wazuh dashboard api connection (SSL error)
112 views
Skip to first unread message
redant
Jan 20, 2025, 12:43:38 AM1/20/25
to Wazuh | Mailing List
when i login my wazuh dashboard,
[Alerts index pattern] No template found for the selected index-pattern title [wazuh-alerts-*]
Error in CTI service request: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1007)
[Alerts index pattern] No template found for the selected index-pattern title [wazuh-alerts-*]
Error in CTI service request: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1007)
how can i resolve this problem?
hasitha.u...@wazuh.com
Jan 20, 2025, 1:16:59 AM1/20/25
to Wazuh | Mailing List
Hi redant,
This error message is shown when Filebeat does not push the index template to the Indexer cluster.
This could indicate that there is an issue with the connection from Filebeat to Indexer.
filebeat test output
This error message is shown when Filebeat does not push the index template to the Indexer cluster.
This could indicate that there is an issue with the connection from Filebeat to Indexer.
filebeat test output
In case if you still get this error "[Alerts index pattern] No template found for the selected index-pattern title [wazuh-alerts-*]"
You can also manually add the index by running the following command:
curl -so template.json https://raw.githubusercontent.com/wazuh/wazuh/v4.x.x/extensions/elasticsearch/7.x/wazuh-template.json | curl -X PUT "https://localhost:9200/_template/wazuh" -H 'Content-Type: application/json' -d @- -u <user>:<password> -k
Change this according to your Wazuh version.
v4.x.x
For example, if you have 4.9.2 replace it with this.
You can check your wazuh version by following command
/var/ossec/bin/wazuh-control info
If that still causes an error then Please check the Filebeat and wazuh indexer service status using the command: systemctl status wazuh-indexer?
Please share the cat /var/log/wazuh-indexer/wazuh-cluster.log
Regards,
Hasitha Upekshitha
You can also manually add the index by running the following command:
curl -so template.json https://raw.githubusercontent.com/wazuh/wazuh/v4.x.x/extensions/elasticsearch/7.x/wazuh-template.json | curl -X PUT "https://localhost:9200/_template/wazuh" -H 'Content-Type: application/json' -d @- -u <user>:<password> -k
Change this according to your Wazuh version.
v4.x.x
For example, if you have 4.9.2 replace it with this.
You can check your wazuh version by following command
/var/ossec/bin/wazuh-control info
If that still causes an error then Please check the Filebeat and wazuh indexer service status using the command: systemctl status wazuh-indexer?
Please share the cat /var/log/wazuh-indexer/wazuh-cluster.log
Regards,
Hasitha Upekshitha
Reply all
Reply to author
Forward
0 new messages