taylorwalton
commented
3 weeks ago sounds like you upgraded to version 4.8 of wazuh
Closed kmendell closed 3 weeks ago
taylorwalton
commented
3 weeks ago sounds like you upgraded to version 4.8 of wazuh
Describe the bug Alerts are not showing up in CoPilot as it cant find the timestamp field
I looked in Graylog and it does havea Timestamp field.
To Reproduce Steps to reproduce the behavior:
Login to CoPilot Click Alerts See the error
Expected behavior Alerts show up
Screenshots
**Container Logs
copilot-backend-1 | 2024-06-14 17:41:07.600 | WARNING | app.connectors.wazuh_indexer.services.alerts:collect_alerts_generic:112 - An error occurred while collecting alerts: RequestError(400, 'search_phase_execution_exception', 'No mapping found for [timestamp] in order to sort on') copilot-backend-1 | 2024-06-14 17:41:07.600 | WARNING | app.connectors.wazuh_indexer.services.alerts:collect_alerts_generic:124 - An error occurred while collecting alerts: RequestError(400, 'search_phase_execution_exception', 'No mapping found for [timestamp] in order to sort on') copilot-backend-1 | 2024-06-14 17:41:07.600 | WARNING | app.connectors.wazuh_indexer.services.alerts:get_alerts_generic:186 - An error occurred while processing index .plugins-ml-config: An error occurred while collecting alerts: RequestError(400, 'search_phase_execution_exception', 'No mapping found for [timestamp] in order to sort on')