Hi Everyone,
I am new to Graylog. I have installed OpenSearch, and it is working. Currently, I have configured the Elastic Flow to send the flow data to OpenSearch, and the OpenSearch Dashboard is able to display the Data.
I was planning to configure Graylog to get logs from the Same firewall, but my installation has an issue.
I get the following error in the log and I am unable to load the web console.
2023-07-21T22:53:57.298Z ERROR [VersionProbe] Unable to retrieve version from Elasticsearch node: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target. - unable to find valid certification path to requested target.
2023-07-21T22:53:57.299Z INFO [VersionProbe] Elasticsearch is not available. Retry #306
2023-07-21T22:54:02.315Z ERROR [VersionProbe] Unable to retrieve version from Elasticsearch node: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target. - unable to find valid certification path to requested target.
2023-07-21T22:54:02.315Z INFO [VersionProbe] Elasticsearch is not available. Retry #307
Opensearch is working and has no issues.
curl -XGET https://192.168.49.91:9200 -u admin:admin --insecure
{
- “name” : “OSH01”,*
- “cluster_name” : “opensearch”,*
- “cluster_uuid” : “*****”,*
- “version” : {*
- “distribution” : “opensearch”,*
- “number” : “2.8.0”,*
- “build_type” : “deb”,*
- “build_hash” : "**",
- “build_date” : “**”,*
- “build_snapshot” : false,*
- “lucene_version” : “9.6.0”,*
- “minimum_wire_compatibility_version” : “7.10.0”,*
- “minimum_index_compatibility_version” : “7.0.0”*
- },*
- “tagline” : “The OpenSearch Project: https://opensearch.org/”*
~$ curl -XGET https://192.168.49.91:9200/_cat/nodes?v -u admin:admin --insecure
ip heap.percent ram.percent cpu load_1m load_5m load_15m node.role node.roles cluster_manager name
192.168.49.91 56 96 2 0.10 0.18 0.15 dimr cluster_manager,data,ingest,remote_cluster_client * OSH01
~$ curl -XGET https://192.168.49.91:9200/_cat/indices?v -u admin:admin --insecure
health status index uuid pri rep docs.count docs.deleted store.size pri.store.size
green open .opensearch-observability trRv1mT8R-G-FbwqHnqo0g 1 0 0 0 208b 208b
green open elastiflow-flow-ecs-8.0-2.2-2023.07.21 wOTjECbUSNC9oF-Nkpj6yA 1 0 12254990 0 4.4gb 4.4gb
green open .kibana_92668751_admin_1 GxAoXKWFQcexCmazbK7LNQ 1 0 1291 0 394.7kb 394.7kb
yellow open security-auditlog-2023.07.22 TOOLuWS3RG-_QnWqBVJnoQ 1 1 695 0 1.4mb 1.4mb
yellow open security-auditlog-2023.07.21 c-zNVmttR7uuqrtR0F6IeA 1 1 1451 0 2.8mb 2.8mb
green open elastiflow-flow-ecs-8.0-2.2-2023.07.22 IeoqGfDlRaSiQk9djaJSxw 1 0 800927 0 355.3mb 355.3mb
green open .opendistro_security GY-bB775S1u_ErGQ_EeFfA 1 0 10 0 75.4kb 75.4kb
green open .kibana_1 S5MWlIeaT2-cfifycRlnUA 1 0 1291 0 394.7kb 394.7kb
vsrsadmin@PFTEST:~$
any guidance on how I can connect the graylog to the OpenSearch?