Hello azizih,
If we check your indexed error, [API connection] Error connecting to API: 2001 - bad indentation of a mapping entry at line 214
it seems that there is an indentation error in /usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml
, probably in the following block
hosts:
- default:
url: https://172.31.3.120
port: 55000
username: wazuh-wui
password: wazuh-wui
run_as: false
Maybe the error was introduced during the changing of the default Wazuh API credentials. Please check that the indentation is correct, and also, that the password correspond to the new one specifiying in this step. Then restart your dashboard:
systemctl restart wazuh-dashboard
If the problem persists, please, share with us the following information:
- Did you follow all the previous installation steps for the rest of the components?
- Share the /usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml
Regarding your script warning, if you want to change the API credentials, you need to use -au,
and -ap
parameters in order to provide the API admin user and password:
/usr/share/wazuh-indexer/plugins/opensearch-security/tools/wazuh-passwords-tool.sh --change-all -au wazuh-wui -ap wazuh-wui
If you have any doubt do not hesitate to ask
I have replicated your steps in my environment without success, all the environment seems to work correctly.
In this case, if you are getting the same error, Bad indentation of a mapping entry, I suggest sending back your complete /usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml
file. The error should be there.