illegal_argument_exception at shard 0index wazuh-alerts
38 views
Skip to first unread message
sekhar reddy
Jul 14, 2022, 1:05:54 PM7/14/22
to Wazuh mailing list
Hi Team,
I have recently upgraded the wazuh cluster from 4.2.4 to 4.3.5. After the upgrade, I am not able to see any events in the Dashboard.
Also when trying to open security/Vulnerability I am getting Illegal_argument_execption with index 0.
Emiliano Zorn
Jul 14, 2022, 7:56:28 PM7/14/22
to Wazuh mailing list
Hello there, how are you?
Could you please also run the following requests in the Devtools to check the rule.id field definition and if Wazuh templates are properly installed?
- GET _cat/templates/
- GET wazuh-alerts-4.x-sample-auditing-policy-monitoring/_mapping/field/rule.id
- GET wazuh-alerts-4.x-sample-threat-detection/_mapping/field/rule.id
Please share here the output of these requests. The rule.id definition should be as this one:
{
"wazuh-alerts-4.x-sample-threat-detection" : {
"mappings" : {
"rule.id" : {
"full_name" : "rule.id",
"mapping" : {
"id" : {
"type" : "keyword"
}
}
}
}
}
}
Regards.
Reply all
Reply to author
Forward
0 new messages