Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Wazuh Compliance Reports Visualization Error #1716

Closed
siri102 opened this issue Aug 23, 2019 · 3 comments
Closed

Wazuh Compliance Reports Visualization Error #1716

siri102 opened this issue Aug 23, 2019 · 3 comments
Assignees
@jesusgn90
Labels
type/bug Bug issue

Comments

@siri102
Copy link

siri102 commented Aug 23, 2019

Wazuh Elastic
3.9.4 7.3

Description
When we are clicking on PCI DSS reports in Wazuh App the following error is thrown

Error in visualization. Request to Elasticsearch failed: {"error":{"root_cause":[{"type":"illegal_argument_exception","reason":"Invalid interval specified, must be non-null and non-empty"},{"type":"illegal_argument_exception","reason":"Invalid interval specified, must be non-null and non-empty"}],"type":"search_phase_execution_exception","reason":"all shards failed","phase":"query","grouped":true,"failed_shards":[{"shard":0,"index":"wazuh-alerts-3.x-2019.08.22","node":"uehBV3NhTcSyDIQMYAwUnA","reason":{"type":"illegal_argument_exception","reason":"Invalid interval specified, must be non-null and non-empty"}},{"shard":0,"index":"wazuh-alerts-3.x-2019.08.23","node":"uehBV3NhTcSyDIQMYAwUnA","reason":{"type":"illegal_argument_exception","reason":"Invalid interval specified, must be non-null and non-empty"}}],"caused_by":{"type":"illegal_argument_exception","reason":"Invalid interval specified, must be non-null and non-empty","caused_by":{"type":"illegal_argument_exception","reason":"Invalid interval specified, must be non-null and non-empty"}}},"status":400}

Also attached the elasticsearch logs. Which timestamp values are also getting displayed which interval is actually null?

logs.txt
@siri102 siri102 added the type/bug Bug issue label Aug 23, 2019
@jesusgn90
Copy link
Contributor

Hi @siri102 ,

I could not reproduce your issue. Can you share the selected time range when this error appears? Is it happening regardless of the filters and time range being applied?

Regards,
Jesús

@jesusgn90 jesusgn90 self-assigned this Aug 23, 2019
@siri102
Copy link
Author

siri102 commented Aug 23, 2019

Hi @jesusgn90,

What I noticed is, Wazuh is working prefectly in Default space but I am getting this issue in Customized Space. I don't even find wazuh-monitoring-* index in customized space which is visible in Default Space. So are we supposed to use Wazuh-App only in Default Space in Kibana?

Thanks in advance

@jesusgn90
Copy link
Contributor

Yes, that's right @siri102. We were working on it, for the next incoming version (3.10.0) the Wazuh app will be compatible with Kibana spaces see #1234, #1601, and #1450.

The only thing you will need is to go to Management in Kibana and to create the index pattern for the Wazuh alerts in that custom space, then the app would work with no issues.

Thanks for your patience.

Regards,
Jesús

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jesusgn90 jesusgn90

Labels
type/bug Bug issue
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jesusgn90 @juankaromo @siri102