Incorrect http method for uri

Hello everyone,

I'm setting up a lab with Security Onion and I'm configuring Auditbeat in an Ubuntu Desktop instance. When I run "auditbeat setup" I get the next error:


Looking for the Kibana logs in the SO machine I get this:

"Incorrect HTTP method for uri [/_ml/anomaly_detectors] and method [GET], allowed: [POST]", "status": 405}"

I was trying multiple solutions but none of them works for me. Here you can check my auditbeat.yml file


#Starting with Beats version 6.0.0, the dashboards are loaded via t>
#This requires a Kibana endpoint configuration.
host: "192.168. 30. 10:5601"
#Kibana Host
#Scheme and port can be left out and will be set to the default
#In case you specify and additional path, the scheme is required:>
#IPv6 addresses should always be defined as: https://[2001:db8 :: 1>
#host: "localhost: 5601"

#Kibana Space ID
#ID of the Kibana Space into which the dashboards should be loade>
#the Default Space will be used.

Elasticsearch output


#Array of hosts to connect to.
hosts: [""]

#Enabled ilm (beta) to use index lifecycle management instead dai>
#ilm.enabled: false

#Optional protocol and basic auth credentials.
protocol: "https"
ssl.verification_mode: none
username: "XXXX"
password: "XXXX"

Kibana is accessible from the browser and all the services are working correctly in SO server.

Thank you all for you help.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.