doc][config:6.3.2]: version conflict, document already exists (current version [8]), with { index_uuid=\"HOsCkOGIQ3me8TDg5p4fbg\" & shard=\"0\" & index=\".kibana\" }","statusCode":409,"error":"Conflict"}
Applying cross cluster search config...
{"acknowledged":true,"persistent":{"search":{"remote":{"SO":{"seeds":["127.0.0.1:9300"]}}}},"transient":{}}
Applying Kibana template...
{"acknowledged":true}
{"acknowledged":true}
Updating /etc/nsm/securityonion.conf with correct Kibana version (6.3.2)...
=========================================================================
Replacing ELSA shortcuts with Kibana shortcuts
=========================================================================
Checking /home/user/Desktop
Checking /home/sguil/Desktop
Checking /etc/skel/Desktop
Checking /usr/share/applications
Done!
Wes Lambert
Sep 4, 2018, 5:32:23 PM9/4/18
to securit...@googlegroups.com
What is the output of the following?
curl localhost:9200/_cat/indices?pretty
Thanks,
Wes
Max S.
Sep 6, 2018, 8:30:07 AM9/6/18
to security-onion
green open logstash-bro-2018.09.04 ILsEZIKaQO-AnTijeIdbeA 1 0 134434418 0 158gb 158gb
green open logstash-bro-2018.08.25 7tq_pkqqT8a28gAFqD8hiw 1 0 176363750 0 178gb 178gb
green open .kibana HOsCkOGIQ3me8TDg5p4fbg 1 0 493 36 965.6kb 965.6kb
green open elastalert_status_error Gsg42ug-TC-iuEENYcKwTA 5 0 375 0 421.4kb 421.4kb
close logstash-ids-2018.08.04 VLAG_h6ETuG-xVqeAa4Jyg
green open logstash-ids-2018.08.12 2USBtdrTRVmmTgPg5Hiv9A 1 0 56777 0 20.8mb 20.8mb
green open logstash-ids-2018.09.02 sJPqJG3HSL2eGgkH0yUfWg 1 0 3879 0 2.3mb 2.3mb
green open logstash-ids-2018.08.13 max3KFrcRdSiD3IQyoh3Ow 1 0 48106 0 19.1mb 19.1mb
green open logstash-ids-2018.08.28 KrWZatikQOK0ffvox62NXw 1 0 12458 0 6.2mb 6.2mb
green open logstash-ids-2018.08.09 mrBfg7_nS9mj2EZUTG0WYg 1 0 49182 0 19.5mb 19.5mb
green open logstash-syslog-2018.09.02 ElF6OkZbTPGTECKMTQ8xOg 1 0 36408 0 17.5mb 17.5mb
green open logstash-bro-2018.08.29 2lMDQHfnSwCcEKSkkjRNSw 1 0 185759298 0 220.8gb 220.8gb
close logstash-syslog-2018.08.04 DiOn9i9zSs6HYLdrnOP7_A
green open logstash-ids-2018.09.01 sQ_KrZysQ3uwdHscA5nWyw 1 0 4560 0 2.7mb 2.7mb
green open logstash-ids-2018.09.04 t8XNDUGPQZmqewHKXVD5XA 1 0 4973 0 3mb 3mb
green open logstash-ids-2018.08.29 MS87Z7BhSICm7zlt3T_POQ 1 0 6089 0 3.6mb 3.6mb
green open logstash-bro-2018.08.20 OrC6dNWUQpeMbLbRxV55pA 1 0 210983333 0 256.8gb 256.8gb
green open logstash-ids-2018.08.20 l9aN6MnHSN-LksDnmveHbw 1 0 11940 0 6.1mb 6.1mb
green open logstash-syslog-2018.09.01 aczzgPneS-ONDjDUrqh51w 1 0 30681 0 15.2mb 15.2mb
close logstash-bro-1970.01.01 9Rns9JDFSiiiroTmcQH2dg
green open logstash-bro-2018.08.26 p1RDqq0jRs2bF46rHR0Cpw 1 0 164111714 0 165gb 165gb
green open logstash-bro-2018.08.21 i8NYCg-5Q--VH5FZMzb6FA 1 0 192542125 0 233.3gb 233.3gb
yellow open :logstash- GjpqaekrQkeWrXCetDO53Q 5 1 0 0 1.2kb 1.2kb
close logstash-syslog-2018.08.06 YSvstb3sQtyW2AK36_Z4kQ
green open logstash-ids-2018.09.05 9RSRZWPPS4mAkY1uDgbQjQ 1 0 1801 0 1.2mb 1.2mb
green open logstash-syslog-2018.08.18 J5952ffsSYKGj0uMhmojSQ 1 0 41205 0 23mb 23mb
green open logstash-syslog-2018.08.19 uhF_lHVUTymcxLzKS4WabA 1 0 42562 0 23.6mb 23.6mb
green open logstash-syslog-2018.08.15 6LsNRU4lTmC6LgWLWEgsdg 1 0 44513 0 21.6mb 21.6mb
green open logstash-bro-2018.08.14 jJu1-OgARK2qPx0FZnALaA 1 0 155499604 0 189.3gb 189.3gb
green open logstash-bro-2018.08.13 N6ChjGUlTj69XC3i64iCVQ 1 0 202233545 0 252.2gb 252.2gb
green open logstash-bro-2018.08.09 WoeUNk-pSRChRZJXoeOOUA 1 0 187371236 0 226.2gb 226.2gb
green open logstash-ids-2018.08.19 wd7SI8m9RPKQ8ptxNpR2jg 1 0 10892 0 5.8mb 5.8mb
green open elastalert_status_status WUGdGx3oTZimuIBzR7DEOA 5 0 108650 0 16.3mb 16.3mb
green open logstash-ids-2018.08.23 smH_VKwOTQ6mOnywH7jcsA 1 0 9683 0 5.2mb 5.2mb
green open logstash-syslog-2018.08.17 RwFWf8mhSqOmsoec5QwnrQ 1 0 33518 0 17.9mb 17.9mb
green open logstash-syslog-2018.08.22 5Mww6a4wRHa9HbpxLPBkDQ 1 0 35214 0 18.6mb 18.6mb
green open logstash-syslog-2018.08.16 7kX5l4m-R7OLp0RKgxCcIA 1 0 9471 0 5.7mb 5.7mb
close logstash-bro-2018.08.06 aZ7EmvdjS0yYFZRUrH_s9w
green open logstash-syslog-2018.08.31 ZfB2CjwPRsCI0YqNkW7qsA 1 0 3335 0 1.9mb 1.9mb
green open logstash-bro-2018.09.05 xt6yKQd0RjGQhgA2Ks78OA 1 0 34043194 0 33.6gb 33.6gb
green open logstash-bro-2018.09.01 YNe16ZBCThihjBx2OOiNug 1 0 127911012 0 136.4gb 136.4gb
green open logstash-ids-2018.08.31 u4wyjDAcTnaz3uVusvsEEw 1 0 818 0 694.5kb 694.5kb
green open logstash-syslog-2018.08.12 BNDiGw_1QwezTADhARStaA 1 0 83767 0 37mb 37mb
green open logstash-ids-2018.08.15 tGe1ory0TL-b2oJm4m3eJg 1 0 27409 0 10.8mb 10.8mb
green open logstash-syslog-2018.09.03 T3QMabLSS0Gk0aHdPgLmkQ 1 0 34641 0 16.8mb 16.8mb
green open logstash-syslog-2018.08.25 U176HHZzRBaymeo_-AH6nQ 1 0 40999 0 23.1mb 23.1mb
green open logstash-ids-2018.08.16 wJoZIwLzRhGMObFqaOCfuw 1 0 4851 0 2.8mb 2.8mb
green open logstash-syslog-2018.08.20 JoPdb0m3Q8i57tU2pJuUjA 1 0 37591 0 21mb 21mb
green open logstash-ids-2018.08.22 4kNHTpzNQH2o6t7TuupQ3Q 1 0 11476 0 6mb 6mb
green open logstash-ids-2018.09.03 9CzmRpPQQPeSDoOvRFcQbg 1 0 5782 0 3.1mb 3.1mb
green open logstash-bro-2018.08.19 aIgCuLFuTt601PkpFICF0g 1 0 171307910 0 183gb 183gb
green open logstash-bro-2018.08.15 sSfdHKNTR4ys63Tryazw4Q 1 0 93682412 0 100.7gb 100.7gb
green open logstash-bro-2018.08.31 R8tD4UwYQSytIkoHVcuA1Q 1 0 14417223 0 16.8gb 16.8gb
green open elastalert_status_past QcWCQJckQjOWcT_P3nJI0g 5 0 0 0 1.2kb 1.2kb
green open logstash-bro-2018.08.22 4Z_D7O-hSO-IPO93vDDIew 1 0 199934679 0 245.4gb 245.4gb
close logstash-syslog-2018.08.05 KVE1--ZUQxO3lmLJdTi_sA
green open logstash-syslog-2018.08.08 fxjTHIuQSP-MgF0yT59xrA 1 0 31290 0 16.1mb 16.1mb
green open logstash-syslog-2018.08.29 CJz4l8lPR1uBxeXZsrL-XQ 1 0 29578 0 15.5mb 15.5mb
close logstash-bro-2018.08.05 oCDHSESbSuCEqkwXg2gp7Q
green open logstash-bro-2018.08.10 ApobVCR4SgWbrCh941SpSg 1 0 168603732 0 209gb 209gb
green open logstash-syslog-2018.09.04 yoZKLvh6TvWKsclTe2wVVg 1 0 26120 0 14.2mb 14.2mb
green open logstash-syslog-2018.08.11 cvElGD3RSRS7NlVcfWiqjg 1 0 68505 0 31.2mb 31.2mb
green open logstash-syslog-2018.08.27 LL6Qth_4Q-OyjCw9KMESBw 1 0 35907 0 20mb 20mb
green open logstash-ids-2018.08.14 DQgs1ZslQ9GKQEeyA6vnHQ 1 0 38314 0 15mb 15mb
green open logstash-ids-2018.08.30 MNddvEjoTnmraQJEZ5tcLQ 1 0 3540 0 1.9mb 1.9mb
green open logstash-ids-2018.08.18 FMA8X2r3STGkpTudseSQIA 1 0 12004 0 6.2mb 6.2mb
green open logstash-bro-2018.08.18 T5P_WjSASn-V61gSm04FXw 1 0 168330572 0 178.8gb 178.8gb
green open logstash-ids-2018.08.26 oErRzdGAQsm6JCgsJzz96Q 1 0 7995 0 4.3mb 4.3mb
green open elastalert_status HTe03s_cQLiQ8rLX0IT1UQ 5 0 25602 0 3.4mb 3.4mb
green open logstash-bro-2018.08.11 yfUPXQzsT4eTCm4Dz0WhNw 1 0 148299165 0 148.7gb 148.7gb
green open logstash-syslog-2018.09.05 i8o3bGjIQAWq0aGQpOj9AQ 1 0 6720 0 4.1mb 4.1mb
green open logstash-syslog-2018.08.14 l0lPWL52R-6CJFr5Cd9mTA 1 0 57961 0 27.2mb 27.2mb
green open logstash-bro-2018.08.17 1P7Lds4FRnqaw2mOBgKFcg 1 0 156363569 0 185.5gb 185.5gb
green open logstash-bro-2018.08.16 eNeScEnpTuyy2b-PVAENfA 1 0 53365785 0 69.4gb 69.4gb
green open logstash-syslog-2018.08.26 4ak4tZVwRcWJ6t8KjV5Gnw 1 0 37364 0 20.9mb 20.9mb
green open logstash-bro-2018.08.24 r_lmAzuvSW-bMZqVUGc2FA 1 0 189458681 0 222gb 222gb
green open logstash-bro-2018.09.03 1cDYdxMpSB6I4R5EgjkvHA 1 0 146981536 0 155.4gb 155.4gb
green open logstash-syslog-2018.08.13 GtRCbdC9T9WHGU0u68zwyA 1 0 73929 0 34.8mb 34.8mb
green open logstash-ids-2018.08.25 cLAq293LRvqLO42Hj942DA 1 0 8942 0 4.8mb 4.8mb
green open logstash-ids-2018.08.24 6Q0a-NM5Tkenlspy2eGB3w 1 0 12698 0 6.5mb 6.5mb
close logstash-syslog-2018.08.03 SoenUoB5QJa60UyIobc7Jw
green open logstash-ids-2018.08.08 fSDXWaSSSzSFB61-7mNWYA 1 0 23167 0 9.9mb 9.9mb
green open logstash-syslog-2018.08.09 gfH9RBm1QXSIPe0945PqpA 1 0 77007 0 38.4mb 38.4mb
close logstash-bro-2018.08.04 Q8T9XXJtR_6ddEBzZpmWfg
green open logstash-syslog-2018.08.28 8piTsbFUR1-gpml2nicU4Q 1 0 36907 0 20.3mb 20.3mb
green open logstash-syslog-2018.08.10 b8tV72LASdiPi9lEtQidUg 1 0 65998 0 30.9mb 30.9mb
green open logstash-bro-2018.08.23 lnz8luc_T5Wo4aDkftpZbA 1 0 196985699 0 236.9gb 236.9gb
green open elastalert_status_silence 3lDQINGSSGW_BEHYL7C6Mw 5 0 25629 0 2.3mb 2.3mb
green open logstash-ids-2018.08.10 DWdFCdUNT665DWtKhOJMHA 1 0 44319 0 17.2mb 17.2mb
green open logstash-ids-2018.08.17 KVs2zVTaR22QCVslFqL_Lg 1 0 9348 0 4.9mb 4.9mb
green open logstash-syslog-2018.08.30 qCigchC1RtmwDLqlylKlUg 1 0 12615 0 6.6mb 6.6mb
green open logstash-bro-2018.09.02 DY3XG8SySpyC85ys1Nocow 1 0 155586841 0 167.9gb 167.9gb
close logstash-ids-2018.08.06 twlI5gIsRPaJ_ZwcZqhkxg
green open logstash-bro-2018.08.30 7fU-4r07TR6uSzaAnBEcbQ 1 0 58789445 0 58.4gb 58.4gb
close logstash-bro-2018.08.03 sqN7zU33SF6klHjq5ESfIg
green open logstash-syslog-2018.08.21 DeGa_QsaQ7qf05s8fDdcmQ 1 0 34450 0 18.3mb 18.3mb
green open logstash-bro-2018.08.28 yceInMwbSvaH_6ZqZijf_w 1 0 189309111 0 227.1gb 227.1gb
green open logstash-bro-2018.08.27 DCcDkwk9QNKDr-zZW23gYw 1 0 190644118 0 227.8gb 227.8gb
green open logstash-ids-2018.08.27 uM6iLBzURiCrFtykqTGdyA 1 0 10022 0 5.4mb 5.4mb
close logstash-ids-2018.08.05 V93aO4phRa2PAP0Fv1tEXw
green open logstash-ids-2018.08.11 _Sa-x3RFTW6xAmXuJxfE5g 1 0 44245 0 16.2mb 16.2mb
green open logstash-syslog-2018.08.24 kDQYIvNEStqXzFp-H3yg_w 1 0 38121 0 21.8mb 21.8mb
green open logstash-ids-2018.08.21 -td7Q0_JSyWTootF729zTg 1 0 11902 0 6.4mb 6.4mb
green open logstash-syslog-2018.08.23 CWAtzmykSkisJEvLXRrL_A 1 0 34627 0 18.8mb 18.8mb
green open logstash-bro-2018.08.07 p47SOVR1Q6-hUW6YalNoOw 1 0 2116 0 4.1mb 4.1mb
green open logstash-bro-2018.08.12 p9SDXUAHSYeBbw_6dYetIw 1 0 146994934 0 155.6gb 155.6gb
close logstash-ids-2018.08.03 He0boNfKTN-q7iW_KipHqw
green open logstash-bro-2018.08.08 O7jqlFYGSBGrfHAORUa7oA 1 0 92859968 0 123.9gb 123.9gb
Wes Lambert
Sep 7, 2018, 8:26:53 AM9/7/18
to securit...@googlegroups.com
Hi Max,
Let's try this:
(From the terminal of the master server)
curl -XDELETE localhost:9200/.kibana
curl -XDELETE localhost:9200/_template/kibana
sudo so-elastic-configure-kibana
Thanks,
Wes
Max S.
Sep 7, 2018, 3:52:05 PM9/7/18
to security-onion
So I ran the curl commands and the "so-elastic-configure-kibana" command, but still getting the same page in Kibana's Discovery, Visualize, and Dashboard pages. Please see attachment for these pages output after running the suggest commands:
Below is the output of so-elastic-configure-kibana:
=========================================================================
Configuring Kibana dashboards
=========================================================================
......................................................
=========================================================================
Configuring Kibana
=========================================================================
Applying Kibana config...
Applying cross cluster search config...
Applying Kibana template...
{"acknowledged":true}
{"acknowledged":true}
Updating /etc/nsm/securityonion.conf with correct Kibana version (6.3.2)...
=========================================================================
Replacing ELSA shortcuts with Kibana shortcuts
=========================================================================
Wes Lambert
Sep 7, 2018, 3:59:44 PM9/7/18
to securit...@googlegroups.com
That's strange.
Let's try this:
sudo so-kibana-stop
sudo docker rmi securityonionsolutions/so-kibana
sudo so-kibana-start
Thanks,
Wes
Wes Lambert
Sep 7, 2018, 4:05:19 PM9/7/18
to securit...@googlegroups.com
I don't think I got a response to the previous question about clearing the browser cache -- have you ensure this has been done as well or have you tried from another browser?
Thanks,
Wes
Max S.
Sep 10, 2018, 9:34:14 AM9/10/18
to security-onion
Max S.
Sep 11, 2018, 9:59:51 AM9/11/18
to security-onion
On Friday, September 7, 2018 at 2:59:44 PM UTC-5, Wes wrote:
Max S.
Oct 8, 2018, 9:58:14 AM10/8/18
to security-onion
Thanks.
-Max
Reply all
Reply to author
Forward
0 new messages