ELK stack Arcsight integration

I am new in ArcSight ESM and want to integrate with ELK Stack using below

Link 1: https://www.elastic.co/arcsight

Link 2: https://www.elastic.co/blog/integrating-elasticsearch-with-arcsight-siem-part-1

Link 3: https://www.edureka.co/blog/elk-stack-tutorial/

Link 4: https://www.elastic.co/guide/en/logstash/6.x/arcsight-module.html

While executing below commands getting the error.

bin/logstash --modules arcsight --setup
-M "arcsight.var.elasticsearch.hosts=10.10.10.39:9200"
-M "arcsight.var.kibana.host=10.10.10.39:5601"

Error: The request for this panel failed. The aggregations key is missing from the response

Please someone guide where is an issue.

Thanks in advance.

You may have better luck posting this over on our Logstash forum. Thank you!

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.