This version of OpenSearch Dashboards (v2.4.1) is incompatible with the following OpenSearch nodes> in your cluster: v1.2.4 @ 172.X.X.X:9200
1,211 views
Skip to first unread message
PATAN MAHAMMAD KHAN
Apr 7, 2023, 8:30:35 AM4/7/23
to Wazuh mailing list
Hi Team,
I have shutdown my SIEM Server for three days and today after restarting the server, Wazuh console is not accessible. I checked all the services Indexer, dashboard, manager, filebeat is up and running.
I can see the error log in Wazuh dashboard service as "This version of OpenSearch Dashboards (v2.4.1) is incompatible with the following OpenSearch nodes> in your cluster: v1.2.4 @ 172.X.X.X:9200"
Requesting you to please look into this and help to sort out this issue.
PATAN MAHAMMAD KHAN
Apr 10, 2023, 12:38:04 AM4/10/23
to Wazuh mailing list
Hi team,
Can someone please look into this issue and let me cause and solution at the earliest please.
Nicolas Zapata
Apr 11, 2023, 7:39:29 AM4/11/23
to Wazuh mailing list
Hello thanks for using wazuh!
The error you are having is because you have different versions of wazuh-dashboard and wazuh-indexer. Can you tell me what version of wazuh you were using?
We use opensearch v1.2.4 for Wazuh 4.3.X and in the recent version 4.4.X we started using opensearch v2.4.1, that's why I ask you which version do you use, or if you have done any recent update?
To get more information about the error it would be useful if you could provide me with the output of the logs.
wazuh-indexer:
cat /var/log/wazuh-indexer/wazuh-cluster.log | grep -i -E "error|warn" | grep -i -E "error|warn"
wazuh-dashboard:
journalctl -u wazuh-dashboard
cat /usr/share/wazuh-dashboard/data/wazuh/logs/wazuhapp.log | grep -i -E "error|warn" | grep -i -E "error|warn"
The error you are having is because you have different versions of wazuh-dashboard and wazuh-indexer. Can you tell me what version of wazuh you were using?
We use opensearch v1.2.4 for Wazuh 4.3.X and in the recent version 4.4.X we started using opensearch v2.4.1, that's why I ask you which version do you use, or if you have done any recent update?
To get more information about the error it would be useful if you could provide me with the output of the logs.
wazuh-indexer:
cat /var/log/wazuh-indexer/wazuh-cluster.log | grep -i -E "error|warn" | grep -i -E "error|warn"
wazuh-dashboard:
journalctl -u wazuh-dashboard
cat /usr/share/wazuh-dashboard/data/wazuh/logs/wazuhapp.log | grep -i -E "error|warn" | grep -i -E "error|warn"
Courtney Oakley
Apr 15, 2023, 3:37:14 AM4/15/23
to Wazuh mailing list
If you upgraded to the newest version of Wazuh (i.e. 4.4.1) then the new version of Wazuh-Dashboard is incompatible with the old version of Opensearch (i.e. v1.2.4)
The update instructions do not mention that you need to update Opensearch, so do the following;
If you disabled wazuh updates, then reverse this process by removing # from the first line of the repo file for Ubuntu.
Next issue a "sudo apt-get update -y" and "sudo apt-get upgrade -y" in Ubuntu 20.04LTS and 22.04LTS and Opensearch will update to the correct version.
I think "sudo dnf -y update" on Redhat derived Linux OSes will work after you have re-enabled the wazuh repo updates.
Reply all
Reply to author
Forward
0 new messages