User admin doesn't exist

[cezarq]

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 29abff4488f8 docker-arkime-arkime "/data/startarkime.sh" 15 minutes ago Up 32 seconds 0.0.0.0:8005->8005/tcp, :::8005->8005/tcp docker-arkime-arkime-1 029767dad18f opensearchproject/opensearch:2 "./opensearch-docker…" 15 minutes ago Up 32 seconds 9200/tcp, 9300/tcp, 9600/tcp, 9650/tcp os01 a8df3547e844 containrrr/watchtower "/watchtower --clean…" 2 hours ago Up 38 minutes (healthy) 8080/tcp watchtower

root💀localhost:~# docker exec -it 29abff4488f8 /bin/bash

root@29abff4488f8:/opt/arkime# tail -f /data/logs/viewer.log AUTH: User admin doesn't exist Thu, 01 Aug 2024 13:51:41 GMT - GET / 401 - bytes 3.384 ms WARNING - Using authMode=digest since not set, add to config file to silence this warning. WARNING - No cronQueries=true found in /opt/arkime/etc/config.ini, one and only one node MUST have cronQueries=true set for cron/hunts to work /opt/arkime/viewer/viewer.js listening on host :: port 8005 in development mode Thu, 01 Aug 2024 13:56:09 GMT - GET / 401 - bytes 2.521 ms AUTH: User admin doesn't exist Thu, 01 Aug 2024 13:56:11 GMT - GET / 401 - bytes 5.705 ms AUTH: User admin doesn't exist Thu, 01 Aug 2024 13:56:14 GMT - GET / 401 - bytes 4.656 ms

[cezarq]

docker compose up [+] Running 2/0 ✔ Container os01 Created 0.0s ✔ Container docker-arkime-arkime-1 Created 0.0s Attaching to arkime-1, os01 os01 | Disabling OpenSearch Security Plugin os01 | Enabling execution of OPENSEARCH_HOME/bin/opensearch-performance-analyzer/performance-analyzer-agent-cli for OpenSearch Performance Analyzer Plugin arkime-1 | Giving OS time to start... arkime-1 | Waiting for OS to start arkime-1 | Waiting for OS to start os01 | WARNING: Using incubator modules: jdk.incubator.vector os01 | WARNING: A terminally deprecated method in java.lang.System has been called os01 | WARNING: System::setSecurityManager has been called by org.opensearch.bootstrap.OpenSearch (file:/usr/share/opensearch/lib/opensearch-2.15.0.jar) os01 | WARNING: Please consider reporting this to the maintainers of org.opensearch.bootstrap.OpenSearch os01 | WARNING: System::setSecurityManager will be removed in a future release os01 | Aug 01, 2024 1:55:53 PM sun.util.locale.provider.LocaleProviderAdapter os01 | WARNING: COMPAT locale provider will be removed in a future release arkime-1 | Waiting for OS to start os01 | WARNING: A terminally deprecated method in java.lang.System has been called os01 | WARNING: System::setSecurityManager has been called by org.opensearch.bootstrap.Security (file:/usr/share/opensearch/lib/opensearch-2.15.0.jar) os01 | WARNING: Please consider reporting this to the maintainers of org.opensearch.bootstrap.Security os01 | WARNING: System::setSecurityManager will be removed in a future release os01 | [2024-08-01T13:55:53,776][INFO ][o.o.n.Node ] [os01] version[2.15.0], pid[1], build[tar/61dbcd0795c9bfe9b81e5762175414bc38bbcadf/2024-06-20T03:26:49.193630411Z], OS[Linux/6.1.0-23-amd64/amd64], JVM[Eclipse Adoptium/OpenJDK 64-Bit Server VM/21.0.3/21.0.3+9-LTS] os01 | [2024-08-01T13:55:53,777][INFO ][o.o.n.Node ] [os01] JVM home [/usr/share/opensearch/jdk], using bundled JDK/JRE [true] os01 | [2024-08-01T13:55:53,777][INFO ][o.o.n.Node ] [os01] JVM arguments [-Xshare:auto, -Dopensearch.networkaddress.cache.ttl=60, -Dopensearch.networkaddress.cache.negative.ttl=10, -XX:+AlwaysPreTouch, -Xss1m, -Djava.awt.headless=true, -Dfile.encoding=UTF-8, -Djna.nosys=true, -XX:-OmitStackTraceInFastThrow, -XX:+ShowCodeDetailsInExceptionMessages, -Dio.netty.noUnsafe=true, -Dio.netty.noKeySetOptimization=true, -Dio.netty.recycler.maxCapacityPerThread=0, -Dio.netty.allocator.numDirectArenas=0, -Dlog4j.shutdownHookEnabled=false, -Dlog4j2.disable.jmx=true, -Djava.security.manager=allow, -Djava.locale.providers=SPI,COMPAT, -Xms1g, -Xmx1g, -XX:+UseG1GC, -XX:G1ReservePercent=25, -XX:InitiatingHeapOccupancyPercent=30, -Djava.io.tmpdir=/tmp/opensearch-18175505766882912589, -XX:+HeapDumpOnOutOfMemoryError, -XX:HeapDumpPath=data, -XX:ErrorFile=logs/hs_err_pid%p.log, -Xlog:gc*,gc+age=trace,safepoint:file=logs/gc.log:utctime,pid,tags:filecount=32,filesize=64m, -Djava.security.manager=allow, --add-modules=jdk.incubator.vector, -Djava.util.concurrent.ForkJoinPool.common.threadFactory=org.opensearch.secure_sm.SecuredForkJoinWorkerThreadFactory, -Dclk.tck=100, -Djdk.attach.allowAttachSelf=true, -Djava.security.policy=/usr/share/opensearch/config/opensearch-performance-analyzer/opensearch_security.policy, --add-opens=jdk.attach/sun.tools.attach=ALL-UNNAMED, -Dopensearch.cgroups.hierarchy.override=/, -Xms512m, -Xmx512m, -XX:MaxDirectMemorySize=268435456, -Dopensearch.path.home=/usr/share/opensearch, -Dopensearch.path.conf=/usr/share/opensearch/config, -Dopensearch.distribution.type=tar, -Dopensearch.bundled_jdk=true] arkime-1 | Waiting for OS to start os01 | [2024-08-01T13:55:54,767][INFO ][o.o.s.s.t.SSLConfig ] [os01] SSL dual mode is disabled os01 | [2024-08-01T13:55:54,767][WARN ][o.o.s.OpenSearchSecurityPlugin] [os01] OpenSearch Security plugin installed but disabled. This can expose your configuration (including passwords) to the public. os01 | [2024-08-01T13:55:55,422][INFO ][o.o.p.c.c.PluginSettings ] [os01] Config: metricsLocation: /dev/shm/performanceanalyzer/, metricsDeletionInterval: 1, httpsEnabled: false, cleanup-metrics-db-files: true, batch-metrics-retention-period-minutes: 7, rpc-port: 9650, webservice-port 9600 arkime-1 | Waiting for OS to start os01 | [2024-08-01T13:55:55,935][INFO ][o.o.i.r.ReindexPlugin ] [os01] ReindexPlugin reloadSPI called os01 | [2024-08-01T13:55:55,936][INFO ][o.o.i.r.ReindexPlugin ] [os01] Unable to find any implementation for RemoteReindexExtension os01 | [2024-08-01T13:55:55,981][INFO ][o.o.j.JobSchedulerPlugin ] [os01] Loaded scheduler extension: reports-scheduler, index: .opendistro-reports-definitions os01 | [2024-08-01T13:55:55,982][INFO ][o.o.j.JobSchedulerPlugin ] [os01] Loaded scheduler extension: opensearch_time_series_analytics, index: .opendistro-anomaly-detector-jobs os01 | [2024-08-01T13:55:55,983][INFO ][o.o.j.JobSchedulerPlugin ] [os01] Loaded scheduler extension: opendistro-index-management, index: .opendistro-ism-config os01 | [2024-08-01T13:55:55,984][INFO ][o.o.j.JobSchedulerPlugin ] [os01] Loaded scheduler extension: scheduler_geospatial_ip2geo_datasource, index: .scheduler-geospatial-ip2geo-datasource os01 | [2024-08-01T13:55:55,986][INFO ][o.o.j.JobSchedulerPlugin ] [os01] Loaded scheduler extension: opensearch_sap_job, index: .opensearch-sap--job os01 | [2024-08-01T13:55:56,001][INFO ][o.o.p.PluginsService ] [os01] loaded module [aggs-matrix-stats] os01 | [2024-08-01T13:55:56,001][INFO ][o.o.p.PluginsService ] [os01] loaded module [analysis-common] os01 | [2024-08-01T13:55:56,001][INFO ][o.o.p.PluginsService ] [os01] loaded module [cache-common] os01 | [2024-08-01T13:55:56,001][INFO ][o.o.p.PluginsService ] [os01] loaded module [geo] os01 | [2024-08-01T13:55:56,001][INFO ][o.o.p.PluginsService ] [os01] loaded module [ingest-common] os01 | [2024-08-01T13:55:56,001][INFO ][o.o.p.PluginsService ] [os01] loaded module [ingest-geoip] os01 | [2024-08-01T13:55:56,001][INFO ][o.o.p.PluginsService ] [os01] loaded module [ingest-user-agent] os01 | [2024-08-01T13:55:56,001][INFO ][o.o.p.PluginsService ] [os01] loaded module [lang-expression] os01 | [2024-08-01T13:55:56,001][INFO ][o.o.p.PluginsService ] [os01] loaded module [lang-mustache] os01 | [2024-08-01T13:55:56,001][INFO ][o.o.p.PluginsService ] [os01] loaded module [lang-painless] os01 | [2024-08-01T13:55:56,001][INFO ][o.o.p.PluginsService ] [os01] loaded module [mapper-extras] os01 | [2024-08-01T13:55:56,001][INFO ][o.o.p.PluginsService ] [os01] loaded module [opensearch-dashboards] os01 | [2024-08-01T13:55:56,001][INFO ][o.o.p.PluginsService ] [os01] loaded module [parent-join] os01 | [2024-08-01T13:55:56,002][INFO ][o.o.p.PluginsService ] [os01] loaded module [percolator] os01 | [2024-08-01T13:55:56,002][INFO ][o.o.p.PluginsService ] [os01] loaded module [rank-eval] os01 | [2024-08-01T13:55:56,002][INFO ][o.o.p.PluginsService ] [os01] loaded module [reindex] os01 | [2024-08-01T13:55:56,002][INFO ][o.o.p.PluginsService ] [os01] loaded module [repository-url] os01 | [2024-08-01T13:55:56,002][INFO ][o.o.p.PluginsService ] [os01] loaded module [search-pipeline-common] os01 | [2024-08-01T13:55:56,002][INFO ][o.o.p.PluginsService ] [os01] loaded module [systemd] os01 | [2024-08-01T13:55:56,002][INFO ][o.o.p.PluginsService ] [os01] loaded module [transport-netty4] os01 | [2024-08-01T13:55:56,002][INFO ][o.o.p.PluginsService ] [os01] loaded plugin [opensearch-alerting] os01 | [2024-08-01T13:55:56,002][INFO ][o.o.p.PluginsService ] [os01] loaded plugin [opensearch-anomaly-detection] os01 | [2024-08-01T13:55:56,002][INFO ][o.o.p.PluginsService ] [os01] loaded plugin [opensearch-asynchronous-search] os01 | [2024-08-01T13:55:56,002][INFO ][o.o.p.PluginsService ] [os01] loaded plugin [opensearch-cross-cluster-replication] os01 | [2024-08-01T13:55:56,003][INFO ][o.o.p.PluginsService ] [os01] loaded plugin [opensearch-custom-codecs] os01 | [2024-08-01T13:55:56,003][INFO ][o.o.p.PluginsService ] [os01] loaded plugin [opensearch-flow-framework] os01 | [2024-08-01T13:55:56,003][INFO ][o.o.p.PluginsService ] [os01] loaded plugin [opensearch-geospatial] os01 | [2024-08-01T13:55:56,003][INFO ][o.o.p.PluginsService ] [os01] loaded plugin [opensearch-index-management] os01 | [2024-08-01T13:55:56,003][INFO ][o.o.p.PluginsService ] [os01] loaded plugin [opensearch-job-scheduler] os01 | [2024-08-01T13:55:56,003][INFO ][o.o.p.PluginsService ] [os01] loaded plugin [opensearch-knn] os01 | [2024-08-01T13:55:56,003][INFO ][o.o.p.PluginsService ] [os01] loaded plugin [opensearch-ml] os01 | [2024-08-01T13:55:56,003][INFO ][o.o.p.PluginsService ] [os01] loaded plugin [opensearch-neural-search] os01 | [2024-08-01T13:55:56,003][INFO ][o.o.p.PluginsService ] [os01] loaded plugin [opensearch-notifications] os01 | [2024-08-01T13:55:56,003][INFO ][o.o.p.PluginsService ] [os01] loaded plugin [opensearch-notifications-core] os01 | [2024-08-01T13:55:56,003][INFO ][o.o.p.PluginsService ] [os01] loaded plugin [opensearch-observability] os01 | [2024-08-01T13:55:56,003][INFO ][o.o.p.PluginsService ] [os01] loaded plugin [opensearch-performance-analyzer] os01 | [2024-08-01T13:55:56,003][INFO ][o.o.p.PluginsService ] [os01] loaded plugin [opensearch-reports-scheduler] os01 | [2024-08-01T13:55:56,003][INFO ][o.o.p.PluginsService ] [os01] loaded plugin [opensearch-security] os01 | [2024-08-01T13:55:56,003][INFO ][o.o.p.PluginsService ] [os01] loaded plugin [opensearch-security-analytics] os01 | [2024-08-01T13:55:56,003][INFO ][o.o.p.PluginsService ] [os01] loaded plugin [opensearch-skills] os01 | [2024-08-01T13:55:56,003][INFO ][o.o.p.PluginsService ] [os01] loaded plugin [opensearch-sql] os01 | [2024-08-01T13:55:56,059][INFO ][o.o.e.ExtensionsManager ] [os01] ExtensionsManager initialized os01 | [2024-08-01T13:55:56,069][INFO ][o.a.l.s.MemorySegmentIndexInputProvider] [os01] Using MemorySegmentIndexInput with Java 21 or later; to disable start with -Dorg.apache.lucene.store.MMapDirectory.enableMemorySegments=false os01 | [2024-08-01T13:55:56,076][INFO ][o.o.e.NodeEnvironment ] [os01] using [1] data paths, mounts [[/usr/share/opensearch/data (/dev/mapper/warmachine--vg-root)]], net usable_space [358.4gb], net total_space [437.6gb], types [ext4] os01 | [2024-08-01T13:55:56,076][INFO ][o.o.e.NodeEnvironment ] [os01] heap size [512mb], compressed ordinary object pointers [true] os01 | [2024-08-01T13:55:56,157][INFO ][o.o.n.Node ] [os01] node name [os01], node ID [rlCj-0H4TlyNguqelaMnqQ], cluster name [docker-cluster], roles [ingest, remote_cluster_client, data, cluster_manager] arkime-1 | Waiting for OS to start arkime-1 | Waiting for OS to start os01 | [2024-08-01T13:55:57,858][DEPRECATION][o.o.d.c.s.Settings ] [os01] [index.store.hybrid.mmap.extensions] setting was deprecated in OpenSearch and will be removed in a future release! See the breaking changes documentation for the next major version. os01 | [2024-08-01T13:55:58,314][INFO ][o.o.n.p.NeuralSearch ] [os01] Registering hybrid query phase searcher with feature flag [plugins.neural_search.hybrid_search_disabled] arkime-1 | Waiting for OS to start os01 | [2024-08-01T13:55:59,013][INFO ][o.o.t.b.CircuitBreakerService] [os01] Registered memory breaker. os01 | [2024-08-01T13:55:59,398][INFO ][o.o.m.b.MLCircuitBreakerService] [os01] Registered ML memory breaker. os01 | [2024-08-01T13:55:59,398][INFO ][o.o.m.b.MLCircuitBreakerService] [os01] Registered ML disk breaker. os01 | [2024-08-01T13:55:59,398][INFO ][o.o.m.b.MLCircuitBreakerService] [os01] Registered ML native memory breaker. os01 | [2024-08-01T13:55:59,490][INFO ][o.r.Reflections ] [os01] Reflections took 41 ms to scan 1 urls, producing 26 keys and 67 values os01 | [2024-08-01T13:55:59,577][WARN ][o.o.s.p.SQLPlugin ] [os01] Master key is a required config for using create and update datasource APIs. Please set plugins.query.datasources.encryption.masterkey config in opensearch.yml in all the cluster nodes. More details can be found here: https://github.com/opensearch-project/sql/blob/main/docs/user/ppl/admin/datasources.rst#master-key-config-for-encrypting-credential-information arkime-1 | Waiting for OS to start os01 | [2024-08-01T13:56:00,205][INFO ][o.o.t.NettyAllocator ] [os01] creating NettyAllocator with the following configs: [name=unpooled, suggested_max_allocation_size=256kb, factors={opensearch.unsafe.use_unpooled_allocator=null, g1gc_enabled=true, g1gc_region_size=1mb, heap_size=512mb}] os01 | [2024-08-01T13:56:00,296][INFO ][o.o.d.DiscoveryModule ] [os01] using discovery type [single-node] and seed hosts providers [settings] arkime-1 | Waiting for OS to start os01 | [2024-08-01T13:56:00,770][WARN ][o.o.g.DanglingIndicesState] [os01] gateway.auto_import_dangling_indices is disabled, dangling indices will not be automatically detected or imported and must be managed manually os01 | [2024-08-01T13:56:01,458][INFO ][o.o.p.h.c.PerformanceAnalyzerConfigAction] [os01] PerformanceAnalyzer Enabled: false os01 | [2024-08-01T13:56:01,519][INFO ][o.o.n.Node ] [os01] initialized os01 | [2024-08-01T13:56:01,519][INFO ][o.o.n.Node ] [os01] starting ... os01 | [2024-08-01T13:56:01,562][INFO ][o.o.s.l.BuiltinLogTypeLoader] [os01] Loaded [windows_logtype.json] log type os01 | [2024-08-01T13:56:01,563][INFO ][o.o.s.l.BuiltinLogTypeLoader] [os01] Loaded [waf_logtype.json] log type os01 | [2024-08-01T13:56:01,564][INFO ][o.o.s.l.BuiltinLogTypeLoader] [os01] Loaded [vpcflow_logtype.json] log type os01 | [2024-08-01T13:56:01,564][INFO ][o.o.s.l.BuiltinLogTypeLoader] [os01] Loaded [test_windows_logtype.json] log type os01 | [2024-08-01T13:56:01,565][INFO ][o.o.s.l.BuiltinLogTypeLoader] [os01] Loaded [s3_logtype.json] log type os01 | [2024-08-01T13:56:01,565][INFO ][o.o.s.l.BuiltinLogTypeLoader] [os01] Loaded [others_web_logtype.json] log type os01 | [2024-08-01T13:56:01,566][INFO ][o.o.s.l.BuiltinLogTypeLoader] [os01] Loaded [others_proxy_logtype.json] log type os01 | [2024-08-01T13:56:01,566][INFO ][o.o.s.l.BuiltinLogTypeLoader] [os01] Loaded [others_macos_logtype.json] log type os01 | [2024-08-01T13:56:01,567][INFO ][o.o.s.l.BuiltinLogTypeLoader] [os01] Loaded [others_compliance_logtype.json] log type os01 | [2024-08-01T13:56:01,567][INFO ][o.o.s.l.BuiltinLogTypeLoader] [os01] Loaded [others_cloud_logtype.json] log type os01 | [2024-08-01T13:56:01,567][INFO ][o.o.s.l.BuiltinLogTypeLoader] [os01] Loaded [others_apt_logtype.json] log type os01 | [2024-08-01T13:56:01,568][INFO ][o.o.s.l.BuiltinLogTypeLoader] [os01] Loaded [others_application_logtype.json] log type os01 | [2024-08-01T13:56:01,568][INFO ][o.o.s.l.BuiltinLogTypeLoader] [os01] Loaded [okta_logtype.json] log type os01 | [2024-08-01T13:56:01,569][INFO ][o.o.s.l.BuiltinLogTypeLoader] [os01] Loaded [network_logtype.json] log type os01 | [2024-08-01T13:56:01,569][INFO ][o.o.s.l.BuiltinLogTypeLoader] [os01] Loaded [netflow_logtype.json] log type os01 | [2024-08-01T13:56:01,570][INFO ][o.o.s.l.BuiltinLogTypeLoader] [os01] Loaded [m365_logtype.json] log type os01 | [2024-08-01T13:56:01,570][INFO ][o.o.s.l.BuiltinLogTypeLoader] [os01] Loaded [linux_logtype.json] log type os01 | [2024-08-01T13:56:01,571][INFO ][o.o.s.l.BuiltinLogTypeLoader] [os01] Loaded [gworkspace_logtype.json] log type os01 | [2024-08-01T13:56:01,571][INFO ][o.o.s.l.BuiltinLogTypeLoader] [os01] Loaded [github_logtype.json] log type os01 | [2024-08-01T13:56:01,571][INFO ][o.o.s.l.BuiltinLogTypeLoader] [os01] Loaded [dns_logtype.json] log type os01 | [2024-08-01T13:56:01,572][INFO ][o.o.s.l.BuiltinLogTypeLoader] [os01] Loaded [cloudtrail_logtype.json] log type os01 | [2024-08-01T13:56:01,572][INFO ][o.o.s.l.BuiltinLogTypeLoader] [os01] Loaded [azure_logtype.json] log type os01 | [2024-08-01T13:56:01,573][INFO ][o.o.s.l.BuiltinLogTypeLoader] [os01] Loaded [apache_access_logtype.json] log type os01 | [2024-08-01T13:56:01,573][INFO ][o.o.s.l.BuiltinLogTypeLoader] [os01] Loaded [ad_ldap_logtype.json] log type arkime-1 | Waiting for OS to start os01 | [2024-08-01T13:56:01,683][INFO ][o.o.t.TransportService ] [os01] publish_address {172.18.0.2:9300}, bound_addresses {[::]:9300} os01 | [2024-08-01T13:56:01,685][INFO ][o.o.t.TransportService ] [os01] Remote clusters initialized successfully. os01 | [2024-08-01T13:56:01,903][INFO ][o.o.c.c.Coordinator ] [os01] cluster UUID [sOkku5K2TZGU60nZEoCMVA] os01 | [2024-08-01T13:56:01,962][INFO ][o.o.c.s.MasterService ] [os01] elected-as-cluster-manager ([1] nodes joined)[{os01}{rlCj-0H4TlyNguqelaMnqQ}{q012GRv9TgKOL1OAvK6bsA}{172.18.0.2}{172.18.0.2:9300}{dimr}{shard_indexing_pressure_enabled=true} elect leader, _BECOME_CLUSTER_MANAGERTASK, _FINISHELECTION], term: 11, version: 298, delta: cluster-manager node changed {previous [], current [{os01}{rlCj-0H4TlyNguqelaMnqQ}{q012GRv9TgKOL1OAvK6bsA}{172.18.0.2}{172.18.0.2:9300}{dimr}{shard_indexing_pressure_enabled=true}]} os01 | [2024-08-01T13:56:02,028][INFO ][o.o.c.s.ClusterApplierService] [os01] cluster-manager node changed {previous [], current [{os01}{rlCj-0H4TlyNguqelaMnqQ}{q012GRv9TgKOL1OAvK6bsA}{172.18.0.2}{172.18.0.2:9300}{dimr}{shard_indexing_pressure_enabled=true}]}, term: 11, version: 298, reason: Publication{term=11, version=298} os01 | [2024-08-01T13:56:02,034][INFO ][o.o.t.i.IndexManagement ] [os01] Candidate custom result indices are empty. os01 | [2024-08-01T13:56:02,035][INFO ][o.o.t.i.IndexManagement ] [os01] Candidate custom result indices are empty. os01 | [2024-08-01T13:56:02,035][INFO ][o.o.t.c.ClusterEventListener] [os01] Cluster is not recovered yet. os01 | [2024-08-01T13:56:02,066][INFO ][o.o.i.i.ManagedIndexCoordinator] [os01] Cache cluster manager node onClusterManager time: 1722520562066 os01 | [2024-08-01T13:56:02,077][WARN ][o.o.p.c.s.h.ConfigOverridesClusterSettingHandler] [os01] Config override setting update called with empty string. Ignoring. os01 | [2024-08-01T13:56:02,085][INFO ][o.o.d.PeerFinder ] [os01] setting findPeersInterval to [1s] as node commission status = [true] for local node [{os01}{rlCj-0H4TlyNguqelaMnqQ}{q012GRv9TgKOL1OAvK6bsA}{172.18.0.2}{172.18.0.2:9300}{dimr}{shard_indexing_pressure_enabled=true}] os01 | [2024-08-01T13:56:02,087][WARN ][o.o.c.r.a.AllocationService] [os01] Falling back to single shard assignment since batch mode disable or multiple custom allocators set os01 | [2024-08-01T13:56:02,093][INFO ][o.o.h.AbstractHttpServerTransport] [os01] publish_address {172.18.0.2:9200}, bound_addresses {[::]:9200} os01 | [2024-08-01T13:56:02,093][INFO ][o.o.n.Node ] [os01] started os01 | [2024-08-01T13:56:02,094][INFO ][o.o.s.OpenSearchSecurityPlugin] [os01] 0 OpenSearch Security modules loaded so far: [] os01 | [2024-08-01T13:56:02,112][WARN ][o.o.c.r.a.AllocationService] [os01] Falling back to single shard assignment since batch mode disable or multiple custom allocators set os01 | [2024-08-01T13:56:02,172][INFO ][o.o.c.s.ClusterSettings ] [os01] updating [plugins.index_state_management.template_migration.control] from [0] to [-1] os01 | [2024-08-01T13:56:02,178][INFO ][o.o.t.c.HashRing ] [os01] Node added: [rlCj-0H4TlyNguqelaMnqQ] os01 | [2024-08-01T13:56:02,180][INFO ][o.o.t.c.HashRing ] [os01] Add data node to version hash ring: rlCj-0H4TlyNguqelaMnqQ os01 | [2024-08-01T13:56:02,182][INFO ][o.o.t.c.HashRing ] [os01] All nodes with known version: {rlCj-0H4TlyNguqelaMnqQ=ADNodeInfo{version=2.15.0, isEligibleDataNode=true}} os01 | [2024-08-01T13:56:02,182][INFO ][o.o.t.c.HashRing ] [os01] Rebuild hash ring for realtime with cooldown, nodeChangeEvents size 0 os01 | [2024-08-01T13:56:02,182][INFO ][o.o.t.c.HashRing ] [os01] Build version hash ring successfully os01 | [2024-08-01T13:56:02,183][INFO ][o.o.t.c.ADDataMigrator ] [os01] Start migrating AD data os01 | [2024-08-01T13:56:02,183][INFO ][o.o.t.c.ADDataMigrator ] [os01] AD job index doesn't exist, no need to migrate os01 | [2024-08-01T13:56:02,183][INFO ][o.o.t.c.ClusterEventListener] [os01] Init version hash ring successfully os01 | [2024-08-01T13:56:02,205][INFO ][o.o.g.GatewayService ] [os01] recovered [15] indices into cluster_state os01 | [2024-08-01T13:56:02,209][INFO ][o.o.s.l.LogTypeService ] [os01] Loading builtin types! os01 | [2024-08-01T13:56:02,212][INFO ][o.o.s.l.LogTypeService ] [os01] Indexing [429] fieldMappingDocs from logTypes: 24 os01 | [2024-08-01T13:56:02,241][WARN ][o.o.o.i.ObservabilityIndex] [os01] message: index [.opensearch-observability/oJc_L-92Tc6jnMXQPynqoA] already exists os01 | [2024-08-01T13:56:02,242][WARN ][o.o.c.r.a.AllocationService] [os01] Falling back to single shard assignment since batch mode disable or multiple custom allocators set os01 | [2024-08-01T13:56:02,250][WARN ][o.o.s.SecurityAnalyticsPlugin] [os01] Failed to initialize LogType config index and builtin log types os01 | [2024-08-01T13:56:02,324][INFO ][o.o.p.PluginsService ] [os01] PluginService:onIndexModule index:[arkime_fields_v30/GZ9nsZe_S4ODCa9NYNuI7g] os01 | [2024-08-01T13:56:02,429][INFO ][o.o.p.PluginsService ] [os01] PluginService:onIndexModule index:[arkime_files_v30/IKCYjvE9RQirr6F4KRUVWQ] os01 | [2024-08-01T13:56:02,445][INFO ][o.o.p.PluginsService ] [os01] PluginService:onIndexModule index:[arkime_sequence_v30/53GAM5n_QGa5w-44zpZAQw] os01 | [2024-08-01T13:56:02,689][WARN ][o.o.c.r.a.AllocationService] [os01] Falling back to single shard assignment since batch mode disable or multiple custom allocators set os01 | [2024-08-01T13:56:02,773][INFO ][o.o.p.PluginsService ] [os01] PluginService:onIndexModule index:[arkime_dstats_v30/CtU99_oTTsmv5DgdbnN8gA] os01 | [2024-08-01T13:56:02,784][INFO ][o.o.p.PluginsService ] [os01] PluginService:onIndexModule index:[arkime_stats_v30/JFBGcdT6T3ilxJdQ3wHVtQ] os01 | [2024-08-01T13:56:02,790][INFO ][o.o.p.PluginsService ] [os01] PluginService:onIndexModule index:[arkime_users_v30/aMAmCtHjT66wibrpqSUhlQ] os01 | [2024-08-01T13:56:02,966][WARN ][o.o.c.r.a.AllocationService] [os01] Falling back to single shard assignment since batch mode disable or multiple custom allocators set os01 | [2024-08-01T13:56:03,040][INFO ][o.o.p.PluginsService ] [os01] PluginService:onIndexModule index:[arkime_views_v40/UWgRLD7tT-KIy47c3W27Rw] os01 | [2024-08-01T13:56:03,047][INFO ][o.o.p.PluginsService ] [os01] PluginService:onIndexModule index:[arkime_notifiers_v40/KT6yutzkTkeETRAYw-ESmg] os01 | [2024-08-01T13:56:03,053][INFO ][o.o.p.PluginsService ] [os01] PluginService:onIndexModule index:[arkime_queries_v30/okO5H8YbTse3fSKuI_CGZQ] os01 | [2024-08-01T13:56:03,066][INFO ][o.o.p.PluginsService ] [os01] PluginService:onIndexModule index:[arkime_parliament_v50/AydKI-BzQhKx_i8aSeWZfg] os01 | [2024-08-01T13:56:03,082][INFO ][o.o.s.l.LogTypeService ] [os01] Loading builtin types! os01 | [2024-08-01T13:56:03,084][INFO ][o.o.s.l.LogTypeService ] [os01] Indexing [429] fieldMappingDocs from logTypes: 24 os01 | [2024-08-01T13:56:03,086][INFO ][o.o.s.l.LogTypeService ] [os01] Loading builtin types! os01 | [2024-08-01T13:56:03,087][INFO ][o.o.s.l.LogTypeService ] [os01] Indexing [429] fieldMappingDocs from logTypes: 24 os01 | [2024-08-01T13:56:03,092][INFO ][o.o.s.i.DetectorIndexManagementService] [os01] info deleteOldIndices os01 | [2024-08-01T13:56:03,096][INFO ][o.o.s.i.DetectorIndexManagementService] [os01] No Old Correlation Indices to delete os01 | [2024-08-01T13:56:03,205][WARN ][o.o.c.r.a.AllocationService] [os01] Falling back to single shard assignment since batch mode disable or multiple custom allocators set os01 | [2024-08-01T13:56:03,259][INFO ][o.o.p.PluginsService ] [os01] PluginService:onIndexModule index:[.opensearch-observability/oJc_L-92Tc6jnMXQPynqoA] os01 | [2024-08-01T13:56:03,277][INFO ][o.o.p.PluginsService ] [os01] PluginService:onIndexModule index:[arkime_lookups_v30/SUNZkaj4T6S2pyawDyvjXw] os01 | [2024-08-01T13:56:03,283][INFO ][o.o.p.PluginsService ] [os01] PluginService:onIndexModule index:[.plugins-ml-config/yXbTt-8BS3WkS8i3e6OVSg] os01 | [2024-08-01T13:56:03,290][INFO ][o.o.p.PluginsService ] [os01] PluginService:onIndexModule index:[arkime_hunts_v30/O3oX4NumSzKXVQJc5FyxLg] os01 | [2024-08-01T13:56:03,421][WARN ][o.o.c.r.a.AllocationService] [os01] Falling back to single shard assignment since batch mode disable or multiple custom allocators set os01 | [2024-08-01T13:56:03,488][INFO ][o.o.p.PluginsService ] [os01] PluginService:onIndexModule index:[.opensearch-sap-log-types-config/0cx0r80uQwKwpULzeSL6uQ] os01 | [2024-08-01T13:56:03,547][INFO ][o.o.c.r.a.AllocationService] [os01] Cluster health status changed from [RED] to [GREEN] (reason: [shards started [[.opensearch-sap-log-types-config][0]]]). os01 | [2024-08-01T13:56:03,589][WARN ][o.o.c.r.a.AllocationService] [os01] Falling back to single shard assignment since batch mode disable or multiple custom allocators set arkime-1 | arkime-1 | OS started... arkime-1 | * Starting periodic command scheduler cron arkime-1 | ...done. arkime-1 | Look at log files for errors arkime-1 | /data/logs/viewer.log arkime-1 | Launch viewer... arkime-1 | Visit http://127.0.0.1:8005 with your favorite browser. arkime-1 | user: admin arkime-1 | password: admin arkime-1 | /opt/arkime/viewer /opt/arkime os01 | [2024-08-01T13:56:12,076][INFO ][o.o.m.a.MLModelAutoReDeployer] [os01] Index not found, not performing auto reloading! os01 | [2024-08-01T13:56:12,076][INFO ][o.o.m.c.MLCommonsClusterManagerEventListener] [os01] Starting ML sync up job... os01 | [2024-08-01T13:56:22,084][INFO ][o.o.m.c.MLSyncUpCron ] [os01] ML configuration already initialized, no action needed os01 | [2024-08-01T13:57:02,069][INFO ][o.o.i.i.ManagedIndexCoordinator] [os01] Performing move cluster state metadata. os01 | [2024-08-01T13:57:02,071][INFO ][o.o.i.i.MetadataService ] [os01] ISM config index not exist, so we cancel the metadata migration job. os01 | [2024-08-01T13:58:02,069][INFO ][o.o.i.i.ManagedIndexCoordinator] [os01] Cancel background move metadata process. os01 | [2024-08-01T13:58:02,071][INFO ][o.o.i.i.ManagedIndexCoordinator] [os01] Performing move cluster state metadata. os01 | [2024-08-01T13:58:02,071][INFO ][o.o.i.i.MetadataService ] [os01] Move metadata has finished. os01 | [2024-08-01T14:01:01,906][INFO ][o.o.j.s.JobSweeper ] [os01] Running full sweep os01 | [2024-08-01T14:01:02,073][INFO ][o.o.i.i.PluginVersionSweepCoordinator] [os01] Canceling sweep ism plugin version job os01 | [2024-08-01T14:06:01,908][INFO ][o.o.j.s.JobSweeper ] [os01] Running full sweep os01 | [2024-08-01T14:11:01,909][INFO ][o.o.j.s.JobSweeper ] [os01] Running full sweep os01 | [2024-08-01T14:11:02,074][INFO ][o.o.s.s.c.FlintStreamingJobHouseKeeperTask] [os01] Starting housekeeping task for auto refresh streaming jobs. os01 | [2024-08-01T14:11:02,081][INFO ][o.o.s.s.c.FlintStreamingJobHouseKeeperTask] [os01] Finished housekeeping task for auto refresh streaming jobs. os01 | [2024-08-01T14:16:01,910][INFO ][o.o.j.s.JobSweeper ] [os01] Running full sweep os01 | [2024-08-01T14:21:01,910][INFO ][o.o.j.s.JobSweeper ] [os01] Running full sweep os01 | [2024-08-01T14:26:01,911][INFO ][o.o.j.s.JobSweeper ] [os01] Running full sweep os01 | [2024-08-01T14:26:02,082][INFO ][o.o.s.s.c.FlintStreamingJobHouseKeeperTask] [os01] Starting housekeeping task for auto refresh streaming jobs. os01 | [2024-08-01T14:26:02,083][INFO ][o.o.s.s.c.FlintStreamingJobHouseKeeperTask] [os01] Finished housekeeping task for auto refresh streaming jobs. os01 | [2024-08-01T14:31:01,912][INFO ][o.o.j.s.JobSweeper ] [os01] Running full sweep os01 | [2024-08-01T15:04:29,083][INFO ][o.o.j.s.JobSweeper ] [os01] Running full sweep

[cezarq]

Sorry, but I had to remove the volumes manually and run the compose again and worked.

docker volume rm docker-arkime_arkime_config docker-arkime_arkime_logs docker-arkime_os01_data

docker compose up -d

[mammo0]

Hello @cezarq,

at first I'm glad that you solved your problem by yourself.

But for next time please

1. use Markdown code blocks for pasting output of terminal sessions and/or log files and
2. write more details about your issue, e.g.
   • What commands did you run and in which order?
   • Do you use another setup than the one that is described in the README?

Otherwise it's really hard to understand for me what's going wrong. Thank you.