Hi,
settings up the nginx input for lab 4.2 results in a large number of unreadable events like
[20/Jul/2021:11:50:04 +0000] "\xB5\x96Wix\xC3l\xD0Aj\x17WV<\x08\x9B\x10\xAEi\x099I\x14o \x90\xD2\xBE\xDA\xEDcC\xA4\x9Bt\xD6\x890m]q\xA3!\xFAE\xD5\x9D\xF4\xEE\xB7\xCA;6b\xD9\xFDE\xB5\x90\xF5f\x8D\xE7\x92\xC1\x8E\x05\xB3dF&\xA2\xAE;\xC4h<Vs\xE9\x93\xCE\xDB\xB5T" 400
Is this something that can be fixed? Or do I just have to ignore it?
Hi Tony!
So, this actually might be some kind of hack attempt. The Nginx server is open to the world (it handles forwarding requests to your Kibana instance and the lab instructions), so it's going to get a lot of hits that look like an attempt to find an unsecured PHP server, or similar. We get a lot of that in all our classes. Just one of the joys of the internet. It's not really anything to worry about, the sensitive stuff is protected. Let us know if you find anything interesting in the logs!
Thanks,
Will
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.