KTS7
KTS7 copied to clipboard
StamusNetworks
Importing dashboards in Opensearch Dashboards 2.0 breaks
Opensearch + Dashboards at 2.0.0, linked to issue: https://github.com/StamusNetworks/KTS7/issues/6
Importing gives error:
[opensearch-dashboards@dashboards-556c54898c-wmfbh config]$ ./importsuricata.sh
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 503k 100 503k 0 0 1863k 0 --:--:-- --:--:-- --:--:-- 1858k
{"statusCode":422,"error":"Unprocessable Entity","message":"Document \"036d9030-74eb-11ea-bb42-278f04c43ada\" has property \"index-pattern\" which belongs to a more recent version of OpenSearch Dashboards [7.11.0]. The last known version is [7.6.0]"} % Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 524k 100 524k 0 0 1024k 0 --:--:-- --:--:-- --:--:-- 1023k
{"statusCode":422,"error":"Unprocessable Entity","message":"Document \"036d9030-74eb-11ea-bb42-278f04c43ada\" has property \"index-pattern\" which belongs to a more recent version of OpenSearch Dashboards [7.11.0]. The last known version is [7.6.0]"} % Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 1050k 100 1050k 0 0 3696k 0 --:--:-- --:--:-- --:--:-- 3698k
{"statusCode":422,"error":"Unprocessable Entity","message":"Document \"92edee20-74c4-11ea-bb42-278f04c43ada\" has property \"index-pattern\" which belongs to a more recent version of OpenSearch Dashboards [7.11.0]. The last known version is [7.6.0]"} % Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 1094k 100 1094k 0 0 2536k 0 --:--:-- --:--:-- --:--:-- 2534k
{"statusCode":422,"error":"Unprocessable Entity","message":"Document \"92edee20-74c4-11ea-bb42-278f04c43ada\" has property \"index-pattern\" which belongs to a more recent version of OpenSearch Dashboards [7.11.0]. The last known version is [7.6.0]"} % Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 3366 100 3366 0 0 17532 0 --:--:-- --:--:-- --:--:-- 17623
{"successCount":5,"success":true,"successResults":[{"type":"query","id":"Hidden+Executables+-1","meta":{"title":"Hidden Executables -1","icon":"search"}},{"type":"query","id":"Large+DNS+flows","meta":{"title":"Large DNS flows","icon":"search"}},{"type":"query","id":"Larger+DNS+TXT+records","meta":{"title":"Larger DNS TXT records","icon":"search"}},{"type":"query","id":"Larger+ICMP+flows","meta":{"title":"Larger ICMP flows","icon":"search"}},{"type":"query","id":"Non+standard+TLS+port+with+older+TLS+versions","meta":{"title":"Non standard TLS port with older TLS versions","icon":"search"}}]}[opensearch-dashboards@dashboards-556c54898c-wmfbh config]$
I've tried replacing all the version numbers with sed like this:
sed -i 's/7.11.0/7.6.0/g' index-pattern.ndjson
While it did clear the errors on command line, the index patterns/visualisations are working, but the dashboards themselfes are not working.
Hello Peter @pevma , could you please look in to this? If not supported we need to build our own dashboard, but it would be more then much appriciated if you could help us out! TIA
Opensearch is something to take a look at, Elastic has gone source available only and in doing so they pissed a lot of people off. Opensearch is gaining traction as a open source project and is well maintained, we really would like to stick with the Apache v2 licensed Opensearch in stead of the Elastic V2 (brr) / SSPL (plain horrible) licensed Elasticsearch.