Kibana Fails to Present Discover Panel after Upgrade

[sempervictus]

Wazuh	Elastic	Rev	Security
4.3.6	7.10.2	4xxx	Basic

Browser
Chrome, Firefox

Description Loading the Kibana Discover page with any wazuh-* index selected produces a Kibana error:

Wrapper@https://hids.master.fqdn/36136/bundles/core/core.entry.js:6:4249
_createSuperInternal@https://hids.master.fqdn/36136/bundles/core/core.entry.js:6:3388
HttpFetchError@https://hids.master.fqdn/36136/bundles/core/core.entry.js:6:6016
_callee3$@https://hids.master.fqdn/36136/bundles/core/core.entry.js:6:59535
l@https://hids.master.fqdn/36136/bundles/kbn-ui-shared-deps/kbn-ui-shared-deps.js:380:982071
s/o._invoke</<@https://hids.master.fqdn/36136/bundles/kbn-ui-shared-deps/kbn-ui-shared-deps.js:380:981825
_/</e[t]@https://hids.master.fqdn/36136/bundles/kbn-ui-shared-deps/kbn-ui-shared-deps.js:380:982428
fetch_asyncGeneratorStep@https://hids.master.fqdn/36136/bundles/core/core.entry.js:6:52652
_next@https://hids.master.fqdn/36136/bundles/core/core.entry.js:6:52992

Steps to reproduce

1. Upgrade from 3.x -> 4.2.7 -> 4.3.6 (though its not consistent - other servers have upgraded with no issues)
2. Open discover tab
3. Select a wazuh-alrerts or monitoring index (or an old wazuh-alerts-3* index around from the olden days)
4. Observe the failures

Expected Result

1. Discover searches work

Actual Result

1. Kibana crash preventing use of discover views

[sempervictus]

This is also occurring at the Security Events view of the Wazuh Kibana app itself - same error, but events do show up in the bottom pane, however the charts are not correctly rendered.

[AlexRuiz7]

Hello @sempervictus

Indeed, this looks like an error related to the Wazuh app. My guess is something related to the index pattern. I'll add this issue to our backlog, and we'll further investigate it, solving it if possible.

Thank you very much for your report.

Regards, Alex