Cannot load dashboard

skyluke.1987 · February 19, 2020, 7:58am

Hi I have ES installed and run on Server A, while Packetbeat is installed on Server B.

Which port I need to open to allows connection between these servers ?
Kibana port is opened, ES 9200 is opened.

Error on Packetbeat logs:
error loading /usr/share/packetbeat/kibana/7/dashboard/Packetbeat-tls.json: . Response: {"objects":[{"id":"Navigation-ecs","type":"visualization","updated_at":"2020-02-19T07:28:57.170Z","version":"WzI4MzQ2NDgsODBd","attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"filter\":[],\"query\":{\"query\":{\"query_st... (truncated)

Any settings are wrong that causing this to happened ?

shaunak · February 19, 2020, 6:01pm

Could you post your complete packetbeat.yml configuration file, please, enclosed in ``` to ensure correct formatting/indentation? Please redact any sensitive information before posting.

Also, which version of Packetbeat and Kibana are you using?

Finally, could you share more of the logs, maybe a few lines before and after the error message you've posted?

skyluke.1987 · February 20, 2020, 1:22am

Hi below are my contents in my packetbeat.yml file.

packetbeat.interfaces.device: any
packetbeat.interfaces.type: af_packet
packetbeat.interfaces.buffer_size_mb: 100

packetbeat.flows:
  timeout: 30s
  period: 10s

packetbeat.protocols:
- type: icmp
  enabled: true

- type: amqp
  ports: [5672]

- type: cassandra
  ports: [9042]

- type: dhcpv4
  ports: [67, 68]

- type: dns
  ports: [53]

- type: http
  ports: [80, 8080, 8000, 5000, 8002]

- type: memcache
  ports: [11211]

- type: mysql
  ports: [3306,3307]

- type: pgsql
  ports: [5432]

- type: redis
  ports: [6379]

- type: thrift
  ports: [9090]

- type: mongodb
  ports: [27017]

- type: nfs
  ports: [2049]

- type: tls
  ports:
- 443   # HTTPS
- 993   # IMAPS
- 995   # POP3S
- 5223  # XMPP over SSL
- 8443
- 8883  # Secure MQTT
- 9243  # Elasticsearch

setup.template.settings:
  index.number_of_shards: 1
  index.number_of_replicas: 0

setup.template.name: "packetbeat"
setup.template.pattern: "packetbeat-*"

setup.dashboards.enabled: true

setup.kibana:
  host: "ip:5910"

output.elasticsearch:
  hosts: ["ip:9200"]

  username: ""
  password: "**"
  index: "%{[fields.log_type]}-%{[agent.version]}-%{+yyyy.MM.dd}"
  pipeline: "%{[fields.log_type]}_pipeline"

logging.level: debug
logging.to_files: true
logging.files:
  path: /var/log/packetbeat
  name: packetbeat
  keepfiles: 7
  permissions: 0644

xpack.monitoring.enabled: true

xpack.monitoring.elasticsearch:
  username: ""
  password: "**"

Both Packetbeat and kibana are same version as 7.1.1.

2020-02-19T15:22:54.990+0800    INFO    [monitoring]    log/log.go:153  Uptime: 15.672521028s
2020-02-19T15:22:54.990+0800    INFO    [monitoring]    log/log.go:130  Stopping metrics logging.
2020-02-19T15:22:54.990+0800    DEBUG   [monitoring]    pipeline/client.go:149  client: closing acker
2020-02-19T15:22:54.990+0800    INFO    [monitoring]    elasticsearch/elasticsearch.go:277      Stop monitoring stats metrics snapshot loop.
2020-02-19T15:22:54.990+0800    DEBUG   [monitoring]    pipeline/client.go:151  client: done closing acker
2020-02-19T15:22:54.990+0800    INFO    [monitoring]    elasticsearch/elasticsearch.go:277      Stop monitoring state metrics snapshot loop.
2020-02-19T15:22:54.990+0800    DEBUG   [monitoring]    pipeline/client.go:155  client: cancelled 0 events
2020-02-19T15:22:54.990+0800    DEBUG   [monitoring]    pipeline/pipeline.go:242        close pipeline
2020-02-19T15:22:54.990+0800    INFO    instance/beat.go:388    packetbeat stopped.
2020-02-19T15:22:54.999+0800    ERROR   instance/beat.go:802    Exiting: Error importing Kibana dashboards: fail to import the dashboards in Kibana: Error importing directory /usr/share/packetbeat/kibana: Failed to import dashboard: Failed to load directory /usr/share/packetbeat/kibana/7/dashboard:
  error loading /usr/share/packetbeat/kibana/7/dashboard/Packetbeat-cassandra.json: . Response: {"objects":[{"id":"Cassandra-ResponseKeyspace-ecs","type":"visualization","updated_at":"2020-02-19T07:28:43.802Z","version":"WzI4MzQ1MjUsODBd","attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"filter\":[],\"query\":{\"que... (truncated)
  error loading /usr/share/packetbeat/kibana/7/dashboard/Packetbeat-thrift.json: . Response: {"objects":[{"id":"Navigation-ecs","type":"visualization","updated_at":"2020-02-19T07:28:56.052Z","version":"WzI4MzQ2MzksODBd","attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"filter\":[],\"query\":{\"query\":{\"query_st... (truncated)
  error loading /usr/share/packetbeat/kibana/7/dashboard/Packetbeat-tls.json: . Response: {"objects":[{"id":"Navigation-ecs","type":"visualization","updated_at":"2020-02-19T07:28:57.170Z","version":"WzI4MzQ2NDgsODBd","attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"filter\":[],\"query\":{\"query\":{\"query_st... (truncated)
Exiting: Error importing Kibana dashboards: fail to import the dashboards in Kibana: Error importing directory /usr/share/packetbeat/kibana: Failed to import dashboard: Failed to load directory /usr/share/packetbeat/kibana/7/dashboard:
  error loading /usr/share/packetbeat/kibana/7/dashboard/Packetbeat-cassandra.json: . Response: {"objects":[{"id":"Cassandra-ResponseKeyspace-ecs","type":"visualization","updated_at":"2020-02-19T07:28:43.802Z","version":"WzI4MzQ1MjUsODBd","attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"filter\":[],\"query\":{\"que... (truncated)
  error loading /usr/share/packetbeat/kibana/7/dashboard/Packetbeat-thrift.json: . Response: {"objects":[{"id":"Navigation-ecs","type":"visualization","updated_at":"2020-02-19T07:28:56.052Z","version":"WzI4MzQ2MzksODBd","attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"filter\":[],\"query\":{\"query\":{\"query_st... (truncated)
  error loading /usr/share/packetbeat/kibana/7/dashboard/Packetbeat-tls.json: . Response: {"objects":[{"id":"Navigation-ecs","type":"visualization","updated_at":"2020-02-19T07:28:57.170Z","version":"WzI4MzQ2NDgsODBd","attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"filter\":[],\"query\":{\"query\":{\"query_st... (truncated)
2020-02-19T15:22:54.990+0800    DEBUG   [monitoring]    pipeline/consumer.go:190        stop pipeline event consumer

Or is it because my rights issue?
-rw-r--r-- 1 root root 147301 May 23 2019 fields.yml
-rw-r--r-- 1 root root 60984 May 23 2019 packetbeat.reference.yml
-rw------- 1 root root 8836 Feb 20 11:05 packetbeat.yml

skyluke.1987 · February 24, 2020, 2:53am

Hi does anyone got idea on how to debug this issue ?

system · March 23, 2020, 2:53am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Can't load dashboards from Windows version of packetbeat to Kibana on Security Onion Beats packetbeat	4	1140	March 26, 2020
Packetbeat Logstash and Elastic cloud Beats packetbeat	5	647	March 23, 2022
Packebeat dashboard on kibana error Beats packetbeat	1	302	May 14, 2020
Packetbeat installation fails on Windows Beats packetbeat	5	806	October 3, 2019
All Packetbeat dashboards version 7.15.0 don't work: Invalid JSON in search source Beats packetbeat	15	1691	November 16, 2021

Cannot load dashboard

Related Topics