Messages

1

Zenarmor (Sensei) / Re: Dashboard (an error occured while report...) / external elasticsearch db

« on: March 19, 2021, 10:07:29 am »

Seems to be more of an Elasticsearch problem than SENSEI...

2

Zenarmor (Sensei) / Re: Dashboard (an error occured while report...) / external elasticsearch db

« on: March 18, 2021, 05:10:10 pm »

There seems to be an issue with the elasticsearch or the combination... I was using ES 6.8.14, updated to 7.11.1 and now at least some indices are created. but I still get the error and no data get feed into...

3

Zenarmor (Sensei) / Dashboard (an error occured while report...) / external elasticsearch db

« on: March 18, 2021, 03:06:21 pm »

dear opnsense community

sensei somehow can't communicate with my elasticsearch db. I noticed this when I click on the dashboard it says "An error occured while report is beeing loaded!" - According forum entries I rebooted several times, waited longer but sensei isn't writing anything to elasticsearch, as no index is beeing created.

I tested elasticsearch via "http://192.168.1.18:9200/newindex" which did create a new index. I can ping and reach the elasticsearch server with curl..

/usr/local/sensei/log/active/ipdr_streamer.log

Code: [Select]

Elasticsearch insert
Staring ES....True
 Endpoint: tls_write
Inserting in 0.01 seconds.
Inserting in 0.01 seconds.
Inserting in 0.01 seconds.
 IPDRSTREAM STOP:  FileNotFoundError(2, 'No such file or directory')
----2021-03-18T09:04:11.452253 waiting data...
 sending bulk: /usr/local/sensei/output/active/temp/0_conn_29.ipdr.ready
 sending bulk: /usr/local/sensei/output/active/temp/0_dns_32.ipdr.ready
File: /usr/local/sensei/output/active/temp/0_dns_32.ipdr.ready Size: 2494
File: /usr/local/sensei/output/active/temp/0_conn_29.ipdr.ready Size: 9376
Elasticsearch insert
I did uninstall sensei completely and reinstalled it, reinstalled suricata, as said rebooted several times...

Any ideas what else I could try?

Thanks a lot in advance
Dave