500 server error while crerating new blank

[Zodchyone]

Describe the bug After deploying Timesketch via official docker tutotial i cannot download sketch. New UI - Server Error. Old UI - server 500 error. I just using official docker how-to. Deploy is ok. I cannot do something with sketchs, cause i see this error every time.

This wsgi_error.log in the error's moment.

`[2024-01-08 09:28:10,028] timesketch.app/ERROR Exception on /api/v1/sketches/1/ [GET] Traceback (most recent call last): File "/usr/local/lib/python3.10/dist-packages/urllib3/connection.py", line 174, in _new_conn conn = connection.create_connection( File "/usr/local/lib/python3.10/dist-packages/urllib3/util/connection.py", line 72, in create_connection for res in socket.getaddrinfo(host, port, family, socket.SOCK_STREAM): File "/usr/lib/python3.10/socket.py", line 955, in getaddrinfo for res in _socket.getaddrinfo(host, port, family, type, proto, flags): socket.gaierror: [Errno -2] Name or service not known

During handling of the above exception, another exception occurred:

Traceback (most recent call last): File "/usr/local/lib/python3.10/dist-packages/opensearchpy/connection/http_urllib3.py", line 240, in perform_request response = self.pool.urlopen( File "/usr/local/lib/python3.10/dist-packages/urllib3/connectionpool.py", line 799, in urlopen retries = retries.increment( File "/usr/local/lib/python3.10/dist-packages/urllib3/util/retry.py", line 525, in increment raise six.reraise(type(error), error, _stacktrace) File "/usr/local/lib/python3.10/dist-packages/urllib3/packages/six.py", line 770, in reraise raise value File "/usr/local/lib/python3.10/dist-packages/urllib3/connectionpool.py", line 715, in urlopen httplib_response = self._make_request( File "/usr/local/lib/python3.10/dist-packages/urllib3/connectionpool.py", line 416, in _make_request conn.request(method, url, **httplib_request_kw) File "/usr/local/lib/python3.10/dist-packages/urllib3/connection.py", line 244, in request super(HTTPConnection, self).request(method, url, body=body, headers=headers) File "/usr/lib/python3.10/http/client.py", line 1283, in request self._send_request(method, url, body, headers, encode_chunked) File "/usr/lib/python3.10/http/client.py", line 1329, in _send_request self.endheaders(body, encode_chunked=encode_chunked) File "/usr/lib/python3.10/http/client.py", line 1278, in endheaders self._send_output(message_body, encode_chunked=encode_chunked) File "/usr/lib/python3.10/http/client.py", line 1038, in _send_output self.send(msg) File "/usr/lib/python3.10/http/client.py", line 976, in send self.connect() File "/usr/local/lib/python3.10/dist-packages/urllib3/connection.py", line 205, in connect conn = self._new_conn() File "/usr/local/lib/python3.10/dist-packages/urllib3/connection.py", line 186, in _new_conn raise NewConnectionError( urllib3.exceptions.NewConnectionError: <urllib3.connection.HTTPConnection object at 0x7fe5da96b760>: Failed to establish a new connection: [Errno -2] Name or service not known

During handling of the above exception, another exception occurred:

Traceback (most recent call last): File "/usr/local/lib/python3.10/dist-packages/flask/app.py", line 1484, in full_dispatch_request rv = self.dispatch_request() File "/usr/local/lib/python3.10/dist-packages/flask/app.py", line 1469, in dispatch_request return self.ensure_sync(self.view_functions[rule.endpoint])(view_args) File "/usr/local/lib/python3.10/dist-packages/flask_restful/init.py", line 489, in wrapper resp = resource(args, kwargs) File "/usr/local/lib/python3.10/dist-packages/flask/views.py", line 109, in view return current_app.ensure_sync(self.dispatch_request)(kwargs) File "/usr/local/lib/python3.10/dist-packages/flask_restful/init.py", line 604, in dispatch_request resp = meth(args, kwargs) File "/usr/local/lib/python3.10/dist-packages/flask_login/utils.py", line 290, in decorated_view return current_app.ensure_sync(func)(*args, *kwargs) File "/usr/local/lib/python3.10/dist-packages/timesketch/api/v1/resources/sketch.py", line 469, in get filter_labels=self.datastore.get_filter_labels(sketch.id, sketch_indices), File "/usr/local/lib/python3.10/dist-packages/timesketch/api/v1/resources/init.py", line 363, in datastore return OpenSearchDataStore( File "/usr/local/lib/python3.10/dist-packages/timesketch/lib/datastores/opensearch.py", line 140, in init self.version = self.client.info().get("version").get("number") File "/usr/local/lib/python3.10/dist-packages/opensearchpy/client/utils.py", line 179, in _wrapped return func(args, params=params, headers=headers, **kwargs) File "/usr/local/lib/python3.10/dist-packages/opensearchpy/client/init.py", line 253, in info return self.transport.perform_request( File "/usr/local/lib/python3.10/dist-packages/opensearchpy/transport.py", line 407, in perform_request raise e File "/usr/local/lib/python3.10/dist-packages/opensearchpy/transport.py", line 370, in perform_request status, headers_response, data = connection.perform_request( File "/usr/local/lib/python3.10/dist-packages/opensearchpy/connection/http_urllib3.py", line 255, in perform_request raise ConnectionError("N/A", str(e), e) opensearchpy.exceptions.ConnectionError: ConnectionError(<urllib3.connection.HTTPConnection object at 0x7fe5da96b760>: Failed to establish a new connection: [Errno -2] Name or service not known) caused by: NewConnectionError(<urllib3.connection.HTTPConnection object at 0x7fe5da96b760>: Failed to establish a new connection: [Errno -2] Name or service not known) `

• OS: Ubuntu 22.04.3 LTS
• Desktop OS: Win11
• Browser: Firefox

Sorry for bad english.

[jkppr]

Hi @Zodchyone , let's see if we can get this sorted.

• Can you please share with me what exact docker deployment guide you have used to deploy timesketch?
• Are you trying to deploy a development instance or something for productive/testing purposes?
• Have you checked the official guide at https://timesketch.org/guides/admin/install/ ?
  • The easiest way to deploy Timesketch is via the deploy_timesketch.sh script. https://github.com/google/timesketch/blob/master/contrib/deploy_timesketch.sh

The error you have pasted above, sounds like a connection issue between different timesketch and opensearch. Can you verify your opensearch instance is up, running and functioning?

Cheers, Janosch

[Zodchyone]

Yes, I used this guide https://timesketch.org/guides/admin/install/ And I used deploy_timesketch.sh for deploying. My opensearch instance is up, running (acknowledment this via portainer)

Maybe, should I configure conf.env file with any changes before docker-compose deploying?

[jkppr]

I am able to reproduce the error on a fresh installation following the timesketch.org quick guide. I'm still looking into the a possible fix.

[jkppr]

@Zodchyone when you run into this error, do you try to access Timesketch on a ssh port forwarded connection?

My observation:

• Setup following https://timesketch.org/guides/admin/install/ and accessing the Timesketch web interface on http://<public IP>:80 does not trigger the problem.
• Forwarding port 80 to localhost and accessing Timesketch via http://localhost:80 does result in the same error you posted above.

Can you explain your setup in a bit more detail please?

[superfantafedera]

Hi I've got the same error described.

I'm accessing the timesketch from the IP address of the host (http://x.x.x.x:80). My configuration is slightly different: I have 2 node opensearch cluster. Another error I noticed is:

sqlalchemy.exc.IntegrityError: (psycopg2.errors.UniqueViolation) duplicate key value violates unique constraint "pg_type_typname_nsp_index"                                                   
DETAIL:  Key (typname, typnamespace)=(user_id_seq, 2200) already exists.                       

[SQL:                                                                                                                                                                                         
CREATE TABLE "user" (                                                                                                                                                                         
        id SERIAL NOT NULL,                                                                                                                                                                   
        created_at TIMESTAMP WITHOUT TIME ZONE,                                                                                                                                               
        updated_at TIMESTAMP WITHOUT TIME ZONE,                                                                                                                                               
        username VARCHAR(255),                                                                                                                                                                
        password VARCHAR(128),                                                                                                                                                                
        name VARCHAR(255),                                                                     
        email VARCHAR(255),                                                                                                                                                                   
        active BOOLEAN,                        
        admin BOOLEAN,                                                                                                                                                                        
        PRIMARY KEY (id),                                                                      
        UNIQUE (username)                                                                                                                                                                     
)

Initially I thought was an error of duplicated blank sketch, created a new one with random character as name but the problem persist. I also tried to create a second user, but still have the same error.