Dashboard Node Error - "Internal Server Error"

76 views
Skip to first unread message

Sam Heuchert

unread,
Nov 9, 2023, 10:19:01 AM11/9/23
to Wazuh | Mailing List
Can someone please help me with the below error I am receiving on my dashboard node?  I am running a distributed deployment.

Md. Nazmur Sakib

unread,
Nov 10, 2023, 12:16:14 AM11/10/23
to Wazuh | Mailing List

Hi Sam Heuchert,


Hope you are doing well. Thank you for using Wazuh.


Are you also seeing this warning?


null_pointer_exception Cannot invoke "org.opensearch.search.aggregations.InternalAggregations.getSerializedSize()" because "reducePhase.aggregations" is null 


Please share the following details so we can know the root cause of this issue:


1. Wazuh manager to check if the service is active: systemctl status wazuh-manager

If the Wazuh API is running, try to fetch data using the CLI from the Wazuh dashboard server

curl -k -X GET "https://<api_url>:55000/" -H "Authorization: Bearer $(curl -u <api_user>:<api_password> -k -X POST 'https://<api_url>:55000/security/user/authenticate?raw=true')"

2. To ensure that Filebeat is correctly configured, run the following command: filebeat test output

3.  Please run this to check your Indexer cluster health: curl  -XGET -k -u admin:admin "https://indexer-ip:9200/_cluster/health"

4. Please run the following command to know the disk space used by shards and indices: curl -XGET -k -u admin:admin "https://indexer-ip:9200/_cat/allocation?v"

Please share the disk space details using the command df -h and free -h for memory.

Please paste the output of these commands and also share detailed wazuh-indexer logs For that, you can use the command:  cat /var/log/wazuh-indexer/wazuh-cluster.log | grep -i -E "error|warn"

5. Please share the dashboard logs using command journalctl -u wazuh-dashboard or cat /usr/share/wazuh-dashboard/data/wazuh/logs/wazuhapp.log | grep -i -E "error|warn"


Looking forward to your response. 


Regards

Md. Nazmur Sakib

Reply all
Reply to author
Forward
0 new messages