Re: 404 Error Not Found on ELSA /SQUERT

[Wes]

On Monday, April 25, 2016 at 3:22:12 PM UTC-4, Danny Stephens wrote:
> Gentlemen
>
> I have no Hair left.
>
> Fresh new install of 14.04 I had so many issues with 12 that I just blow the hole raid away. Install went smooth as butter added users and went home for the weekend. logged in great to everything this morning. ELSA is my big eye right now so I started adding dashboards through the web front end. I reached 10 dashboards it would not take the 11th dashboard which seamed odd. So I reloaded the page thinking something timed out or I needed to authenticate. This is were my problem comes in ELSA and SQUERT no only get a 404 Not Found error i have changed nothing and everything is running. I did disable the UFW but that didn't fix anything so I put it back. ANY help even just a GOOGLE search word that might help me would be greatly appreciated.
>
> I'm Attaching sostat redacted.
>
>
> Not Found
>
> The requested URL /squert was not found on this server.
>
> Apache/2.4.7 (Ubuntu) Server at x.x.x.x Port 443
>
>
> Not Found
>
> The requested URL /elsa was not found on this server.
>
> Apache/2.4.7 (Ubuntu) Server at x.x.x.x Port 443
>
> Status: active
>
> To Action From
> -- ------ ----
> 22/tcp ALLOW Anywhere
> 22,4505,4506,7736/tcp ALLOW x.x.x.x
> 22,4505,4506,7736/tcp ALLOW x.x.x.x
> 22,443,7734/tcp ALLOW x.x.x.x
> 514 ALLOW Anywhere
> 22,443,7734/tcp ALLOW x.x.x.x/xx
> 22,443,7734/tcp ALLOW x.x.x.x/xx
> 443/tcp ALLOW Anywhere
> 22,443,7734/tcp ALLOW x.x.x.x/xx
> 22,443,7734/tcp ALLOW x.x.x.x
> 22/tcp (v6) ALLOW Anywhere (v6)
> 514 (v6) ALLOW Anywhere (v6)
> 443/tcp (v6) ALLOW Anywhere (v6)

Have you tried restarting Apache?

sudo service apache2 restart

Are you able to navigate to these URI's locally?

Any errors in the Apache error.log, or in ELSA's web.log or node.log?

Thanks,
Wes

[Wes]

On Monday, April 25, 2016 at 5:10:08 PM UTC-4, Danny Stephens wrote:

> Yes
>
> sudo service apache2 restart
>
> AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1. Set the 'ServerName' directive globally to suppress this message
> [ OK ]

>
> Are you able to navigate to these URI's locally?
>

> The computer is not local to me I only have SSH right now

>
> Any errors in the Apache error.log, or in ELSA's web.log or node.log?
>
>

> /var/log/apache2/error.log
> Use of uninitialized value in string eq at /opt/elsa/web/lib/View/Datasource.pm line 62.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 233.
> Use of uninitialized value in string eq at /opt/elsa/web/lib/View/Datasource.pm line 62.
> Use of uninitialized value in string eq at /opt/elsa/web/lib/View/Datasource.pm line 62.
> Use of uninitialized value in string eq at /opt/elsa/web/lib/View/Datasource.pm line 62.
> Use of uninitialized value in string eq at /opt/elsa/web/lib/View/Datasource.pm line 62.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 233.
> Use of uninitialized value in string eq at /opt/elsa/web/lib/View/Datasource.pm line 62.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 233.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 233.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 233.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 233.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/Query/Sphinx.pm line 745.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/Query/Sphinx.pm line 745.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/Query/Sphinx.pm line 745.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/Query/Sphinx.pm line 745.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/Query/Sphinx.pm line 745.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/Query/Sphinx.pm line 745.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/Query/Sphinx.pm line 745.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/Query/Sphinx.pm line 745.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/Query/Sphinx.pm line 745.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/Query/Sphinx.pm line 745.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/Query/Sphinx.pm line 745.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/Query/Sphinx.pm line 745.
> Use of uninitialized value in string eq at /opt/elsa/web/lib/View/Datasource.pm line 62.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 233.
> Use of uninitialized value $groupby in string eq at /opt/elsa/web/lib/Query/Sphinx.pm line 621.
> Use of uninitialized value $groupby in string eq at /opt/elsa/web/lib/Query/Sphinx.pm line 621.
> Use of uninitialized value $groupby in string eq at /opt/elsa/web/lib/Query/Sphinx.pm line 621.
> Use of uninitialized value $groupby in string eq at /opt/elsa/web/lib/Query/Sphinx.pm line 621.
> Use of uninitialized value $groupby in string eq at /opt/elsa/web/lib/Query/Sphinx.pm line 621.
> Use of uninitialized value $groupby in string eq at /opt/elsa/web/lib/Query/Sphinx.pm line 621.
> Use of uninitialized value in string eq at /opt/elsa/web/lib/View/Datasource.pm line 62.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 233.
> Use of uninitialized value in string eq at /opt/elsa/web/lib/View/Datasource.pm line 62.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 233.
> [Mon Apr 25 09:59:51.757251 2016] [mpm_prefork:notice] [pid 13255] AH00169: caught SIGTERM, shutting down
> [Mon Apr 25 10:07:35.473796 2016] [ssl:warn] [pid 5710] AH01909: RSA certificate configured for 127.0.1.1:443 does NOT include an ID which matches the server name
> [Mon Apr 25 10:07:35.575371 2016] [ssl:warn] [pid 5711] AH01909: RSA certificate configured for 127.0.1.1:443 does NOT include an ID which matches the server name
> [Mon Apr 25 10:07:37.792255 2016] [mpm_prefork:notice] [pid 5711] AH00163: Apache/2.4.7 (Ubuntu) PHP/5.5.9-1ubuntu4.14 OpenSSL/1.0.1f mod_perl/2.0.8 Perl/v5.18.2 configured -- resuming normal operations
> [Mon Apr 25 10:07:37.792281 2016] [core:notice] [pid 5711] AH00094: Command line: '/usr/sbin/apache2'
> Use of uninitialized value in numeric lt (<) at /opt/elsa/web/lib/Controller.pm line 743.
> Use of uninitialized value in numeric lt (<) at /opt/elsa/web/lib/Controller.pm line 743.
> Use of uninitialized value in addition (+) at /opt/elsa/web/lib/Controller.pm line 749.
> Use of uninitialized value in addition (+) at /opt/elsa/web/lib/Controller.pm line 749.
> Use of uninitialized value in numeric gt (>) at /opt/elsa/web/lib/Controller.pm line 752.
> Use of uninitialized value in numeric gt (>) at /opt/elsa/web/lib/Controller.pm line 752.
> Use of uninitialized value in numeric gt (>) at /opt/elsa/web/lib/Controller.pm line 752.
> Use of uninitialized value in numeric gt (>) at /opt/elsa/web/lib/Controller.pm line 752.
> Use of uninitialized value $epochdate in localtime at /opt/elsa/web/lib/Utils.pm line 183.
> Use of uninitialized value $epochdate in localtime at /opt/elsa/web/lib/Utils.pm line 183.
> Use of uninitialized value in localtime at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 233.
> Use of uninitialized value in addition (+) at /opt/elsa/web/lib/Controller.pm line 749.
> Use of uninitialized value in addition (+) at /opt/elsa/web/lib/Controller.pm line 749.
> Use of uninitialized value in localtime at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 233.
> Use of uninitialized value in localtime at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 233.
> Use of uninitialized value in localtime at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 233.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/Query/Sphinx.pm line 745.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/Query/Sphinx.pm line 745.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/Query/Sphinx.pm line 745.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/Query/Sphinx.pm line 745.
> Use of uninitialized value in localtime at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 233.
> Use of uninitialized value in localtime at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 233.
> Use of uninitialized value in localtime at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 233.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/Query/Sphinx.pm line 745.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/Query/Sphinx.pm line 745.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/Query/Sphinx.pm line 745.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/Query/Sphinx.pm line 745.
> Use of uninitialized value in localtime at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 233.
> Use of uninitialized value in localtime at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 233.
> Use of uninitialized value in addition (+) at /opt/elsa/web/lib/Controller.pm line 749.
> Use of uninitialized value in addition (+) at /opt/elsa/web/lib/Controller.pm line 749.
> Use of uninitialized value in localtime at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 233.
> Use of uninitialized value in localtime at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 233.
> Use of uninitialized value in localtime at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 233.
> Use of uninitialized value in string eq at /opt/elsa/web/lib/Query/Sphinx.pm line 256.
> Use of uninitialized value in string eq at /opt/elsa/web/lib/Query/Sphinx.pm line 256.
> Use of uninitialized value in localtime at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 233.
> Use of uninitialized value in localtime at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 233.
> Use of uninitialized value in localtime at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 233.
> Use of uninitialized value in string eq at /opt/elsa/web/lib/Query/Sphinx.pm line 256.
> Use of uninitialized value in string eq at /opt/elsa/web/lib/Query/Sphinx.pm line 256.
> Use of uninitialized value in localtime at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 233.
> Use of uninitialized value in localtime at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 233.
> Use of uninitialized value in localtime at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 233.
> Use of uninitialized value in string eq at /opt/elsa/web/lib/Query/Sphinx.pm line 256.
> Use of uninitialized value in string eq at /opt/elsa/web/lib/Query/Sphinx.pm line 256.
> Use of uninitialized value in localtime at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 233.
> Use of uninitialized value in addition (+) at /opt/elsa/web/lib/Controller.pm line 749.
> Use of uninitialized value in addition (+) at /opt/elsa/web/lib/Controller.pm line 749.
> Use of uninitialized value in localtime at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 233.
> Use of uninitialized value in localtime at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 233.
> Use of uninitialized value in string eq at /opt/elsa/web/lib/Query/Sphinx.pm line 256.
> Use of uninitialized value in string eq at /opt/elsa/web/lib/Query/Sphinx.pm line 256.
> Use of uninitialized value in localtime at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 233.
> Use of uninitialized value in string eq at /opt/elsa/web/lib/Query/Sphinx.pm line 256.
> Use of uninitialized value in string eq at /opt/elsa/web/lib/Query/Sphinx.pm line 256.
> Use of uninitialized value in localtime at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 233.
> Use of uninitialized value in string eq at /opt/elsa/web/lib/Query/Sphinx.pm line 256.
> Use of uninitialized value in string eq at /opt/elsa/web/lib/Query/Sphinx.pm line 256.
> Use of uninitialized value in localtime at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 233.
> Use of uninitialized value in localtime at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 233.
> Use of uninitialized value in localtime at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 233.
> Use of uninitialized value in string eq at /opt/elsa/web/lib/Query/Sphinx.pm line 256.
> Use of uninitialized value in string eq at /opt/elsa/web/lib/Query/Sphinx.pm line 256.
> Use of uninitialized value in localtime at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 233.
> Use of uninitialized value in string eq at /opt/elsa/web/lib/Query/Sphinx.pm line 256.
> Use of uninitialized value in string eq at /opt/elsa/web/lib/Query/Sphinx.pm line 256.
> Use of uninitialized value in localtime at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 233.
> Use of uninitialized value in string eq at /opt/elsa/web/lib/Query/Sphinx.pm line 256.
> Use of uninitialized value in string eq at /opt/elsa/web/lib/Query/Sphinx.pm line 256.
> Use of uninitialized value in localtime at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 233.
> Use of uninitialized value $attr in concatenation (.) or string at /opt/elsa/web/lib/Query.pm line 875.
> Use of uninitialized value $attr in concatenation (.) or string at /opt/elsa/web/lib/Query.pm line 878.
> Use of uninitialized value in localtime at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 233.
> Use of uninitialized value in string eq at /opt/elsa/web/lib/Query/Sphinx.pm line 256.
> Use of uninitialized value in string eq at /opt/elsa/web/lib/Query/Sphinx.pm line 256.
> Use of uninitialized value in localtime at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 233.
> Use of uninitialized value in localtime at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 233.
> Use of uninitialized value in localtime at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 233.
> Use of uninitialized value in string eq at /opt/elsa/web/lib/Query/Sphinx.pm line 256.
> Use of uninitialized value in string eq at /opt/elsa/web/lib/Query/Sphinx.pm line 256.
> Use of uninitialized value in localtime at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 233.
> Use of uninitialized value in localtime at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 233.
> [Mon Apr 25 11:47:56.927086 2016] [mpm_prefork:notice] [pid 5711] AH00169: caught SIGTERM, shutting down
> [Mon Apr 25 11:47:57.988141 2016] [ssl:warn] [pid 22181] AH01909: RSA certificate configured for 127.0.1.1:443 does NOT include an ID which matches the server name
> [Mon Apr 25 11:47:58.051953 2016] [ssl:warn] [pid 22182] AH01909: RSA certificate configured for 127.0.1.1:443 does NOT include an ID which matches the server name
> [Mon Apr 25 11:47:59.446648 2016] [mpm_prefork:notice] [pid 22182] AH00163: Apache/2.4.7 (Ubuntu) PHP/5.5.9-1ubuntu4.14 OpenSSL/1.0.1f mod_perl/2.0.8 Perl/v5.18.2 configured -- resuming normal operations
> [Mon Apr 25 11:47:59.446681 2016] [core:notice] [pid 22182] AH00094: Command line: '/usr/sbin/apache2'
> Use of uninitialized value in addition (+) at /opt/elsa/web/lib/Controller.pm line 749.
> Use of uninitialized value in addition (+) at /opt/elsa/web/lib/Controller.pm line 749.
> Use of uninitialized value in localtime at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 233.
> Use of uninitialized value in localtime at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 233.
> Use of uninitialized value in localtime at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 233.
> Use of uninitialized value in string eq at /opt/elsa/web/lib/Query/Sphinx.pm line 256.
> Use of uninitialized value in string eq at /opt/elsa/web/lib/Query/Sphinx.pm line 256.
> Use of uninitialized value in localtime at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 233.
> Use of uninitialized value in string eq at /opt/elsa/web/lib/Query/Sphinx.pm line 256.
> Use of uninitialized value in string eq at /opt/elsa/web/lib/Query/Sphinx.pm line 256.
> Use of uninitialized value in localtime at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 233.
> Use of uninitialized value in string eq at /opt/elsa/web/lib/Query/Sphinx.pm line 256.
> Use of uninitialized value in string eq at /opt/elsa/web/lib/Query/Sphinx.pm line 256.
> Use of uninitialized value in localtime at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 233.
> Use of uninitialized value in string eq at /opt/elsa/web/lib/Query/Sphinx.pm line 256.
> Use of uninitialized value in string eq at /opt/elsa/web/lib/Query/Sphinx.pm line 256.
> Use of uninitialized value in localtime at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 233.
> Use of uninitialized value in string eq at /opt/elsa/web/lib/Query/Sphinx.pm line 256.
> Use of uninitialized value in string eq at /opt/elsa/web/lib/Query/Sphinx.pm line 256.
> Use of uninitialized value in localtime at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 448.
> Use of uninitialized value in concatenation (.) or string at /opt/elsa/web/lib/QueryParser.pm line 233.
> [Mon Apr 25 13:55:40.551257 2016] [mpm_prefork:notice] [pid 22182] AH00169: caught SIGTERM, shutting down
> [Mon Apr 25 13:55:41.617367 2016] [ssl:warn] [pid 34027] AH01909: RSA certificate configured for 127.0.1.1:443 does NOT include an ID which matches the server name
> [Mon Apr 25 13:55:41.678524 2016] [ssl:warn] [pid 34028] AH01909: RSA certificate configured for 127.0.1.1:443 does NOT include an ID which matches the server name
> [Mon Apr 25 13:55:42.948217 2016] [mpm_prefork:notice] [pid 34028] AH00163: Apache/2.4.7 (Ubuntu) PHP/5.5.9-1ubuntu4.14 OpenSSL/1.0.1f mod_perl/2.0.8 Perl/v5.18.2 configured -- resuming normal operations
> [Mon Apr 25 13:55:42.948244 2016] [core:notice] [pid 34028] AH00094: Command line: '/usr/sbin/apache2'
>
>
>
> /nsm/elsa/data/elsa/log$ sudo tail -1000 web.log
>
> 'host_id',
> 'program_id',
> 'class_id',
> 'attr_i0',
> 'attr_i1',
> 'attr_i2',
> 'attr_i3',
> 'attr_i4',
> 'attr_i5',
> 'attr_s0',
> 'attr_s1',
> 'attr_s2',
> 'attr_s3',
> 'attr_s4',
> 'attr_s5'
> ]
> };
> * DEBUG [2016/04/25 12:54:34] /opt/elsa/web/lib/Query/Sphinx.pm (689) Query::Sphinx::_get_search_terms 29316 [undef]
> field class was an int field
> * DEBUG [2016/04/25 12:54:34] /opt/elsa/web/lib/Query/Sphinx.pm (212) Query::Sphinx::_build_query 29316 [undef]
> terms_and_filters: $VAR1 = {
> 'searches' => [
> {
> 'field' => '',
> 'op' => ':',
> 'boolean' => 'and',
> 'quote' => '"',
> 'value' => '"-"'
> }
> ],
> 'filters' => [
> {
> 'op' => '=',
> 'field' => 'class',
> 'boolean' => 'and',
> 'value' => 'BRO_CONN'
> }
> ]
> };
> * TRACE [2016/04/25 12:54:34] /opt/elsa/web/lib/Query.pm (875) Query::_value 29316 [undef]
> $hash: $VAR1 = {
> 'op' => '=',
> 'field' => 'class',
> 'boolean' => 'and',
> 'value' => 'BRO_CONN'
> };
> value: BRO_CONN $attr: class_id
> * DEBUG [2016/04/25 12:54:34] /opt/elsa/web/lib/Query/Sphinx.pm (215) Query::Sphinx::_build_query 29316 [undef]
> attr_str: (class_id=20)
> * DEBUG [2016/04/25 12:54:34] /opt/elsa/web/lib/Query/Sphinx.pm (226) Query::Sphinx::_build_query 29316 [undef]
> query: $VAR1 = {
> 'where' => {
> 'values' => [
> '20'
> ],
> 'clause' => 'MATCH(\'(("-"))\') AND attr_tests=1 AND import_tests=1 AND class_id=?'
> },
> 'select' => {
> 'clause' => 'SELECT id, COUNT(*) AS _count, attr_i0 AS _groupby, (class_id=20) AS attr_tests, 1=1 AS import_tests',
> 'values' => []
> },
> 'groupby' => 'attr_i0'
> };
> * DEBUG [2016/04/25 12:54:34] /opt/elsa/web/lib/Query/Sphinx.pm (985) Query::Sphinx::__ANON__ 29316 [undef]
> $group_key: $VAR1 = '2488649083';
> * TRACE [2016/04/25 12:54:34] /opt/elsa/web/lib/Query/Sphinx.pm (1060) Query::Sphinx::_query 29316 [undef]
> Sphinx query: SELECT id, COUNT(*) AS _count, attr_i0 AS _groupby, (class_id=20) AS attr_tests, 1=1 AS import_tests FROM temp_8,temp_7,temp_6,temp_5,temp_4,temp_3,temp_2,temp_1,temp_83 WHERE MATCH('(("-"))') AND attr_tests=1 AND import_tests=1 AND class_id=? AND timestamp>=? GROUP BY attr_i0 ORDER BY _count DESC LIMIT ?,?
> * TRACE [2016/04/25 12:54:34] /opt/elsa/web/lib/Query/Sphinx.pm (1061) Query::Sphinx::_query 29316 [undef]
> Sphinx query values: 20,1461441153,0,100
> * DEBUG [2016/04/25 12:54:34] /opt/elsa/web/lib/Query/Sphinx.pm (1068) Query::Sphinx::__ANON__ 29316 [undef]
> Sphinx query finished in 0.00494980812072754
> * TRACE [2016/04/25 12:54:34] /opt/elsa/web/lib/Query/Sphinx.pm (1082) Query::Sphinx::__ANON__ 29316 [undef]
> got sphinx result: $VAR1 = {
> 'meta' => {
> 'total' => 0,
> 'hits[0]' => 43951,
> 'docs[0]' => 22919,
> 'keyword[0]' => '-',
> 'time' => '0.002',
> 'total_found' => 0
> },
> 'rows' => []
> };
> * TRACE [2016/04/25 12:54:34] /opt/elsa/web/lib/Query/Sphinx.pm (1111) Query::Sphinx::__ANON__ 29316 [undef]
> No rows found
> * DEBUG [2016/04/25 12:54:34] /opt/elsa/web/lib/Query/Sphinx.pm (1019) Query::Sphinx::__ANON__ 29316 [undef]
> ret: $VAR1 = {
> 'stats' => {
> 'sphinx_query' => '0.00494980812072754'
> },
> 'meta' => {
> 'total' => 0,
> 'hits[0]' => 43951,
> 'docs[0]' => 22919,
> 'keyword[0]' => '-',
> 'time' => '0.002',
> 'total_found' => 0
> },
> 'sphinx_rows' => []
> };
> * INFO [2016/04/25 12:54:34] /opt/elsa/web/lib/Controller.pm (1886) Controller::__ANON__ 29316 [undef]
> Query 279 returned 0 rows
> * DEBUG [2016/04/25 12:54:34] /opt/elsa/web/lib/Query.pm (557) Query::transform_results 29316 [undef]
> transforms: $VAR1 = [];
> * TRACE [2016/04/25 12:54:34] /opt/elsa/web/lib/Utils.pm (710) Utils::_peer_query 29316 [undef]
> Sending request to URL http://127.0.0.1:50000/API/query with body permissions=%7B%0A%20%20%20%22resolved%22%20%3A%201%2C%0A%20%20%20%22program_id%22%20%3A%20%7B%0A%20%20%20%20%20%20%220%22%20%3A%201%0A%20%20%20%7D%2C%0A%20%20%20%22node_id%22%20%3A%20%7B%0A%20%20%20%20%20%20%220%22%20%3A%201%0A%20%20%20%7D%2C%0A%20%20%20%22host_id%22%20%3A%20%7B%0A%20%20%20%20%20%20%220%22%20%3A%201%0A%20%20%20%7D%2C%0A%20%20%20%22class_id%22%20%3A%20%7B%0A%20%20%20%20%20%20%220%22%20%3A%201%0A%20%20%20%7D%2C%0A%20%20%20%22fields%22%20%3A%20%7B%7D%0A%7D%0A&q=%7B%0A%20%20%20%22query_meta_params%22%20%3A%20%7B%0A%20%20%20%20%20%20%22start%22%20%3A%20%221461441153%22%2C%0A%20%20%20%20%20%20%22timezone_offset%22%20%3A%20300%2C%0A%20%20%20%20%20%20%22limit%22%20%3A%20100%0A%20%20%20%7D%2C%0A%20%20%20%22query_string%22%20%3A%20%22class%3DBRO_CONN%20%5C%22-%5C%22%20groupby%3Asrcip%22%0A%7D%0A&peer_label=SOLO1
> * INFO [2016/04/25 12:54:37] /opt/elsa/web/lib/Controller.pm (1614) Controller::__ANON__ 29316 [undef]
> Query 279 returned 100 rows
> * TRACE [2016/04/25 12:54:37] /opt/elsa/web/lib/Query.pm (254) Query::_set_time_taken 29316 [undef]
> Set time taken for query 279 to 3309
> * TRACE [2016/04/25 12:55:08] /opt/elsa/web/cron.pl (99) main:: 29526 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 12:56:09] /opt/elsa/web/cron.pl (99) main:: 29574 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 12:57:08] /opt/elsa/web/cron.pl (99) main:: 29632 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 12:58:08] /opt/elsa/web/cron.pl (99) main:: 29692 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 12:59:08] /opt/elsa/web/cron.pl (99) main:: 29767 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:00:09] /opt/elsa/web/cron.pl (99) main:: 29903 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:01:08] /opt/elsa/web/cron.pl (99) main:: 29961 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:02:08] /opt/elsa/web/cron.pl (99) main:: 30011 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:03:08] /opt/elsa/web/cron.pl (99) main:: 30061 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:04:09] /opt/elsa/web/cron.pl (99) main:: 30135 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:05:08] /opt/elsa/web/cron.pl (99) main:: 30270 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:06:09] /opt/elsa/web/cron.pl (99) main:: 30326 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:07:08] /opt/elsa/web/cron.pl (99) main:: 30381 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:08:08] /opt/elsa/web/cron.pl (99) main:: 30429 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:09:09] /opt/elsa/web/cron.pl (99) main:: 30509 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:10:08] /opt/elsa/web/cron.pl (99) main:: 30647 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:11:09] /opt/elsa/web/cron.pl (99) main:: 30700 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:12:09] /opt/elsa/web/cron.pl (99) main:: 30756 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:13:08] /opt/elsa/web/cron.pl (99) main:: 30805 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:14:08] /opt/elsa/web/cron.pl (99) main:: 30873 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:15:08] /opt/elsa/web/cron.pl (99) main:: 31014 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:16:09] /opt/elsa/web/cron.pl (99) main:: 31069 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:17:09] /opt/elsa/web/cron.pl (99) main:: 31127 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:18:08] /opt/elsa/web/cron.pl (99) main:: 31180 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:19:09] /opt/elsa/web/cron.pl (99) main:: 31255 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:20:08] /opt/elsa/web/cron.pl (99) main:: 31386 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:21:09] /opt/elsa/web/cron.pl (99) main:: 31437 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:22:08] /opt/elsa/web/cron.pl (99) main:: 31493 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:23:09] /opt/elsa/web/cron.pl (99) main:: 31545 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:24:08] /opt/elsa/web/cron.pl (99) main:: 31609 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:25:09] /opt/elsa/web/cron.pl (99) main:: 31751 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:26:08] /opt/elsa/web/cron.pl (99) main:: 31810 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:27:09] /opt/elsa/web/cron.pl (99) main:: 31860 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:28:08] /opt/elsa/web/cron.pl (99) main:: 31908 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:29:09] /opt/elsa/web/cron.pl (99) main:: 31989 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:30:08] /opt/elsa/web/cron.pl (99) main:: 32116 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:31:09] /opt/elsa/web/cron.pl (99) main:: 32168 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:32:08] /opt/elsa/web/cron.pl (99) main:: 32226 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:33:09] /opt/elsa/web/cron.pl (99) main:: 32274 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:34:08] /opt/elsa/web/cron.pl (99) main:: 32338 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:35:09] /opt/elsa/web/cron.pl (99) main:: 32476 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:36:08] /opt/elsa/web/cron.pl (99) main:: 32538 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:37:08] /opt/elsa/web/cron.pl (99) main:: 32593 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:38:09] /opt/elsa/web/cron.pl (99) main:: 32640 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:39:08] /opt/elsa/web/cron.pl (99) main:: 32718 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:40:09] /opt/elsa/web/cron.pl (99) main:: 32849 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:41:09] /opt/elsa/web/cron.pl (99) main:: 32915 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:42:08] /opt/elsa/web/cron.pl (99) main:: 32967 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:43:09] /opt/elsa/web/cron.pl (99) main:: 33017 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:44:09] /opt/elsa/web/cron.pl (99) main:: 33087 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:45:08] /opt/elsa/web/cron.pl (99) main:: 33215 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:46:09] /opt/elsa/web/cron.pl (99) main:: 33284 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:47:08] /opt/elsa/web/cron.pl (99) main:: 33341 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:48:09] /opt/elsa/web/cron.pl (99) main:: 33384 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:49:09] /opt/elsa/web/cron.pl (99) main:: 33450 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:50:08] /opt/elsa/web/cron.pl (99) main:: 33584 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:51:09] /opt/elsa/web/cron.pl (99) main:: 33649 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:52:09] /opt/elsa/web/cron.pl (99) main:: 33702 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:53:08] /opt/elsa/web/cron.pl (99) main:: 33751 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:54:09] /opt/elsa/web/cron.pl (99) main:: 33812 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:55:09] /opt/elsa/web/cron.pl (99) main:: 33949 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:56:08] /opt/elsa/web/cron.pl (99) main:: 34072 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:57:09] /opt/elsa/web/cron.pl (99) main:: 34125 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:58:09] /opt/elsa/web/cron.pl (99) main:: 34180 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 13:59:09] /opt/elsa/web/cron.pl (99) main:: 34248 [undef]
> cron.pl finished.
> * TRACE [2016/04/25 14:00:08] /opt/elsa/web/cron.pl (99) main:: 34391 [undef]
> cron.pl finished.
>
>
>
>
>
> /nsm/elsa/data/elsa/log$ sudo tail -1000 node.log
>
> * TRACE [2016/04/25 14:00:02] /opt/elsa/web/../node/Indexer.pm (1805) Indexer::_release_lock 34391 [undef]
> Unlocked directory
> * DEBUG [2016/04/25 14:00:02] /opt/elsa/web/../node/Indexer.pm (1297) Indexer::_queue_for_indexing 34391 [undef]
> Inserted into indexes: 74, 1461592705, 1461592756, 174838, 174867, syslog_data.syslogs_index_1, temporary, 34391
> * TRACE [2016/04/25 14:00:02] /opt/elsa/web/../node/Indexer.pm (1805) Indexer::_release_lock 34391 [undef]
> Unlocked directory
> * TRACE [2016/04/25 14:00:02] /opt/elsa/web/../node/Indexer.pm (2195) Indexer::_sphinx_index 34391 [undef]
> Starting Sphinx indexing for temp_74
> * DEBUG [2016/04/25 14:00:02] /opt/elsa/web/../node/Indexer.pm (22...

For the dashboards, you may want to look into:
https://groups.google.com/d/msg/enterprise-log-search-and-archive/eDkv55jrIEQ/5KNqKJGpBO8J

For the current issue, try issuing a select all for the elsa_web saved_results table to see if there are any duplicate qid entries:

sudo mysql -uroot -Delsa_web -e "select * from saved_results"

If you don't need the data, you could just clear it out to be safe.

sudo mysql -uroot -Delsa_web -e "delete from saved_results"

You could also look in chart_queries to see if you have any misconfigured dashboard queries which may be unintentionally DOS'ing the system.

You may even want to remove the most recent dashboard you create from elsa_web.

I would be sure to back up elsa_web db before doing this, as well as ensuring any services writing to it are stopped.

Thanks,
Wes

[Wes]

On Monday, April 25, 2016 at 7:10:57 PM UTC-4, Danny Stephens wrote:
> Thank you so much
>
> But as for deleting the dashboards that I was creating  how do I do that with no Web Access from the command line I've been looking everywhere for that very thing

> > * TRACE [2016/04/25 12:57:08] /opt/elsa/web/...

I believe the dashboards should be stored under the dashboards table in elsa_web.

You could do something like:

sudo mysql -uroot -Delsa_web -e "select * from dashboards";

to see all of the dashboards. You could then remove the desired one by issuing a statement such as the following:

sudo mysql -uroot -Delsa_web e "delete * from dashboards where <id field> = <dashboard id>";

You would of course, substitute the id field as appropriate, with the proper name, as well as the id value. I can't quite recall the field used for the dashboard id.

Thanks,
Wes

[Wes]

On Monday, April 25, 2016 at 11:24:57 PM UTC-4, Danny Stephens wrote:
> >
> > I believe the dashboards should be stored under the dashboards table in elsa_web.
> >
> > You could do something like:
> >
> > sudo mysql -uroot -Delsa_web -e "select * from dashboards";
> >
> > to see all of the dashboards. You could then remove the desired one by issuing a statement such as the following:
> >
> > sudo mysql -uroot -Delsa_web e "delete * from dashboards where <id field> = <dashboard id>";
> >
> > You would of course, substitute the id field as appropriate, with the proper name, as well as the id value. I can't quite recall the field used for the dashboard id.
> >
> > Thanks,
> > Wes
>

> Wes
> ME@SERVER:/nsm/elsa/data/elsa/log$ sudo mysql -uroot -Delsa_web -e "select * from dashboards";
> +----+-----+--------------+--------------+---------------+
> | id | uid | title | alias | auth_required |
> +----+-----+--------------+--------------+---------------+
> | 2 | 3 | web_monitor | web_monitor | 1 |
> | 3 | 3 | ssl | ssl | 1 |
> | 4 | 3 | ssh | ssh | 1 |
> | 5 | 3 | smtp | smtp | 1 |
> | 6 | 3 | overview | overview | 1 |
> | 7 | 3 | net_hunting | net_hunting | 1 |
> | 8 | 3 | host_hunting | host_hunting | 1 |
> | 9 | 3 | ftp | ftp | 1 |
> | 10 | 3 | connections | connections | 1 |
> | 11 | 3 | dhcp | dhcp | 1 |
> +----+-----+--------------+--------------+---------------+
>
>
> ME@SERVER:/nsm/elsa/data/elsa/log$ sudo mysql -uroot -Delsa_web e "delete * from dashboards where <tile> = <web_monitor>";
> mysql Ver 14.14 Distrib 5.5.47, for debian-linux-gnu (x86_64) using readline 6.3
> Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved.
>
> Oracle is a registered trademark of Oracle Corporation and/or its
> affiliates. Other names may be trademarks of their respective
> owners.
>
> Usage: mysql [OPTIONS] [database]
> -?, --help Display this help and exit.
> -I, --help Synonym for -?
> --auto-rehash Enable automatic rehashing. One doesn't need to use
> 'rehash' to get table and field completion, but startup
> and reconnecting may take a longer time. Disable with
> --disable-auto-rehash.
> (Defaults to on; use --skip-auto-rehash to disable.)
> -A, --no-auto-rehash
> No automatic rehashing. One has to use 'rehash' to get
> table and field completion. This gives a quicker start of
> mysql and disables rehashing on reconnect.
> --auto-vertical-output
> Automatically switch to vertical output mode if the
> result is wider than the terminal width.
> -B, --batch Don't use history file. Disable interactive behavior.
> (Enables --silent.)
> --character-sets-dir=name
> Directory for character set files.
> --column-type-info Display column type information.
> -c, --comments Preserve comments. Send comments to the server. The
> default is --skip-comments (discard comments), enable
> with --comments.
> -C, --compress Use compression in server/client protocol.
> -#, --debug[=#] This is a non-debug version. Catch this and exit.
> --debug-check Check memory and open file usage at exit.
> -T, --debug-info Print some debug info at exit.
> -D, --database=name Database to use.
> --default-character-set=name
> Set the default character set.
> --delimiter=name Delimiter to be used.
> --enable-cleartext-plugin
> Enable/disable the clear text authentication plugin.
> -e, --execute=name Execute command and quit. (Disables --force and history
> file.)
> -E, --vertical Print the output of a query (rows) vertically.
> -f, --force Continue even if we get an SQL error.
> -G, --named-commands
> Enable named commands. Named commands mean this program's
> internal commands; see mysql> help . When enabled, the
> named commands can be used from any line of the query,
> otherwise only from the first line, before an enter.
> Disable with --disable-named-commands. This option is
> disabled by default.
> -i, --ignore-spaces Ignore space after function names.
> --init-command=name SQL Command to execute when connecting to MySQL server.
> Will automatically be re-executed when reconnecting.
> --local-infile Enable/disable LOAD DATA LOCAL INFILE.
> -b, --no-beep Turn off beep on error.
> -h, --host=name Connect to host.
> -H, --html Produce HTML output.
> -X, --xml Produce XML output.
> --line-numbers Write line numbers for errors.
> (Defaults to on; use --skip-line-numbers to disable.)
> -L, --skip-line-numbers
> Don't write line number for errors.
> -n, --unbuffered Flush buffer after each query.
> --column-names Write column names in results.
> (Defaults to on; use --skip-column-names to disable.)
> -N, --skip-column-names
> Don't write column names in results.
> --sigint-ignore Ignore SIGINT (CTRL-C).
> -o, --one-database Ignore statements except those that occur while the
> default database is the one named at the command line.
> --pager[=name] Pager to use to display results. If you don't supply an
> option, the default pager is taken from your ENV variable
> PAGER. Valid pagers are less, more, cat [> filename],
> etc. See interactive help (\h) also. This option does not
> work in batch mode. Disable with --disable-pager. This
> option is disabled by default.
> -p, --password[=name]
> Password to use when connecting to server. If password is
> not given it's asked from the tty.
> -P, --port=# Port number to use for connection or 0 for default to, in
> order of preference, my.cnf, $MYSQL_TCP_PORT,
> /etc/services, built-in default (3306).
> --prompt=name Set the mysql prompt to this value.
> --protocol=name The protocol to use for connection (tcp, socket, pipe,
> memory).
> -q, --quick Don't cache result, print it row by row. This may slow
> down the server if the output is suspended. Doesn't use
> history file.
> -r, --raw Write fields without conversion. Used with --batch.
> --reconnect Reconnect if the connection is lost. Disable with
> --disable-reconnect. This option is enabled by default.
> (Defaults to on; use --skip-reconnect to disable.)
> -s, --silent Be more silent. Print results with a tab as separator,
> each row on new line.
> -S, --socket=name The socket file to use for connection.
> --ssl Enable SSL for connection (automatically enabled with
> other flags).
> --ssl-ca=name CA file in PEM format (check OpenSSL docs, implies
> --ssl).
> --ssl-capath=name CA directory (check OpenSSL docs, implies --ssl).
> --ssl-cert=name X509 cert in PEM format (implies --ssl).
> --ssl-cipher=name SSL cipher to use (implies --ssl).
> --ssl-key=name X509 key in PEM format (implies --ssl).
> --ssl-verify-server-cert
> Verify server's "Common Name" in its cert against
> hostname used when connecting. This option is disabled by
> default.
> -t, --table Output in table format.
> --tee=name Append everything into outfile. See interactive help (\h)
> also. Does not work in batch mode. Disable with
> --disable-tee. This option is disabled by default.
> -u, --user=name User for login if not current user.
> -U, --safe-updates Only allow UPDATE and DELETE that uses keys.
> -U, --i-am-a-dummy Synonym for option --safe-updates, -U.
> -v, --verbose Write more. (-v -v -v gives the table output format).
> -V, --version Output version information and exit.
> -w, --wait Wait and retry if connection is down.
> --connect-timeout=# Number of seconds before connection timeout.
> --max-allowed-packet=#
> The maximum packet length to send to or receive from
> server.
> --net-buffer-length=#
> The buffer size for TCP/IP and socket communication.
> --select-limit=# Automatic limit for SELECT when using --safe-updates.
> --max-join-size=# Automatic limit for rows in a join when using
> --safe-updates.
> --secure-auth Refuse client connecting to server if it uses old
> (pre-4.1.1) protocol.
> --server-arg=name Send embedded server this as a parameter.
> --show-warnings Show warnings after every statement.
> --plugin-dir=name Directory for client-side plugins.
> --default-auth=name Default authentication client-side plugin to use.
>
> Default options are read from the following files in the given order:
> /etc/my.cnf /etc/mysql/my.cnf /usr/etc/my.cnf ~/.my.cnf
> The following groups are read: mysql client
> The following options may be given as the first argument:
> --print-defaults Print the program argument list and exit.
> --no-defaults Don't read default options from any option file.
> --defaults-file=# Only read default options from the given file #.
> --defaults-extra-file=# Read this file after the global files are read.
>
> Variables (--variable-name=value)
> and boolean options {FALSE|TRUE} Value (after reading options)
> --------------------------------- ----------------------------------------
> auto-rehash TRUE
> auto-vertical-output FALSE
> character-sets-dir (No default value)
> column-type-info FALSE
> comments FALSE
> compress FALSE
> debug-check FALSE
> debug-info FALSE
> database elsa_web
> default-character-set auto
> delimiter ;
> enable-cleartext-plugin FALSE
> vertical FALSE
> force FALSE
> named-commands FALSE
> ignore-spaces FALSE
> init-command (No default value)
> local-infile FALSE
> no-beep FALSE
> host (No default value)
> html FALSE
> xml FALSE
> line-numbers TRUE
> unbuffered FALSE
> column-names TRUE
> sigint-ignore FALSE
> port 3306
> prompt mysql>
> quick FALSE
> raw FALSE
> reconnect TRUE
> socket /var/run/mysqld/mysqld.sock
> ssl FALSE
> ssl-ca (No default value)
> ssl-capath (No default value)
> ssl-cert (No default value)
> ssl-cipher (No default value)
> ssl-key (No default value)
> ssl-verify-server-cert FALSE
> table FALSE
> user root
> safe-updates FALSE
> i-am-a-dummy FALSE
> connect-timeout 0
> max-allowed-packet 16777216
> net-buffer-length 16384
> select-limit 1000
> max-join-size 1000000
> secure-auth FALSE
> show-warnings FALSE
> plugin-dir (No default value)
> default-auth (No default value)
Danny,

It looks like you misspelled "title":

sudo mysql -uroot -Delsa_web e "delete * from dashboards where <tile> = <web_monitor>

Also, you don't need to add the brackets (I apologize, that was only for demonstration. You will want to do:

sudo mysql -uroot -Delsa_web -e "delete * from dashboards where title = 'web_monitor'";

I can't quite remember if you need the single quotes for the value or not.

Thanks,
Wes

Thanks,
Wes

[Doug Burks]

Hi Danny,

Have you added or removed any software?

Has the Apache configuration changed in any way?

What's the output of the following?
ls -alh /etc/apache2/sites-enabled/

> --
> Follow Security Onion on Twitter!
> https://twitter.com/securityonion
> ---
> You received this message because you are subscribed to the Google Groups "security-onion" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to security-onio...@googlegroups.com.
> To post to this group, send email to securit...@googlegroups.com.
> Visit this group at https://groups.google.com/group/security-onion.
> For more options, visit https://groups.google.com/d/optout.



--
Doug Burks

[Wes]

On Monday, April 25, 2016 at 11:38:40 PM UTC-4, Danny Stephens wrote:
> Sir 
> No new software of any kind I was just adding dashboards to elsa for my new baby analysts 
>
>
> ME@SERVER:/nsm/elsa/data/elsa/log$ ls -alh /etc/apache2/sites-enabled/
> total 8.0K
> drwxr-xr-x 2 root root 4.0K Apr 21 17:35 .
> drwxr-xr-x 8 root root 4.0K Apr 21 17:35 ..
> lrwxrwxrwx 1 root root   35 Apr 21 16:57 098-xplico.conf -> /etc/apache2/sites-available/xplico
> lrwxrwxrwx 1 root root   28 Apr 21 17:35 elsa.conf -> ../sites-available/elsa.conf
> lrwxrwxrwx 1 root root   37 Apr 21 16:57 securityonion.conf -> ../sites-available/securityonion.conf

> You received this message because you are subscribed to a topic in the Google Groups "security-onion" group.
>
> To unsubscribe from this topic, visit https://groups.google.com/d/topic/security-onion/uyvnGkjbqZ8/unsubscribe.
>
> To unsubscribe from this group and all its topics, send an email to security-onio...@googlegroups.com.

>
> To post to this group, send email to securit...@googlegroups.com.
>
> Visit this group at https://groups.google.com/group/security-onion.
>
> For more options, visit https://groups.google.com/d/optout.

Sorry, syntax was wrong--you can try:

sudo mysql -uroot -Delsa_web -e "delete from dashboards where id=2";

if you want to delete the dashboard for "web monitor"

[Wes Lambert]

If you have chart queries (associated with the dashboard), you may have to remove the associated queries from the chart_queries table.

It is strange, though... a 404 error does seem like it would be something with Apache or the web config files, as Doug has mentioned.

Thanks,
Wes

[Doug Burks]

I can't think of any reason why an ELSA issue would prevent you from
accessing Squert.

Are you able to access the Security Onion web page at the following
URL (replacing YourSecurityOnionBox with the actual hostname or IP
address of your Security Onion box)?
https://YourSecurityOnionBox

On Mon, Apr 25, 2016 at 11:38 PM, Danny Stephens <syc...@gmail.com> wrote:
> Sir
> No new software of any kind I was just adding dashboards to elsa for my new
> baby analysts
>
> ME@SERVER:/nsm/elsa/data/elsa/log$ ls -alh /etc/apache2/sites-enabled/
> total 8.0K
> drwxr-xr-x 2 root root 4.0K Apr 21 17:35 .
> drwxr-xr-x 8 root root 4.0K Apr 21 17:35 ..
> lrwxrwxrwx 1 root root 35 Apr 21 16:57 098-xplico.conf ->
> /etc/apache2/sites-available/xplico
> lrwxrwxrwx 1 root root 28 Apr 21 17:35 elsa.conf ->
> ../sites-available/elsa.conf
> lrwxrwxrwx 1 root root 37 Apr 21 16:57 securityonion.conf ->
> ../sites-available/securityonion.conf
>
>
> On Mon, Apr 25, 2016 at 10:31 PM, Doug Burks <doug....@gmail.com> wrote:
>>

>> You received this message because you are subscribed to a topic in the
>> Google Groups "security-onion" group.
>> To unsubscribe from this topic, visit
>> https://groups.google.com/d/topic/security-onion/uyvnGkjbqZ8/unsubscribe.
>> To unsubscribe from this group and all its topics, send an email to

[Doug Burks]

On Mon, Apr 25, 2016 at 11:58 PM, Danny Stephens <syc...@gmail.com> wrote:
> I was looking at sostat and i noticed that there is no IPv4 :443 (LISTEN)

I believe that's normal.

Are you able to access CapMe?
https://x.x.x.x/capme

[Doug Burks]

What's the output of the following?

ls -alh /var/www/so/

On Tue, Apr 26, 2016 at 12:05 AM, Danny Stephens <syc...@gmail.com> wrote:
> Not Found
>

> The requested URL /capme was not found on this server.
>
> ________________________________
> Apache/2.4.7 (Ubuntu) Server at 10.80.187.40 Port 443