An unknown error occurred. Please contact your administrator or the OpenCTI maintainers.

[s1-luc-ibata]

Prerequisites

• [ x ] I read the Deployment and Setup section of the OpenCTI documentation as well as the Troubleshooting page and didn't find anything relevant to my problem.
• [ x ] I went through old GitHub issues and couldn't find anything relevant
• [ x ] I googled the issue and didn't find anything relevant

Description

Getting this error when openining the Connector page from Opencti UI: An unknown error occurred. Please contact your administrator or the OpenCTI maintainers.

We are also seeing this error when using google chrome developer tool/console: WebSocket connection to 'wss://xxxxx/graphql' failed:

Could this be related to the previous error? If not, should we ignore this error

Questions: Can you guys also guide me on how to monitor all the components of Opencti with Datadog so that troubleshooting is easier. I want to see Elasticsearch, RabbitMQ, Redis, Minio, Opencti Api, Opencti Platform.

We have been noticing that our opencti UI is getting really slower, showing a white page. What's the main cause here? Apparently we should decouple opencti-api and opencti-platform to help fix it. Since we are using EKS on aws, should we use one nodegroup for opencti-api and the other for opencti-platform. Also what is opencti-api, is it Opencti-worker?

Environment

1. Linux EC2, AMI = amazon-eks-node-1.20-v20210512
2. OpenCTI version: 4.5.5
3. OpenCTI client:

Reproducible Steps

Steps to create the smallest reproducible scenario:

1. Click the left nav > Data
2. Click the top nav > Connectors : url https://xxxxx/dashboard/data/connectors You will get this page: Error An unknown error occurred. Please contact your administrator or the OpenCTI maintainers.

Additional information

[richard-julien]

Close for inactivity

[ips972]

Hi All,

it seems I'm having this same issue. so i'll ask this issue be reopened. I'm running a docker installation, except for Elastic as an external grid accessed via loadbalancer. (no issues there.) the minio, redis, rabbitMQ and platform dockers are limited to host1 in docker swarm. this host has 196GB ram and 32cores, 500GB SSD. two more swarm hosts running all other connectors and workers.

platform docker accessable via port 8080 or port 80 mapped by docker, and also sits behind nginx with ssl as per guide. also trying haproxy with ssl proxy with additinal config for web socket.

I've tried to run platform and worker as docker replicas (from 1 to 10 - platform and 1 to 30 workers) and i've tried to run seperate docker instances for 1 - 4 platform on seperate external mapped ports (8080,8081,8082,8083 etc..) and behind roundrobin LB. either nginx or haproxy.

i have many connectors and the opencti is showing about 14.1 milion entities, 25.2 Milion relationships, 18.2 miliion observables with a daily ingest of about 500K new entries (connectors, MISP, etc..)

with this setup - I keep getting api and web gui timeouts with chrome debug showing these error messages:

when connecting through SSL proxy (nginx or haproxy) : front-AKFOC6SH.js:40 WebSocket connection to 'wss://opencti.home.lab/graphql' failed: WebSocket is closed before the connection is established.

when connecting directly to port 8080 or port 80 on docker mapped ports on swarm host1: front-AKFOC6SH.js:40 WebSocket connection to 'ws://opencti.home.lab/graphql' failed: WebSocket is closed before the connection is established.

This only gets fixed for a short time by stopping the opensci stack in portainer and starting again. i seems to have become this bad after upgrading from 5.10.0 to 5.10.1 up to current latest 5.10.3

no apparent error messaged in redis(64BG ram) , rabbitMQ or minio dockers (all running single instances).

what i'm I missing?