2021: The Year in Review

2021's Top Users

Most Time Reading

User	Hours Read
@stephenb	308
@Badger	226
@Christian_Dahlqvist	161
@leandrojmp	106
@aaron-nimocks	94
@warkolm	91
@DavidTurner	89
@dadoonet	42
@spinscale	38
@legoguy1000	37

Most Topics

User	Topics
@ElasticLiver	63
@Aniket_Pant	54
@Sandeep_Raju	53
@elasticforme	45
@its-ogawa	44
@willemdh	43
@riahc3	41
@BenB196	39
@padamrai	38
@ankitdevnalkar	37

Most Replies

User	Replies
@warkolm	3.7k
@Badger	2.16k
@stephenb	1.94k
@dadoonet	1.45k
@Christian_Dahlqvist	1.18k
@DavidTurner	818
@aaron-nimocks	630
@leandrojmp	576
@legoguy1000	501
@flash1293	493

Most Replied to

User	Replies
@warkolm	2.43k
@Badger	1.5k
@stephenb	1.47k
@dadoonet	936
@Christian_Dahlqvist	843
@DavidTurner	566
@aaron-nimocks	475
@leandrojmp	429
@flash1293	338
@legoguy1000	329

Most Likes Given

User	Likes
@warkolm	1.08k
@stephenb	416
@willemdh	222
@dadoonet	203
@Christian_Dahlqvist	170
@aaron-nimocks	105
@DavidTurner	86
@DMinovski	81
@ylasri	64
@ElasticLiver	53

Most Likes Received

User	Likes
@stephenb	473
@Badger	425
@warkolm	422
@DavidTurner	390
@dadoonet	338
@Christian_Dahlqvist	290
@leandrojmp	169
@aaron-nimocks	137
@spinscale	119
@wylie	114

Most Visits

User	Days Visited
@Christian_Dahlqvist	365
@Badger	365
@stephenb	364
@leandrojmp	363
@DavidTurner	361
@ylasri	344
@gabriel_tessier	338
@BenB196	337
@aaron-nimocks	331
@dadoonet	328

Daily Visits

Top #Elasticsearch Topics

Most Read

User	Topic	Hours Read
	Zero-day-exploit in log4j2 which is part of elasticsearch	78
	How to disable geoip usage in 7.14.0	9
	Elasticsearch 7.16.1 crashing randomly	8
	Elasticsearch installation	8
	Slow Cluster in Elastic Cloud since updating to 7.12	7

Most Replies

User	Topic	Replies
	Zero-day-exploit in log4j2 which is part of elasticsearch	93
	Elasticsearch query time range issue	50
	Watcher that counts the documents that arrive to an index in kibana	45
	Elasticsearch installation	45
	How to figure what what is using so much CPU and memory in Elastic Search?	41

Most Popular

User	Topic	Score
	Zero-day-exploit in log4j2 which is part of elasticsearch	22
	How to disable geoip usage in 7.14.0	19
	3 nodes in the cluster, 2 data and 1 master - why if one fails it takes the whole cluster down?	18
	Kibana unable to authenticate	18
	Higher CPU vs Higher Memory. Which helps in what cases?	17

Top #Kibana Topics

Most Read

User	Topic	Hours Read
	Kibana cannot connect to ES cluster - Unable to retrieve version information from Elasticsearch nodes	16
	Anonymous Kibana Users	8
	Kibana Status Code : 302	8
	How to disable Kibana security warning message	7
	Compare Two Indexes	6

Most Replies

User	Topic	Replies
	Kibana Status Code : 302	35
	Dynamic fetch data from index to generate TreeFlow	30
	Getting Error-Cannot delete files/directories outside the current working directory when i wants to generate visualization report in pdf	28
	Anonymous Kibana Users	27
	Yarn kbn bootstrap fails	27

Most Popular

User	Topic	Score
	How to disable Kibana security warning message	21
	KQL to filter for documents where a field exists and its value is less than a fixed number?	18
	Kibana Status Code : 302	18
	[ConnectionError]: connect ECONNREFUSED 127.0.0.1:9200"} and Server is not ready	18
	Unable to revive connection: http://localhost:9200 with Docker	18

Top #Logstash Topics

Most Read

User	Topic	Hours Read
	Logstash stopped processing because of an error: (SystemExit) exit	12
	CVE-2021-44228 aka log4shell is logstash and/or elasticsearch affected?	10
	Delete JndiLookup.class	7
	How to parase xml in logstash	7
	This interval creates too many buckets to show in the selected time rage	7

Most Replies

User	Topic	Replies
	Convert field containing a timestamp from string to a date / time or timestamp?	47
	Logstash not sending syslog to elasticsearch	41
	SQSSNSS3 plugin error queue not valid for endpoint	39
	Logstash Lookup Fields	35
	Ingesting JSON Data Samples w/ Logstash	33

Most Popular

User	Topic	Score
	CVE-2021-44228 aka log4shell is logstash and/or elasticsearch affected?	22
	Delete JndiLookup.class	19
	Logstash stopped processing because of an error: (SystemExit) exit	18
	Connection refused logstash to elasticsearch	18
	Logstash Parser error - tried to parse field as object, but found a concrete value	18

Top #Beats Topics

Most Read

User	Topic	Hours Read
	Filebeat as a UDP Syslog Listener Dropping Alot of Logs	10
	Unable to communicate with Fleet Server after Upgrade to 7.14	9
	Input 'aws-s3' failed with: failed to initialize s3 poller	9
	Filebeat is not reading the log file in real time	6
	Doubts about Filebeat Threat Intel Module [7.12.0]	6

Most Replies

User	Topic	Replies
	Input 'aws-s3' failed with: failed to initialize s3 poller	50
	GeoIP enrichment not working	30
	Action [indices:admin/auto_create] is unauthorized for API key id [####] of user [elastic/fleet-server] on indices [metricbeat-7.14.1-2021.09.08], this action is granted by the index privileges [auto_configure,create_index,manage,all]	29
	I have this error bash: ./metricbeat: cannot execute binary file: Exec format error	29
	Unable to enroll fleet server as assinged policy does not have fleet server input	26

Most Popular

User	Topic	Score
	Doubt about Elasticsearch module of Filebeat on container [7.9.2]	19
	Doubts about Filebeat Threat Intel Module [7.12.0]	18
	I have this error bash: ./metricbeat: cannot execute binary file: Exec format error	18
	Filesetup is not working	18
	Failed to start Filebeat sends log files to Logstash or directly to Elasticsearch	17

Top #APM Topics

Most Replies

User	Topic	Replies
	Problem with Elastic APM	28
	Agent 1.28.1 ERROR No Log4j 2 configuration file found	23
	APM and Koa unknown route	18
	APM Agent is not working on FIPS enabled java application	18
	Java GRPC Client not ending spans and not reporting to APM	18

Most Popular

User	Topic	Score
	Error Machine Learning in APM with Basic License	17
	Problem with Elastic APM	17
	Agent 1.28.1 ERROR No Log4j 2 configuration file found	17
	APM Java Agent error	16
	Opentelemetry agent unable to connect APM Server over secure connection	16

Top #Elastic Security Topics

Most Read

User	Topic	Hours Read
	All Rules are showing Failed	12
	Detection and Response for HAFNIUM Activity	11
	7.11.0 Detections need permissions	7
	Elastic Agent 7.14 -- Strange bug during enrollment "Elastic fleet agent bug"	7
	Do i need to install other "beats" with the elastic and endpoint agents or is something else wrong?	5

Most Liked

User	Topic	Likes
	Openness in Elastic Security's Agent artifacts	16
	Detection and Response for HAFNIUM Activity	15

Most Replies

User	Topic	Replies
	Do i need to install other "beats" with the elastic and endpoint agents or is something else wrong?	32
	All Rules are showing Failed	28
	Elastic Agent 7.14 -- Strange bug during enrollment "Elastic fleet agent bug"	15
	Endpoint 7.13 migration to 7.13.1 Lesson learned with Fleet “On-Prim” -Bad	15
	Elastic-agent.exe not running on target	14

Most Popular

User	Topic	Score
	Detection and Response for HAFNIUM Activity	19
	All Rules are showing Failed	18
	Openness in Elastic Security's Agent artifacts	17
	Elastic Agent 7.14 -- Strange bug during enrollment "Elastic fleet agent bug"	17
	OSQuery Live Queries don't go through	17

Top #Elastic Cloud on Kubernetes (ECK) Topics

Most Replies

User	Topic	Replies
	Deploying E+K onto K8s cluster, multiple subnets and nodegroups	18
	Kibana not connecting to Elasticsearch when providing external Certificate	12
	ECK - Fleet Server agent startup failure	11

Most Popular

User	Topic	Score
	ECK elasticsearch pod failing to start since it couldn't load persistent cache	16
	ECK - Fleet Server agent startup failure	16
	ECK Fleet startup failure on ECK on Cloud	16
	Deploying E+K onto K8s cluster, multiple subnets and nodegroups	16
	Kibana not connecting to Elasticsearch when providing external Certificate	16

Top #App Search Topics

Most Replies

User	Topic	Replies
	How to sort ResultView data	16
	Could not add document	14
	App-Search alerts and warning sample search response	11
	App Search indices not accessible through Kibana?	10

Most Popular

User	Topic	Score
	Failed to connect to Elastic search backend.make sure it is running and healthy	16
	App Search indices not accessible through Kibana?	16
	Tracking user activity in Appsearch UI through logs	16
	Failed to connect to App Search. Failed to open TCP connection to https:443 (initialize: name or service not known)	16
	Change AppSearch Query	16

Top #SIEM Topics

Most Read

User	Topic	Hours Read
	Indicator Match Detection Rule Not Matched and Mapped to Intel Feeds	8
	[ URLHaus threat intelligence ]: create a new rule	6
	Questions re elksiem	6

Most Replies

User	Topic	Replies
	Questions re elksiem	33
	[ URLHaus threat intelligence ]: create a new rule	17
	Indicator Match Detection Rule Not Matched and Mapped to Intel Feeds	16
	ElasticSIEM unable to find [logs-endpoint.alerts	11
	Elastic SIEM. Security rules doesn't work	11

Most Popular

User	Topic	Score
	Questions re elksiem	17
	Indicator Match Detection Rule Not Matched and Mapped to Intel Feeds	16
	ElasticSIEM unable to find [logs-endpoint.alerts	16
	Can't access Detections from a different space	16
	[ URLHaus threat intelligence ]: create a new rule	16

Most Bookmarked

User	Topic	Bookmarks
	Indicator Match Detection Rule Not Matched and Mapped to Intel Feeds	5

Top #Вопросы на русском языке Topics

Most Read

User	Topic	Hours Read
	Вычисляемые поля в Kibana	13
	Почему не работает dfs_query_then_fetch?	5

Most Replies

User	Topic	Replies
	Проблемы с ram	34
	Упорядоченный список в painless	26
	Почему не работает dfs_query_then_fetch?	23
	Kibana визуализация суммы часов	19
	Как достать вложенные объекты в скрипте при агрегации. How get object in script	17

Most Popular

User	Topic	Score
	Почему не работает dfs_query_then_fetch?	17
	Проблемы с ram	17
	Упорядоченный список в painless	16
	Сбор syslog с помощью ELK	16
	Kibana визуализация суммы часов	16

Top #Elastic Enterprise Search Topics

Most Replies

User	Topic	Replies
	How to keep EnterpriseSearch running all the time	22
	I cannot log in to Elastic Enterprise Search	17
	CORS Error while using the Elastic Enterprise Search	12
	Elastic Enterprise Search is starting successfully but URL doesn't works	11
	How do I get Enterprise search to use my existing indexes?	10

Most Popular

User	Topic	Score
	Elastic Enterprise Search is starting successfully but URL doesn't works	18
	CORS Error while using the Elastic Enterprise Search	17
	How to keep EnterpriseSearch running all the time	16
	I cannot log in to Elastic Enterprise Search	16
	How do I get Enterprise search to use my existing indexes?	15

Top #Endpoint Security Topics

Most Replies

User	Topic	Replies
	External NIC Blocked by Elastic Agent	23
	Elastic Agents disappearing	23
	Endpoint agent consistent 90+% CPU for some PCs	15
	Can't enroll MacOS agent	11

Most Popular

User	Topic	Score
	Endpoint agent consistent 90+% CPU for some PCs	17
	Elastic Agents disappearing	17
	Error when installing fleet server	16
	Endpoint Security without using Fleet	16
	External NIC Blocked by Elastic Agent	16

Top #日本語による質問・議論はこちら Topics

Most Replies

User	Topic	Replies
	折れ線グラフにおいて、日付単位で集計0件の場合にcountを0で集計させたい	13

Most Popular

User	Topic	Score
	折れ線グラフにおいて、日付単位で集計0件の場合にcountを0で集計させたい	15

Top #Elastic Observability Topics

Most Replies

User	Topic	Replies
	ILM not reclaiming back space in ELK Host server	20
	ElasticFleet randomly missing logs	14

Most Popular

User	Topic	Score
	ElasticFleet randomly missing logs	16
	ILM not reclaiming back space in ELK Host server	16

Top #Logs Topics

Most Replies

User	Topic	Replies
	Elastisearch query rule type hits contains only one document	15
	Trace.id and transaction.id not being added to log entry	13
	Subheadings in Elasticsearch/clean up system logs	12
	Structured logging with Filebeat	11

Most Popular

User	Topic	Score
	Trace.id and transaction.id not being added to log entry	17
	Structured logging with Filebeat	16
	Elastisearch query rule type hits contains only one document	16
	Avoid duplicates via node ingest pipelines	15
	Subheadings in Elasticsearch/clean up system logs	15

Top #Uptime Topics

Most Replies

User	Topic	Replies
	TLS Certificates dashboard is empty	15

Most Popular

User	Topic	Score
	Heartbeat TCP monitor does not return a "connection refused" message	16
	TLS Certificates dashboard is empty	16
	Need to disable all the steps snaps in Elastic Synthetic	16
	TLS Certificate Expired issue in Uptime	15

Top #Discussions en français Topics

Most Replies

User	Topic	Replies
	Fork AWS	16
	Rétention des logs différenciée (Développement, Intégration et exploitation)	14
	Json filter problème de brackets	12
	Docker / Bitnami/Elacticsearch / Pb d'upload	11
	Probleme de synchronisation entre logstash et kibana	10

Most Popular

User	Topic	Score
	Fork AWS	16
	Rétention des logs différenciée (Développement, Intégration et exploitation)	16
	Json filter problème de brackets	16
	Probleme de synchronisation entre logstash et kibana	15
	Docker / Bitnami/Elacticsearch / Pb d'upload	15

Top #Metrics Topics

Most Replies

User	Topic	Replies
	How to Know how many Metric beat agents are up and running	17
	Reference the count of a field name in metrics	16
	Metric beat oracle module configuration	13
	Mysql database monitoring	13

Most Popular

User	Topic	Score
	How to Know how many Metric beat agents are up and running	16
	Reference the count of a field name in metrics	16
	Mysql database monitoring	16
	Metric beat oracle module configuration	16
	Strange Behaviour in alerts	16

Top #Workplace Search Topics

Most Read

User	Topic	Hours Read
	Invalid field name: _allow_permissions,_deny_permissions	6
	Permission to add GoogleDrive to WorkplaceSearch	6

Most Replies

User	Topic	Replies
	Invalid field name: _allow_permissions,_deny_permissions	43
	Permission to add GoogleDrive to WorkplaceSearch	30
	Unknown problem occurred when syncing	16
	Enable readonly mode Elastic workplace search on docker desktop	13
	How to retrieve all document form a content source of Workplace search	11

Most Popular

User	Topic	Score
	Invalid field name: _allow_permissions,_deny_permissions	17
	Permission to add GoogleDrive to WorkplaceSearch	17
	Enable readonly mode Elastic workplace search on docker desktop	16
	No index pattern match of enterprise search in Kibana	16
	FSCrawler Ingest pdf error Exceeds maximum allowed document size of 102400 bytes	16