OpenSearch

I’m using OpenSearch to monitor AWS WAF logs. However, whenever I’m making a query, it says that “5 of 316 shards failed”. See the screenshot below for details of the error:

r/aws - 5 of 316 shards failed when querying on OpenSearch Dashboard

The dashboard shows up successfully without any problem, but it’s kinda uncomfortable to see the persistent pops-up of such error.

After posting this issue on the reddit forum, I got some useful advice from the community: This is more like an elastic search question than AWS. This might be a multi-index search and the mapping on one or more indexes has a number type instead of a date on the field I'm searching. Another insight is that it looks like it could be that 2/7/2021 index if I am searching an alias or a wildcard index. Check the mapping for the field you are trying to submit a date value for.

Since I did not need the index in question, I opted to delete it: In Dev tools in my OpenSearch (or in Kibana if you're using it), I entered the following command line: 

# DELETE /awswaf-2021-07-02

And then click the play icon to the right of the line:



Here are some screenshots of the relevant attributes. However, I cannot modify them:




.









Comments

Post a Comment

Popular posts from this blog

Install Gophish and Start Your Phishing Campaign

Image
Install Gophish on Kali Linux and Start Your Phishing Campaign  Installing go programming language # source ~/.bashrc # sudo apt install -y golang # sudo vim helloworld.go  # go run helloworld.go # sudo vim ~/.bashrc Add the following paths to the end of the file export GOPATH=/root/go-workspace export GOROOT=/usr/local/go PATH=$PATH:$GOROOT/bin/:$GOPATH/bin Installing gophish using pre-built binaries Download the  gophish installer  and extract the contents of the zip file # unzip gophish-v0.11.0-linux-64bit.zip -d /home/kali/Downloads/gophish Give Gophish necessary permissions Give the gophish the necessary permissions to run without permission restrictions: # sudo chmod +x gophish Running gophish # ./gophish Logging into gophish  Go to the admin server at https://127.0.0.0:3333. Setting up gophish sending profile New Sending Profile Note : Create an application-specific password on Gmail. First, enable 2-step verification: Send Test Email Received the test em...
Read more

[LINUX] - SECURING LINUX SYSTEMS

Image
TOPIC A: IMPLEMENT CYBERSECURITY BEST PRACTICES A chroot jail is a technique of controlling what a process a user can access on a file system by changing the root directory of that process's environment: Encryption is a cryptographic technique that converts data from plaintext into coded, or ciphertext, form. Decryption is the companion technique that converts ciphertext back to plaintext: LUKS: Linux Unified Key Setup is a platform-independent FDE solution that is commonly that is commonly used to encrypt storage devices in a Linux environment. The cryptsetup command is used as a front-end to LUKS and dm-crypt SYNTAX The syntax of the cryptsetup command is cryptsetup [options] {actions} [action arguments]  Hashing is a process or function that transforms plaintext input into an indecipherable fixed-length output and ensures this process cannot be feasibly reversed. The resulting output of the hashing process is called a hash, hash value, or message digest. TOPIC B: IMPLEMENT IAM M...
Read more

Hướng dẫn cách đọc và hiểu thông số firewall - tường lửa

Image
  Hướng dẫn cách hiểu thông số firewall - tường lửa 17/01/2021 09:00 Chắc hẳn trong chúng ta khi tìm hiểu các mẫu mã và thông số firewalls (tường lửa) để mua cho công ty, ai cũng thấy bối rối khi đọc các thông số kỹ thuật. Vậy làm cách nào để có thể hiểu được các thông số cơ bản của firewalls? Firewall Throughput Thông thường, chỉ số này được ghi là Mbps (megabits per second) hoặc Gbps (gigabits per second). Đây chính là lượng traffic có thể đi qua tường lửa tài một thời điểm. Thông số này có vẻ quan trọng, nhưng thực ra nó...không có ý nghĩa gì lắm. Thực ra con số này chỉ là con số thô, chỉ đo lượng traffic đi qua firewall mà không tính đến việc quét virus, lọc nội dung (content filtering), ngăn chặn xâm nhập (intrusion prevention), kiểm tra thất thoát dữ liệu và các bước tương tự. Con số còn có thể thay đổi theo giao thức (protocol) và kích cỡ gói tin (packet). Thông số Throughput thậm chí quan trọng hơn cho việc chia lớp mạng nội bộ (network segmentation). Khi tường lửa được sử ...
Read more