biggiesmallsAG
commented
6 years ago Hey liertasfox,
Can you try to do a manual upload from cli? the 'nighthawk' binary has option flags that let you manually upload without the UI. Try this first. As for the index pattern not being in kibana, it sounds like something in the install script has failed. Can you zip up logs for us and drop them here so we can see?
Did you go through these steps exactly?
Version 1.0.4 would work on any Ubuntu x64 OS (we have tested in Ubuntu 16.04LTS) Update Ubuntu to latesth patch Download release/nhr-1.0.4.tar.gz Unarchive nhr-1.0.4.tar.gz Change directory to nhr-1.0.4 Change nhr-setup.sh to executable (chmod +x nhr-setup.sh) Install dependencies and nightHawk Response packages (sudo ./nhr-setup.sh install) Note: Internet access is required during installation. Initial installation may fail to create Elasticsearch index. If that happens please re-run (sudo ./nhr-setup.sh install) Verify all the components are running ---- sudo systemctl status elasticsearch ---- sudo systemctl status kibana ---- sudo systemctl status rabbitmq-server ---- sudo systemctl status nginx ---- sudo systemctl status nighthawk-api ---- sudo systemctl status nighthawk-worker You can access it by browsing to https://ipaddress Default username and password is both admin/admin
libertasfox
Mufassa4n6
roshanmaskey
Ubuntu 16.04.1 nightHawk 1.0.4
I am trying to upload a .mans file and when I do I get a "QUERY_BUILDER" message that never goes away until I refresh the browser. I've changed the max file upload size in the nginx config. When I go over to view Kibana, it informs me of the following:
Warning - No default index pattern. You must select or create one to continue. "Unable to fetch mapping. Do you have indices matching the pattern?"
I've run the install file multiple times as instructed in the install section of the README, however, it doesn't appear to create the index pattern within Kibana. Any ideas?
Thanks in advance for the help.