Kibana App -- blank (white) screen about wazuh-dashboard-plugins HOT 9 CLOSED

Hi @aremai, and sorry for the late response.

Did you follow our upgrading guide?

This error usually happens when you don't insert correctly the Elasticsearch templates or when you start Logstash before entering them. Please follow these steps (as superuser) in order to get your installation working again:

1. Stop Logstash:
   systemctl stop logstash.service

2. Remove the .wazuh, .wazuh-version and .kibana files (Warning: this will erase everything from your Kibana installation, such as custom dashboards and visualizations).
   curl -XDELETE localhost:9200/.kibana
curl -XDELETE localhost:9200/.wazuh
curl -XDELETE localhost:9200/.wazuh-version

3. Import the new templates:
   curl https://raw.githubusercontent.com/wazuh/wazuh/3.1/extensions/elasticsearch/wazuh-elastic6-template-alerts.json | curl -XPUT 'http://localhost:9200/_template/wazuh' -H 'Content-Type: application/json' -d @-
curl https://raw.githubusercontent.com/wazuh/wazuh/3.1/extensions/elasticsearch/wazuh-elastic6-template-monitoring.json | curl -XPUT 'http://localhost:9200/_template/wazuh-agent' -H 'Content-Type: application/json' -d @-

4. Import the sample alert:
   curl https://raw.githubusercontent.com/wazuh/wazuh/3.1/extensions/elasticsearch/alert_sample.json | curl -XPUT "http://localhost:9200/wazuh-alerts-3.x-"date +%Y.%m.%d"/wazuh/sample" -H 'Content-Type: application/json' -d @-

5. Import the Logstash configuration file (depending on your case, must be Local or Remote):
   a. Local:
   curl -so /etc/logstash/conf.d/01-wazuh.conf https://raw.githubusercontent.com/wazuh/wazuh/3.0/extensions/logstash/01-wazuh-local.conf
   b. Remote:
   curl -so /etc/logstash/conf.d/01-wazuh.conf https://raw.githubusercontent.com/wazuh/wazuh/3.0/extensions/logstash/01-wazuh-remote.conf

6. Add the logstash user to the ossec group:
   usermod -a -G ossec logstash

7. Stop Kibana:
   systemctl stop kibana.service

8. Remove the optimizing bundles and later the Wazuh App:
   rm -rf /usr/share/kibana/optimize/bundles
/usr/share/kibana/bin/kibana-plugin remove wazuh

9. Set the Node memory options before installing the plugin:
   export NODE_OPTIONS="--max-old-space-size=3072"

10. Install the Wazuh App:
    /usr/share/kibana/bin/kibana-plugin install https://packages.wazuh.com/wazuhapp/wazuhapp.zip

11. After finishing the installation process of the app, start the services again:
    systemctl start kibana
systemctl start logstash

Please let me know if these steps helps you fixing the problem. Feel free to comment again if you still have questions or issues with the app.

Best regards,
Juanjo

from wazuh-dashboard-plugins.

Hi @JuanjiJG,

thanks for your reply! I have followed your steps but unfortunately I still see the same blank (white) screen.
Is there any log that I could check (because at the moment I actually don't see any error message).
By the way, wazuh-manager and wazuh-api are in a active/running state (according to systemd).

Log analysis as done by logstash/elasticsearch works in the Kibana Discover tab just fine. It's just the Kibana app that doesn't work.

What I've noticed is the following responses (errors?) when deleting this file:

curl -XDELETE localhost:9200/.kibana {"error":{"root_cause":[{"type":"illegal_argument_exception","reason":"The provided expression [.kibana] matches an alias, specify the corresponding concrete indices instead."}],"type":"illegal_argument_exception","reason":"The provided expression [.kibana] matches an alias, specify the corresponding concrete indices instead."},"status":400}

curl https://raw.githubusercontent.com/wazuh/wazuh/3.1/extensions/elasticsearch/alert_sample.json | curl -XPUT "http://localhost:9200/wazuh-alerts-3.x-"date +%Y.%m.%d"/wazuh/sample" -H 'Content-Type: application/json' -d @- % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 1839 100 1839 0 0 6923 0 --:--:-- --:--:-- --:--:-- 6913 {"error":{"root_cause":[{"type":"illegal_argument_exception","reason":"unknown setting [index.@timestamp] please check that any required plugins are installed, or check the breaking changes documentation for removed settings"}],"type":"illegal_argument_exception","reason":"unknown setting [index.@timestamp] please check that any required plugins are installed, or check the breaking changes documentation for removed settings"},"status":400}curl: (6) Could not resolve host: +%Y.%m.%d

best regards,
theresa

from wazuh-dashboard-plugins.

Hi again @aremai,

That's correct. If you follow our upgrading guide, there's an step where you have to reindex the .kibana file. Let me ask you some information.

First, please execute the following commands and paste the output:
curl -XGET localhost:9200/_cat/indices?v
curl -XGET localhost:9200/_cat/templates?v

Then, we're going to watch the status of Kibana, and see the logs when you try to access into the app.

1. Restart Kibana:
   systemctl restart kibana

2. Execute the following command to see the status of Kibana on a permanent mode who updates constantly:
   watch -n0 'systemctl status kibana -l'

Now open Kibana on a web browser and try to access the app, and see if the status window shows new messages or logs about it, and paste the output here. You can use Ctrl+C to close the previous command and stop watching the status of Kibana.

Now, when you open the app again, open the developer panel from your Internet browser and see if there's errors on the console.

Apologies for the inconvenience, I hope we can find a solution for this!

Best regards,
Juanjo

from wazuh-dashboard-plugins.

Hi @JuanjiJG ,

I think there might be a mess with my indices..... (health status is yellow?!)
curl -XGET localhost:9200/_cat/indices?v health status index uuid pri rep docs.count docs.deleted store.size pri.store.size yellow open wazuh-monitoring-2017.11.15 d0sb9AU5RGuJi-B8qz5B-w 5 1 720 0 204.8kb 204.8kb yellow open wazuh-alerts-2017.10.27 3bj0Mhb5S8KS4VF6LS7nXg 5 1 32 0 135.4kb 135.4kb yellow open wazuh-monitoring-2017.11.07 q6sbRSAYRtSA4UTO6i4lew 5 1 720 0 251.3kb 251.3kb yellow open wazuh-alerts-2017.12.12 dcPZEj6WRQmzmi9ON52m-g 5 1 2064 0 2.4mb 2.4mb yellow open wazuh-alerts-3.x-2018.01.05 vGScI7p8RluvHf1G0ql64A 5 1 2188 0 2.5mb 2.5mb yellow open wazuh-alerts-2017.11.17 BbcBb0EHSwOvMPWHj5m7FA 5 1 2646 0 2.6mb 2.6mb yellow open wazuh-alerts-2017.11.25 qCh3TdnxTWqWijrk-3gx-A 5 1 2847 0 2.9mb 2.9mb yellow open wazuh-alerts-2017.11.28 qg8jeEcqTha-76gDsVeFRQ 5 1 3387 0 3.1mb 3.1mb yellow open wazuh-monitoring-2017.12.15 nkI38rKDRLqb3RKOiTGACQ 5 1 111 0 197.6kb 197.6kb yellow open wazuh-alerts-3.x-2017.12.19 F7D7DtcJS5GXL-BFizPExA 5 1 2139 0 2.3mb 2.3mb yellow open wazuh-alerts-2017.11.16 6MQMV4j5Q0CKyKf2sqFcGg 5 1 2351 0 2.8mb 2.8mb yellow open wazuh-monitoring-2017.11.10 8xo8gSyASueJNTHnzELwSQ 5 1 720 0 223.3kb 223.3kb yellow open wazuh-alerts-3.x-2017.12.23 4rZejni9S3SgNP5Cc4_LHw 5 1 2040 0 2.1mb 2.1mb yellow open wazuh-monitoring-2017.11.21 BgcKHKn6T0uS8t38tyEz7g 5 1 720 0 214.6kb 214.6kb yellow open wazuh-monitoring-2017.11.03 -d1MorHIR3mpI-pbEpPUfA 5 1 618 0 273.1kb 273.1kb yellow open wazuh-alerts-2017.11.14 VmOoz8lPTB2IaVEI0AYlDg 5 1 3145 0 3.1mb 3.1mb yellow open wazuh-monitoring-2017.11.09 srBGd6cqSJyk8Vn-aoiNGg 5 1 720 0 221.6kb 221.6kb yellow open wazuh-alerts-3.x-2017.12.15 Ct5yjtsxTHGanv31D1F78Q 5 1 1168 0 1.4mb 1.4mb yellow open wazuh-alerts-3.x-2017.12.24 5ubeg06oQr-AHPyb7XgASw 5 1 2093 0 2.2mb 2.2mb yellow open wazuh-alerts-2017.11.22 9resoFPZQCKifakdiIgvCg 5 1 2435 0 2.7mb 2.7mb yellow open wazuh-monitoring-2017.11.06 LayIlsC3QISXTSiTLjcpSw 5 1 720 0 236.4kb 236.4kb yellow open wazuh-alerts-3.x-2017.12.21 itJBUAsZS86-KRTgaKBV0A 5 1 2223 0 2.4mb 2.4mb yellow open wazuh-alerts-2017.12.09 FsGh8HiUTci5SCjTtoN4dw 5 1 2445 0 2.7mb 2.7mb yellow open wazuh-alerts-2017.12.14 Z28cQB3fQTCms6YrtSAV9Q 5 1 2100 0 2.5mb 2.5mb yellow open wazuh-monitoring-2017.11.01 TtX2_KYdSJifp1L0QfMxZg 5 1 576 0 157.3kb 157.3kb yellow open wazuh-monitoring-2017.11.20 mYu3BDePQ_SDi6Bqx-A6AA 5 1 715 0 268.1kb 268.1kb yellow open wazuh-alerts-3.x-2017.12.22 l8YSjvM6S_yDnnLLHjDwMw 5 1 2188 0 2.1mb 2.1mb yellow open wazuh-alerts-2017.12.10 -OP3OCIJQSuLlTkd0ZL05g 5 1 2062 0 2.4mb 2.4mb yellow open wazuh-monitoring-3.x-2018.01.08 hNRlScYZTfmsOJ_XNgn8ug 5 1 720 0 212.6kb 212.6kb yellow open wazuh-alerts-2017.12.02 8x_VVBr0Tb69-6WMHRKmug 5 1 3781 0 3.2mb 3.2mb yellow open wazuh-alerts-2017.12.04 4A-eHpCXR3mJTGWwljV9SA 5 1 3119 0 3mb 3mb yellow open wazuh-alerts-2017.11.08 gm7NH_9OS4y7TUbNbYMZ5g 5 1 2709 0 3mb 3mb yellow open wazuh-alerts-2017.11.07 cOhWR55pSdqb1PPWShp1nw 5 1 3600 0 3.5mb 3.5mb yellow open .wazuh-version KfIiPo1yTem1xweJrq6bdw 5 1 1 0 6.5kb 6.5kb yellow open wazuh-monitoring-2017.11.23 MUPwqzOlS_yAY9AKgWo3pw 5 1 715 0 218kb 218kb yellow open wazuh-alerts-3.x-2017.12.27 zaiE8niaQZGwTp6NQS8V0Q 5 1 2099 0 2.2mb 2.2mb yellow open wazuh-alerts-3.x-2017.12.28 uI2FuO0ZRPKIUN5xKjaKEg 5 1 2037 0 2.1mb 2.1mb yellow open wazuh-alerts-2017.09.23 LTVbtqHjTW2CDuKkiwCLIw 5 1 2 0 38kb 38kb yellow open .kibana-6 SSwcuxaXQKa9bUJG2h6SCw 1 1 248 237 268.6kb 268.6kb yellow open wazuh-alerts-3.x-2018.01.01 JnUqbKpNScOniqEps2ERtQ 5 1 2139 0 2.2mb 2.2mb yellow open wazuh-alerts-2017.11.19 C6roq0pASD-8iSU-EWqjTw 5 1 2680 0 2.8mb 2.8mb yellow open wazuh-monitoring-2017.11.22 oCasTXpsQE2WuFo59GOD-g 5 1 720 0 229.8kb 229.8kb yellow open wazuh-alerts-2017.12.03 A90IDxXyT8yF6PheNiYTrw 5 1 3485 0 3mb 3mb yellow open wazuh-monitoring-2017.11.12 JMJCzu7PS0qEgGe28tzQCA 5 1 720 0 272.2kb 272.2kb yellow open wazuh-alerts-2017.11.03 sZtHhMevQXiUItSi6OwFMQ 5 1 6605 0 5.9mb 5.9mb yellow open wazuh-alerts-2017.10.26 G5172wOoQ6Om2swI8ObFwg 5 1 361 0 745.1kb 745.1kb yellow open wazuh-alerts-2017.11.04 W0OOMWeHSEyXSjGZ1rZxeA 5 1 2859 0 3mb 3mb yellow open wazuh-alerts-2017.11.24 9p4_CCTdRKeYNTzvQBd4AA 5 1 2244 0 2.6mb 2.6mb yellow open wazuh-alerts-2017.11.13 6x42iAjGQam8YxdQYGm6Eg 5 1 3171 0 3.3mb 3.3mb yellow open wazuh-alerts-3.x-2018.01.03 KMJrssEISuWwrU70G1HetA 5 1 2158 0 2.2mb 2.2mb yellow open wazuh-alerts-2017.11.06 yMBezomdQViBmr0cYUbTfw 5 1 2751 0 2.9mb 2.9mb yellow open wazuh-alerts-2017.11.21 sswLCjxsQXu4JANGMaczNg 5 1 2554 0 2.8mb 2.8mb yellow open wazuh-alerts-3.x-2018.01.04 TDd6H3TnQkqt9u9_dBZUPw 5 1 2154 0 2.4mb 2.4mb yellow open wazuh-monitoring-2017.11.16 hj5tj6qPQ9WWG7-yWIn1tw 5 1 720 0 301.9kb 301.9kb yellow open wazuh-monitoring-3.x-2018.01.09 a9n8VGwZRamxodYO9ZV4Tw 5 1 225 0 200.6kb 200.6kb yellow open wazuh-alerts-2017.11.26 Wr0jc6kpQAum_Q2LHi3g_g 5 1 2369 0 2.5mb 2.5mb yellow open wazuh-monitoring-2017.11.24 nzYFZPySRRWIFSx5iJKWvQ 5 1 720 0 233.3kb 233.3kb yellow open wazuh-alerts-3.x-2017.12.16 QaEkmll0S2it1rqnG1PItg 5 1 2116 0 2.1mb 2.1mb yellow open wazuh-alerts-3.x-2017.12.26 2hqMO6lpS3qoykOn9sWbLQ 5 1 2059 0 2.1mb 2.1mb yellow open wazuh-alerts-3.x-2018.01.02 kB_ItOFpT6-IPYhYVrxd1Q 5 1 2164 0 2.2mb 2.2mb yellow open wazuh-alerts-2017.11.30 U72ALsweSdy8GiMc--jr2Q 5 1 4349 0 3.6mb 3.6mb yellow open wazuh-alerts-2017.12.01 9lUFYlmHRoOQXlZ0oI9GtQ 5 1 3693 0 3mb 3mb yellow open wazuh-alerts-2017.12.06 DJFxTiPxQZuiIMkhI55vZg 5 1 2154 0 2.6mb 2.6mb yellow open wazuh-alerts-2017.11.23 qGju9dzmRwqf_IC_Su9ulQ 5 1 2403 0 2.7mb 2.7mb yellow open wazuh-alerts-2017.11.15 U1p2jsCIRNuGh80HNSg5nA 5 1 2912 0 2.9mb 2.9mb yellow open wazuh-monitoring-2017.11.13 oNgS3OkhSKOZlkHGZo2HVA 5 1 701 0 285.4kb 285.4kb yellow open wazuh-alerts-2017.11.09 0G-ZnuZKS4KyLV8pDDl6nw 5 1 2767 0 3.1mb 3.1mb yellow open wazuh-monitoring-3.x-2017.12.15 XAFhihiAQ0Gm8QTvJlbVsw 5 1 0 0 1.2kb 1.2kb yellow open wazuh-monitoring-2017.10.30 O4pBJelMRVyXtLIfV9XY7w 5 1 128 0 148kb 148kb yellow open wazuh-alerts-3.x-2018.01.07 TYJ6gOdUQym76sCrQo08AQ 5 1 2039 0 2.2mb 2.2mb yellow open wazuh-monitoring-2017.11.28 zy9bsosqSyaNdHbHm--Y4w 5 1 1 0 6kb 6kb yellow open wazuh-monitoring-3.x-2018.01.06 IyAGN66bStiOBfCd1DdcnQ 5 1 720 0 280kb 280kb yellow open wazuh-alerts-2017.11.01 9j1sQhELSnO3v0-HKx5emw 5 1 857 0 843.9kb 843.9kb yellow open wazuh-alerts-3.x-2017.12.20 GS-5CvQQS6ygjh96LFfrOA 5 1 2148 0 2.3mb 2.3mb yellow open .old-wazuh nIhodcMWTamfZbqC6xYoGg 5 1 1 0 9.7kb 9.7kb yellow open wazuh-alerts-3.x-2018.01.09 FlyVPbOJTx2vWNlhThlx1g 5 1 1136 0 1.5mb 1.5mb yellow open wazuh-alerts-2017.12.07 JnD5J_R3SL2YDEunryWHwQ 5 1 2199 0 2.5mb 2.5mb yellow open wazuh-alerts-3.x-2018.01.06 VliEKOGlSe2ihRjv57PnTA 5 1 2262 0 2.1mb 2.1mb yellow open wazuh-monitoring-2017.09.23 8U7PMUxGSMWCJ9As1F7stA 5 1 1 0 6kb 6kb yellow open wazuh-monitoring-2017.11.14 GSEXkip_Tw-Mk9opARuR6Q 5 1 720 0 290.7kb 290.7kb yellow open wazuh-alerts-3.x-2017.12.29 wT_4R9lDTH2hZK2m_DjVpA 5 1 2099 0 2.1mb 2.1mb yellow open wazuh-alerts-3.x-2017.12.31 QLQYkf3HS3GHn36gf_aWVw 5 1 2188 0 2.2mb 2.2mb yellow open wazuh-alerts-2017.11.05 2fk0IFXFTP-9dxhR-SaJsA 5 1 2457 0 2.7mb 2.7mb yellow open wazuh-alerts-3.x-2018.01.08 K1_yq-tkSky_jn8mNJkF6A 5 1 2222 0 2.3mb 2.3mb yellow open wazuh-alerts-2017.10.29 On2GKfwqSvWSd-pqD_GttQ 5 1 277 0 685.6kb 685.6kb yellow open wazuh-monitoring-2017.11.08 zS_eYK06T7qi-Mx9nIWUfg 5 1 720 0 256.7kb 256.7kb yellow open wazuh-alerts-2017.12.05 msl0V6KyRsScBFGZaFZahA 5 1 2270 0 2.6mb 2.6mb yellow open wazuh-monitoring-2017.11.05 UQp957JRS_uQw-ugzIFaGA 5 1 720 0 236kb 236kb yellow open wazuh-alerts-2017.11.29 _tYIJ4r0Qz2vnucZOS2yyA 5 1 3118 0 2.9mb 2.9mb yellow open wazuh-alerts-2017.11.10 JVf0rnXZQ1WhYdzI56FkDA 5 1 3340 0 3.3mb 3.3mb yellow open wazuh-alerts-2017.11.02 a98ca30uTxWBT4q51CNx1w 5 1 914 0 848.3kb 848.3kb yellow open wazuh-alerts-2017.10.31 5kQs9favTLqcFItGWstkdA 5 1 414 0 647.9kb 647.9kb yellow open wazuh-alerts-2017.10.28 HYsdw39KSa-XijauoD8b1A 5 1 33 0 125.6kb 125.6kb yellow open wazuh-alerts-3.x-2017.12.25 bMo19n1STRGuE2byP5NRLA 5 1 2093 0 2.3mb 2.3mb yellow open wazuh-alerts-2017.11.18 u1r9EBW_Se6ws88fKJAriA 5 1 2992 0 3.1mb 3.1mb yellow open wazuh-alerts-2017.11.11 6FPCXhUBTMOruWdY_AQSdw 5 1 3290 0 3.2mb 3.2mb yellow open wazuh-alerts-3.x-2017.12.18 ZUpzmnT_Sjm9SpK7RWT6tQ 5 1 2229 0 2.2mb 2.2mb yellow open wazuh-monitoring-2017.11.11 MML29OKLS-WUA9Pc_L0ZqA 5 1 720 0 213.9kb 213.9kb yellow open wazuh-alerts-2017.10.30 MLPBGIsxSTKJYPBsU7cbTA 5 1 2614 0 2.5mb 2.5mb yellow open wazuh-monitoring-2017.10.31 Mv9x8w2MQ6eqoOJ5Bk5xSw 5 1 576 0 275.9kb 275.9kb yellow open wazuh-alerts-2017.12.13 k0RiyU3NS8WIUYHoD4xIpA 5 1 2902 0 2.6mb 2.6mb yellow open wazuh-monitoring-2017.11.18 YPi8OH5aSmyZTxWWvUqDzg 5 1 720 0 288.6kb 288.6kb yellow open wazuh-monitoring-3.x-2018.01.07 hvRo5Yl3TZGKo0o_9Th5Nw 5 1 720 0 335.3kb 335.3kb yellow open wazuh-alerts-2017.11.12 lV7he_G9SpmsZTnt0QJ0oA 5 1 3001 0 3.2mb 3.2mb yellow open wazuh-monitoring-2017.11.26 DyUQxfeJQQSKWIKZpD2mog 5 1 720 0 186.8kb 186.8kb yellow open wazuh-alerts-2017.12.15 jledjX4vRWev8GUX4hEtdw 5 1 2192 0 2.5mb 2.5mb yellow open wazuh-alerts-3.x-2017.12.30 bqLVx_sWRMqV5EHDiygxkw 5 1 2160 0 2.1mb 2.1mb yellow open wazuh-monitoring-2017.11.02 jAVJXz_9Q_qvrUCVxwM8tg 5 1 576 0 254.3kb 254.3kb yellow open .wazuh 7YCCFr5RT4OAZXm5xTvcpA 5 1 0 0 1.1kb 1.1kb yellow open wazuh-alerts-2017.12.11 bRAGI3-lSIG_3h3y0XgHvA 5 1 2081 0 2.5mb 2.5mb yellow open wazuh-monitoring-2017.11.04 3cpur_UtRz-03hXxZvMkOQ 5 1 720 0 283.8kb 283.8kb yellow open wazuh-monitoring-2017.11.17 7_hkd8EyTJCM3QZMApjVuA 5 1 720 0 234.2kb 234.2kb yellow open wazuh-monitoring-2017.11.25 -vFVUgflTCS0bKgWWkaoyQ 5 1 720 0 245.5kb 245.5kb yellow open wazuh-monitoring-3.x-2018.01.05 ciZSR4ixT3qhSiWmSuWbew 5 1 330 0 186.1kb 186.1kb yellow open wazuh-alerts-2017.11.27 xfXwNqQ0Qb621FGaoCyurw 5 1 2657 0 2.8mb 2.8mb yellow open wazuh-monitoring-2017.11.27 PjAzg9aiTYyMc_I-oaa6OQ 5 1 571 0 310.6kb 310.6kb yellow open wazuh-alerts-2017.12.08 vQDj0ylcQGCrd7DildcnIw 5 1 2178 0 2.6mb 2.6mb yellow open wazuh-monitoring-2017.11.19 A7Nj5qFFQl-rFb59lMHaFA 5 1 720 0 267.4kb 267.4kb yellow open wazuh-alerts-3.x-2017.12.17 nQa1__7pQp-L9o-PvQyH7A 5 1 2148 0 2.2mb 2.2mb yellow open wazuh-monitoring-2017.10.26 88KFzepjTviRnQ8dX9LaFg 5 1 15 0 90.9kb 90.9kb yellow open wazuh-alerts-2017.11.20 9KhEVzW_RXKYBWRp9CrDTg 5 1 2755 0 2.7mb 2.7mb

curl -XGET localhost:9200/_cat/templates?v name index_patterns order version wazuh [wazuh-alerts-3.*] 0 wazuh-agent [wazuh-monitoring*] 0 kibana_index_template:.kibana [.kibana] 0 logstash [logstash-*] 0 60001

output from systemd:
Jan 09 12:43:54 sec kibana[2085]: {"type":"response","@timestamp":"2018-01-09T11:43:54Z","tags":[],"pid":2085,"method":"get","statusCode":304,"req":{"url":"/plugins/kibana/assets/play-ci rcle.svg","method":"get","headers":{"host":"localhost:5601","connection":"close","if-none-match":"\"2433ecf38258f7121c835670b6993600e7657717-gzip\"","if-modified-since":"Sun, 17 Dec 2017 20:32:28 GMT","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36","accept":"image/webp,image/apng,image/*, */*;q=0.8","referer":"https://wazuh-elk/app/wazuh","accept-encoding":"gzip, deflate, br","accept-language":"de-DE,de;q=0.9,en-US;q=0.8,en;q=0.7"},"remoteAddress":"127.0.0. 1","userAgent":"127.0.0.1","referer":"https://wazuh-elk/app/wazuh"},"res":{"statusCode":304,"responseTime":2,"contentLength":9},"message":"GET /plugins/kibana/assets/play- circle.svg 304 2ms - 9.0B"} Jan 09 12:43:54 sec kibana[2085]: {"type":"response","@timestamp":"2018-01-09T11:43:54Z","tags":[],"pid":2085,"method":"post","statusCode":400,"req":{"url":"/api/wazuh-api/checkStoredAPI ","method":"post","headers":{"host":"localhost:5601","connection":"close","content-length":"20","accept":"application/json, text/plain, */*","origin":"https://wazuh-elk"," kbn-version":"6.1.1","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36","content-type":"application/json;c harset=UTF-8","referer":"https://wazuh-elk/app/wazuh","accept-encoding":"gzip, deflate, br","accept-language":"de-DE,de;q=0.9,en-US;q=0.8,en;q=0.7"},"remoteAddress":"127.0 .0.1","userAgent":"127.0.0.1","referer":"https://wazuh-elk/app/wazuh"},"res":{"statusCode":400,"responseTime":13,"contentLength":9},"message":"POST /api/wazuh-api/checkSto redAPI 400 13ms - 9.0B"} Jan 09 12:43:54 sec kibana[2085]: {"type":"response","@timestamp":"2018-01-09T11:43:54Z","tags":[],"pid":2085,"method":"get","statusCode":200,"req":{"url":"/api/saved_objects/?type=index -pattern&fields=title&per_page=10000&page=1","method":"get","headers":{"host":"localhost:5601","connection":"close","accept":"application/json, text/plain, */*","kbn-version":"6.1.1","us er-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36","referer":"https://wazuh-elk/app/wazuh","ac cept-encoding":"gzip, deflate, br","accept-language":"de-DE,de;q=0.9,en-US;q=0.8,en;q=0.7"},"remoteAddress":"127.0.0.1","userAgent":"127.0.0.1","referer":"https://sec.dest-unreachable.ne t/app/wazuh"},"res":{"statusCode":200,"responseTime":22,"contentLength":9},"message":"GET /api/saved_objects/?type=index-pattern&fields=title&per_page=10000&page=1 200 22ms - 9.0B"} Jan 09 12:43:54 sec kibana[2085]: {"type":"response","@timestamp":"2018-01-09T11:43:54Z","tags":[],"pid":2085,"method":"get","statusCode":304,"req":{"url":"/ui/fonts/open_sans/open_sans_ v13_latin_regular.woff2","method":"get","headers":{"host":"localhost:5601","connection":"close","origin":"https://wazuh-elk","if-none-match":"\"afc44700053c9a28f9ab26f6aec 4862ac1d0795d\"","if-modified-since":"Sun, 17 Dec 2017 20:32:28 GMT","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 S afari/537.36","accept":"*/*","referer":"https://wazuh-elk/app/wazuh","accept-encoding":"gzip, deflate, br","accept-language":"de-DE,de;q=0.9,en-US;q=0.8,en;q=0.7"},"remote Address":"127.0.0.1","userAgent":"127.0.0.1","referer":"https://wazuh-elk/app/wazuh"},"res":{"statusCode":304,"responseTime":7,"contentLength":9},"message":"GET /ui/fonts/ open_sans/open_sans_v13_latin_regular.woff2 304 7ms - 9.0B"} Jan 09 12:43:54 sec kibana[2085]: {"type":"response","@timestamp":"2018-01-09T11:43:54Z","tags":[],"pid":2085,"method":"get","statusCode":200,"req":{"url":"/bundles/ae11252ad19209059498c ac1cd1addd7.svg","method":"get","headers":{"host":"localhost:5601","connection":"close","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chr ome/63.0.3239.132 Safari/537.36","accept":"image/webp,image/apng,image/*,*/*;q=0.8","referer":"https://wazuh-elk/bundles/commons.style.css?v=16350","accept-encoding":"gzip , deflate, br","accept-language":"de-DE,de;q=0.9,en-US;q=0.8,en;q=0.7"},"remoteAddress":"127.0.0.1","userAgent":"127.0.0.1","referer":"https://wazuh-elk/bundles/commons.st yle.css?v=16350"},"res":{"statusCode":200,"responseTime":15,"contentLength":9},"message":"GET /bundles/ae11252ad19209059498cac1cd1addd7.svg 200 15ms - 9.0B"} Jan 09 12:43:54 sec kibana[2085]: {"type":"response","@timestamp":"2018-01-09T11:43:54Z","tags":[],"pid":2085,"method":"get","statusCode":200,"req":{"url":"/ui/favicons/favicon-32x32.png ","method":"get","headers":{"host":"localhost:5601","connection":"close","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.1 32 Safari/537.36","accept":"image/webp,image/apng,image/*,*/*;q=0.8","referer":"https://wazuh-elk/app/wazuh","accept-encoding":"gzip, deflate, br","accept-language":"de-DE ,de;q=0.9,en-US;q=0.8,en;q=0.7"},"remoteAddress":"127.0.0.1","userAgent":"127.0.0.1","referer":"https://wazuh-elk/app/wazuh"},"res":{"statusCode":200,"responseTime":2,"con tentLength":9},"message":"GET /ui/favicons/favicon-32x32.png 200 2ms - 9.0B"} Jan 09 12:43:54 sec kibana[2085]: {"type":"response","@timestamp":"2018-01-09T11:43:54Z","tags":[],"pid":2085,"method":"get","statusCode":200,"req":{"url":"/ui/favicons/favicon-32x32.png ","method":"get","headers":{"host":"localhost:5601","connection":"close","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.1 32 Safari/537.36","accept":"image/webp,image/apng,image/*,*/*;q=0.8","referer":"https://wazuh-elk/app/wazuh","accept-encoding":"gzip, deflate, br","accept-language":"de-DE ,de;q=0.9,en-US;q=0.8,en;q=0.7"},"remoteAddress":"127.0.0.1","userAgent":"127.0.0.1","referer":"https://wazuh-elk/app/wazuh"},"res":{"statusCode":200,"responseTime":2,"con tentLength":9},"message":"GET /ui/favicons/favicon-32x32.png 200 2ms - 9.0B"} Jan 09 12:43:54 sec kibana[2085]: {"type":"response","@timestamp":"2018-01-09T11:43:54Z","tags":[],"pid":2085,"method":"get","statusCode":200,"req":{"url":"/api/wazuh-elastic/setup","met hod":"get","headers":{"host":"localhost:5601","connection":"close","accept":"application/json, text/plain, */*","kbn-version":"6.1.1","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x 64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36","referer":"https://wazuh-elk/app/wazuh","accept-encoding":"gzip, deflate, br","accept-langua ge":"de-DE,de;q=0.9,en-US;q=0.8,en;q=0.7"},"remoteAddress":"127.0.0.1","userAgent":"127.0.0.1","referer":"https://wazuh-elk/app/wazuh"},"res":{"statusCode":200,"responseTi me":4,"contentLength":9},"message":"GET /api/wazuh-elastic/setup 200 4ms - 9.0B"} Jan 09 12:43:54 sec kibana[2085]: {"type":"response","@timestamp":"2018-01-09T11:43:54Z","tags":[],"pid":2085,"method":"get","statusCode":200,"req":{"url":"/ui/favicons/favicon-16x16.png ","method":"get","headers":{"host":"localhost:5601","connection":"close","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.1 32 Safari/537.36","accept":"image/webp,image/apng,image/*,*/*;q=0.8","referer":"https://wazuh-elk/app/wazuh","accept-encoding":"gzip, deflate, br","accept-language":"de-DE ,de;q=0.9,en-US;q=0.8,en;q=0.7"},"remoteAddress":"127.0.0.1","userAgent":"127.0.0.1","referer":"https://wazuh-elk/app/wazuh"},"res":{"statusCode":200,"responseTime":1,"con tentLength":9},"message":"GET /ui/favicons/favicon-16x16.png 200 1ms - 9.0B"} Jan 09 12:43:54 sec kibana[2085]: {"type":"response","@timestamp":"2018-01-09T11:43:54Z","tags":[],"pid":2085,"method":"post","statusCode":200,"req":{"url":"/api/saved_objects/bulk_get", "method":"post","headers":{"host":"localhost:5601","connection":"close","content-length":"70","accept":"application/json, text/plain, */*","origin":"https://wazuh-elk","kb n-version":"6.1.1","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36","content-type":"application/json;cha rset=UTF-8","referer":"https://wazuh-elk/app/wazuh","accept-encoding":"gzip, deflate, br","accept-language":"de-DE,de;q=0.9,en-US;q=0.8,en;q=0.7"},"remoteAddress":"127.0.0 .1","userAgent":"127.0.0.1","referer":"https://wazuh-elk/app/wazuh"},"res":{"statusCode":200,"responseTime":25,"contentLength":9},"message":"POST /api/saved_objects/bulk_g et 200 25ms - 9.0B"}
fyi: i only changed the dns entry to wazuh-elk ;)

chrome console says the following:
POST https://wazuh-elk/api/wazuh-api/checkStoredAPI 400 (Bad Request)

Hmmm....

from wazuh-dashboard-plugins.

sorry, the pasted output is a bit ugly :(

from wazuh-dashboard-plugins.

Hi again @aremai, and sorry for the late response.

You pointed out something interesting we might check out a bit.
POST https://wazuh-elk/api/wazuh-api/checkStoredAPI 400 (Bad Request)

Could you please open the developer console on your browser and take a screenshot of the Network/XHR tab? There should be an error (coloured with red), and if you click on it, it should show the content of the message (probably indicating the error).

Also, could you please open Kibana and go to Management/Index patterns and take a screenshot of that?

Thank you for your patience.

Best regards,
Juanjo

from wazuh-dashboard-plugins.

Hi @aremai , in addition to @JuanjiJG comments, I want to suggest you to give a try to the following trick:

# rm -rf /var/ossec/var/db/global.db*
# /var/ossec/bin/ossec-control restart

You will not lose data from agents/alerts, the information included on the database does not affect to your Wazuh environment and when you restart it, it will be regenerated. Once time you have executed it, you could try again to use the Wazuh App. The reason could be an error related to a failed access to the database because it wasn't regenerated properly and the Wazuh API fails, so the Wazuh App fails.

Best regards,
Jesús

from wazuh-dashboard-plugins.

Thank you @JuanjiJG and @jesusgn90 I've managed to fix this issue now and will now close the issue.
Muchas gracias for your help!!!

from wazuh-dashboard-plugins.

Hello @aremai!

We're glad you finally solved your problem. Please, don't hesitate to open a new issue if you have another problem in the future, we'll be pleased to help you!

Best regards,
Juanjo

from wazuh-dashboard-plugins.