openldap-elk icon indicating copy to clipboard operation
openldap-elk copied to clipboard

Published 20 hours ago verified publisher icon ltb-project

Dashboard is not working on Kibana 4.5.1

Open thebhushanp opened this issue 8 years ago • 6 comments

I tried to import the dashboard on Kibana 4.5.1 I got following error on console Error: arr.map is not a function WEBPACK_AMD_DEFINE_RESULT</</Promise.map@http://10.1.1.218:5601/bundles/commons.bundle.js?v=9892:61082:27 controller/$scope.importAll@http://10.1.1.218:5601/bundles/kibana.bundle.js?v=9892:97786:19 anonymous/fn@http://10.1.1.218:5601/bundles/commons.bundle.js?v=9892 line 40937 > Function:2:306 link/</reader.onload/<@http://10.1.1.218:5601/bundles/kibana.bundle.js?v=9892:98118:16 $RootScopeProvider/this.$get</Scope.prototype.$eval@http://10.1.1.218:5601/bundles/commons.bundle.js?v=9892:43604:17 $RootScopeProvider/this.$get</Scope.prototype.$apply@http://10.1.1.218:5601/bundles/commons.bundle.js?v=9892:43704:21 link/</reader.onload@http://10.1.1.218:5601/bundles/kibana.bundle.js?v=9892:98117:14

http://10.1.1.218:5601/bundles/commons.bundle.js?v=9892 Line 40092

thebhushanp avatar Nov 08 '16 13:11 thebhushanp

Yes, it is clearly said that this dashboard is for Kibana 3.

Work is needed to create Kibana 4 dashboards.

coudot avatar Nov 08 '16 14:11 coudot

Sorry to bother you again, but do you have any plans to make it work with Kibana 4?

thebhushanp avatar Nov 09 '16 05:11 thebhushanp

Not yet, but any help is welcomed.

coudot avatar Nov 09 '16 06:11 coudot

I would loved to do it. I am just learning OpenLDAP and ELK stack. I am trying to make a dashboard for Kibana 4. What I want to know that value of conn attribute in log is always going to be unique or not? Because my algorithm is like

  • Search for keyword SEARCH RESULT
  • Get value of attribute conn and op
  • Find for SRCH base same value of conn and op.

thebhushanp avatar Nov 09 '16 09:11 thebhushanp

Value of conn is not unique, as you can have a lot of operations per connections. With ELK, you can filter all log lines that matched a connection, then filter the operation number, then other informations if you need.

Note that op is not unique, as for each connection, the operation counter is reset.

coudot avatar Nov 10 '16 08:11 coudot

Hi Clément, I have used your logstash conf file. I am struck at one point. I want to display 'Top 10 credential failed user IDs(uid)'. Now the problem is, result of bind operation is not present in that log and in result log statement, where i get error_code = 49, there I dont get uid. I have explain the issue in brief at following link. http://stackoverflow.com/questions/40547248/elasticsearch-nested-query-in-in-operator

Any idea on how to overcome this issue? any help is appreciated.

thebhushanp avatar Nov 15 '16 15:11 thebhushanp