search

domainaware / parsedmarc

A Python package and CLI for parsing aggregate and forensic DMARC reports
https://domainaware.github.io/parsedmarc/
Apache License 2.0
966 stars 210 forks source link

Dashboard date_histogram error with elasticsearch 8.0 or higher #356

Open ykcab opened 1 year ago

ykcab commented 1 year ago

When using Elastic search version =>8.0, the is an error for the date interval Elasticsearch err:[1:512] [date_histogram] unknown field [interval] did you mean [fixed_interval]?

Is there an updated query (json) file? or any configuration I should fix either in grafana or elasticsearch?

Screen Shot 2022-09-26 at 1 12 32 PM
TafkaMax commented 1 year ago

Same issue.

ykcab commented 1 year ago

Good news, I believe to have fixed this issue. I am testing this out with Elastic 8.3.4 & 8.4 and Grafana 9.0

msizec commented 1 year ago

hi I found out that some panels won't work anymore then, sayaing the interval must be non null non empty Some panels are OK, some are not.

andryushchenko commented 1 year ago

image Same here

dijitali commented 1 year ago

A workaround has been outlined in https://github.com/debricked/dmarc-visualizer/issues/41#issuecomment-1425415494:

RUN sed -i 's/fixed_interval/interval/g' /var/lib/grafana/dashboards/Grafana-DMARC_Reports.json

Looks like this was partly fixed with #366 but there are a few remaining places needing changing to support elasticsearch v8 breaking changes:

The date_histogram aggregation’s interval parameter is no longer valid.

Details It is now an error to specify the interval parameter to the date_histogram aggregation or the composite date_histogram source. Instead, please use either calendar_interval or fixed_interval as appropriate.