Error after migrate
2,409 views
Skip to first unread message
Heron Michanikus
Dec 6, 2022, 9:23:19 AM12/6/22
to Wazuh mailing list
Hello everyone!
I have a problem with migration from Wazh 4.2. to Wazuh 4.3
After migrate from Open Distro for Elasticsearch 1.13 to the Wazuh indexer and from Open Distro for Elasticsearch Kibana 1.13 to the Wazuh dashboard I can log in Wazuh using my account from Wazuh 4.2
But, when I want to see all data I have Error
I have a problem with migration from Wazh 4.2. to Wazuh 4.3
After migrate from Open Distro for Elasticsearch 1.13 to the Wazuh indexer and from Open Distro for Elasticsearch Kibana 1.13 to the Wazuh dashboard I can log in Wazuh using my account from Wazuh 4.2
But, when I want to see all data I have Error
null_pointer_exception
Cannot invoke "org.opensearch.search.aggregations.InternalAggregations.getSerializedSize()" because "reducePhase.aggregations" is null
Also I have next logs
I think that it related with the authorization order, but now I can't to launch securityadmin.sh to change it
I think that it related with the authorization order, but now I can't to launch securityadmin.sh to change it
Marcos Darío Buslaiman
Dec 6, 2022, 11:44:31 AM12/6/22
to Wazuh mailing list
Hi
Thanks, for using Wazuh, I'm glad to help you.
Thanks, for using Wazuh, I'm glad to help you.
Just to be more accurate with this troubleshooting, could you give me the following information?
How many Indexers nodes do you have running?
Have you followed some guide to install/migrate, in case yes, which one?
Do you have this configuration on all your index nodes ?
Do you have this configuration on all your index nodes ?
plugins.securtity.authcz.admin_dn:
- "CN=admin,OU=Docu,O=Wazuh,L=California,C=US"
- "CN=admin,OU=Docu,O=Wazuh,L=California,C=US"
Best regards,
Marcos Buslaiman
Marcos Buslaiman
Heron Michanikus
Dec 6, 2022, 1:31:15 PM12/6/22
to Wazuh mailing list
Hi Marcus, thanks for answer!
This is my node
This is my node
I have so strings in my file /etc/wazuh-indexer/opensearch.yml
вторник, 6 декабря 2022 г. в 19:44:31 UTC+3, marcos.b...@wazuh.com:
Marcos Darío Buslaiman
Dec 12, 2022, 2:03:50 PM12/12/22
to Wazuh mailing list
Hi,
Seems that its something wrong with the certificates according to your logs.
Seems that its something wrong with the certificates according to your logs.
To verify that, could you execute the following commands and share the output.
openssl x509 -in /etc/elasticsearch/certs/admin.pem -noout -dates
openssl x509 -in /etc/wazuh-indexer/certs/admin.pem -noout -dates
Thanks
openssl x509 -in /etc/wazuh-indexer/certs/admin.pem -noout -dates
Thanks
Sumeet Gandhi
Dec 12, 2022, 7:51:17 PM12/12/22
to Wazuh mailing list
Hi, We did not do any migration, but all of sudden same error started appearing for us also.
First i see errors here
Then in every page we see the error like below
Please advice
Heron Michanikus
Dec 13, 2022, 2:42:32 AM12/13/22
to Wazuh mailing list
Hi, Markus!
Thanks that you didn't forgot about my question.
I was able to solve my problem. The cause of problen was the red status of the cluster and indexes.
After I removed all the indexes with red status and than restarted wazuh-indexer I got the desired result
Thanks that you didn't forgot about my question.
I was able to solve my problem. The cause of problen was the red status of the cluster and indexes.
After I removed all the indexes with red status and than restarted wazuh-indexer I got the desired result
Thanks for your help
понедельник, 12 декабря 2022 г. в 22:03:50 UTC+3, marcos.b...@wazuh.com:
Reply all
Reply to author
Forward
0 new messages