Dan

Hi all! I have same issue, multiple times did fresh install and upgrade, always same problem, Elastic didnt start after reboot and have 2 Unassigned shards. and VM cant reboot...

Also, in alert event from Kabana ill try move to FPC in Arkime, a have an error:  Also in Arkime no data at all.

Thanks for quick answer! Your link help me to fix reboot. /etc/suricata/selks6-addin.yaml same that in the manual, in first time configuration i check FPC_Retain, then i shuld 'dir:' to /data/moloch/raw/...

Looks like i fix problem with ES, just go thru this manual, who have same problem - https://sleeplessbeastie.eu/2020/02/29/how-to-prevent-systemd-service-start-operation-from-timing-out/ But still have problem with 2 shards, yellow indexes: 

and one more problem with dashboards: 

Where i can find django config? Or how i can fix this error? ```` Forbidden (403) CSRF verification failed. Request aborted. You are seeing this message because this HTTPS site...

Sure, that error appear when i open SELKS web via fqdn, redirect before from router

> Did you adjust the hostname settings in the OS and double check the `/etc/scirius/local_settings.py` - that it looks ok? Yes, `/etc/scirius/local_settings.py` default settings, i can use SELKS via IP,...

> Can you ping for example the fqdn form another place on the network ? (just a sanity check) Sure, all ok, as i say, i see auth page and...

No, i have 3 Scirius CE installs.