{"type":"log","@timestamp":"2023-01-17T13:02:00Z","tags":["error","elasticsearch","data"],"pid":818,"message":"[ResponseError]: Response Error"}
Getting A LOT of these errors and the dashboards are not updating.
Welcome to our community! 
Can you share more of the log? What about your Elasticsearch log?
Please also format your code/logs/config using the </> button, or markdown style back ticks. It helps to make things easy to read which helps us help you 
More of the same from syslog
Jan 18 00:23:39 STISIEM kibana[830]: {"type":"log","@timestamp":"2023-01-18T05:23:39Z","tags":["error","elasticsearch","data"],"pid":830,"message":"[ResponseError]: Response Error"}
Jan 18 00:23:42 STISIEM kibana[830]: {"type":"log","@timestamp":"2023-01-18T05:23:42Z","tags":["error","elasticsearch","data"],"pid":830,"message":"[ResponseError]: Response Error"}
Jan 18 00:23:44 STISIEM kibana[830]: {"type":"log","@timestamp":"2023-01-18T05:23:44Z","tags":["error","elasticsearch","data"],"pid":830,"message":"[ResponseError]: Response Error"}
Jan 18 00:23:47 STISIEM kibana[830]: {"type":"log","@timestamp":"2023-01-18T05:23:47Z","tags":["error","elasticsearch","data"],"pid":830,"message":"[ResponseError]: Response Error"}
Jan 18 00:23:50 STISIEM kibana[830]: {"type":"log","@timestamp":"2023-01-18T05:23:50Z","tags":["error","elasticsearch","data"],"pid":830,"message":"[ResponseError]: Response Error"}
Jan 18 00:23:52 STISIEM kibana[830]: {"type":"log","@timestamp":"2023-01-18T05:23:52Z","tags":["error","elasticsearch","data"],"pid":830,"message":"[ResponseError]: Response Error"}
Jan 18 00:23:55 STISIEM kibana[830]: {"type":"log","@timestamp":"2023-01-18T05:23:55Z","tags":["error","elasticsearch","data"],"pid":830,"message":"[ResponseError]: Response Error"}
Jan 18 00:23:57 STISIEM kibana[830]: {"type":"log","@timestamp":"2023-01-18T05:23:57Z","tags":["error","elasticsearch","data"],"pid":830,"message":"[ResponseError]: Response Error"}
Jan 18 00:24:00 STISIEM kibana[830]: {"type":"log","@timestamp":"2023-01-18T05:24:00Z","tags":["error","elasticsearch","data"],"pid":830,"message":"[ResponseError]: Response Error"}
Jan 18 00:24:02 STISIEM kibana[830]: {"type":"log","@timestamp":"2023-01-18T05:24:02Z","tags":["error","elasticsearch","data"],"pid":830,"message":"[ResponseError]: Response Error"}
Jan 18 00:24:05 STISIEM kibana[830]: {"type":"log","@timestamp":"2023-01-18T05:24:05Z","tags":["error","elasticsearch","data"],"pid":830,"message":"[ResponseError]: Response Error"}
Jan 18 00:24:07 STISIEM kibana[830]: {"type":"log","@timestamp":"2023-01-18T05:24:07Z","tags":["error","elasticsearch","data"],"pid":830,"message":"[ResponseError]: Response Error"}
Jan 18 00:24:10 STISIEM kibana[830]: {"type":"log","@timestamp":"2023-01-18T05:24:10Z","tags":["error","elasticsearch","data"],"pid":830,"message":"[ResponseError]: Response Error"}
Jan 18 00:24:12 STISIEM kibana[830]: {"type":"log","@timestamp":"2023-01-18T05:24:12Z","tags":["error","elasticsearch","data"],"pid":830,"message":"[ResponseError]: Response Error"}
This is the same error, you only have this in your Kibana logs?
Also, what do you have in Elasticsearch logs.
This is in the syslog. Where does wazuh put the kibana and elasticsearch logs? I'm trying to find those
If you didn't change anything Kibana will log to the syslog, so these are the Kibana logs.
The Elasticsearch logs are, per default, on /var/log/elasticsearch/, check for a file with the name of your cluster.
they are not under /var/log/ or /var/ossec What configs where would have the log locations?
If you do not have any elasticsearch logs in /var/log/elasticsearch, then maybe you are not using the default log path.
Check your elasticsearch.yml and look for the value of path.logs.
Also, /var/ossec/ has no relation with any Elastic tools. Are you running Wazuh? What Elasticsearch distribution you installed? The one from Elastic or the one that Wazuh uses?
Wazuh v4.3.7
no elasticsearch.yml
using what was bundled with Wazuh v4.3.7
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.