Wazuh API issue
522 views
Skip to first unread message
Talis
Jul 11, 2017, 12:48:30 PM7/11/17
to Wazuh mailing list
I have followed all the instructions for installing the Wazuh API but am still unsuccessful.
I get the error "There are not services running in the given URL" when attempting to add a new API in the Kibana plugin.
I have a distributed system with an ELK server and a Wazuh server, both Centos 7.
On the Wazuh server, running
I get the error "There are not services running in the given URL" when attempting to add a new API in the Kibana plugin.
I have a distributed system with an ELK server and a Wazuh server, both Centos 7.
On the Wazuh server, running
:
"curl -u foo:bar -k https://127.0.0.1:55000"Gives me the output:
"curl: (35) Encountered end of file"
The wazuh-api service appears to be running without error.
Python version is > 2.7.
Filebeat appears to be working successfully between two servers.
I have uncommented "server.host: "localhost" in /etc/kibana/kibana.yml on ELK server and the nginx proxy and authentication are working.
I have tried disabling SElinux on the machine, as well as opening up port 55000 on the firewall (although it should not be blocked to begin with since it is localhost only).
Does anyone have any suggestions?
Python version is > 2.7.
Filebeat appears to be working successfully between two servers.
I have uncommented "server.host: "localhost" in /etc/kibana/kibana.yml on ELK server and the nginx proxy and authentication are working.
I have tried disabling SElinux on the machine, as well as opening up port 55000 on the firewall (although it should not be blocked to begin with since it is localhost only).
Does anyone have any suggestions?
Jesus Linares
Jul 11, 2017, 12:54:35 PM7/11/17
to Wazuh mailing list
Hi,
By default, the API is installed without https. Try with: "curl -u foo:bar http://127.0.0.1:55000".
I hope it helps.
Regards.
Talis
Jul 11, 2017, 1:00:00 PM7/11/17
to Wazuh mailing list
Ah wow. That was an easy fix, thank you.
Message has been deleted
Talis
Jul 11, 2017, 1:07:13 PM7/11/17
to Wazuh mailing list
Actually, that allowed my to get the proper output using curl locally on
the Wazuh server, but I am still unable to set up the API on Kibana.
I have tried using (http and https) localhost and the Wazuh server IP address without success.
I have tried using (http and https) localhost and the Wazuh server IP address without success.
On Tuesday, July 11, 2017 at 10:48:30 AM UTC-6, Talis wrote:
Talis
Jul 11, 2017, 6:33:21 PM7/11/17
to Wazuh mailing list
Decided to just go ahead and do a local install. For anyone else attempting this setup, I think I just needed to open up port 55000 on wazuh server to allow API requests from Kibana, although I am not certain because I did not test.
On Tuesday, July 11, 2017 at 10:48:30 AM UTC-6, Talis wrote:
Jesus Linares
Jul 12, 2017, 6:58:13 AM7/12/17
to Wazuh mailing list
Hi,
if you have a single-host architecture, you don't need to open any port. If curl works, the app will work.
In case that you have a distributed architecture, you need to open the port 55000 TCP in the manager to accept request from the app. You can do 2 test:
- Wazuh server: curl -u foo:bar http://127.0.0.1:55000
- Elastic stack server: curl -u foo:bar http://WAZUH_SERVER_IP:55000
If both tests are working, the app will be able to connect with the API.
I hope it helps.
Regards.
Reply all
Reply to author
Forward
0 new messages