Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Error is observed on running setup command for winlogbeat and no data under Discover tab is generated. #42902

Open
amolnater-qasource opened this issue Feb 26, 2025 · 7 comments
Open

Error is observed on running setup command for winlogbeat and no data under Discover tab is generated. #42902

amolnater-qasource opened this issue Feb 26, 2025 · 7 comments
Assignees
@marc-gr
Labels
bug impact:high Short-term priority; add to current release, or definitely next. QA:Ready For Testing Code is merged and ready for QA to validate Team:Security-Windows Platform Windows Platform Team in Security Solution

Comments

@amolnater-qasource
Copy link

Kibana Build details:

VERSION: 9.0.0-rc1-BC1
BUILD: 83822
COMMIT: 07dc0afa460bddff658ee6d5342ad1f087fc766b

Artifact Link: https://staging.elastic.co/9.0.0-rc1-bd80e8a3/downloads/beats/winlogbeat/winlogbeat-9.0.0-rc1-windows-x86_64.zip

Preconditions:

  1. 9.0.0-rc1-BC1 Kibana cloud environment should be available.

Steps to reproduce:

  1. Update cloud id and cloud auth for winlogbeat.
  2. Now run: .\winlogbeat.exe setup.
  3. Observe error under CLI: Exiting: failed to sanitize the YAML pipeline file: security/ingest/security.yml: key 'false' is not string but bool.
  4. Now run: Start-Service winlogbeat.
  5. Observe no data under Discover tab is displayed.

Expected Result:
No errors should be observed on running setup command for winlogbeat and data should be displayed under Discover tab.

Logs:
winlogbeat-20250226.ndjson.zip

Screenshot:

Image

Image
@amolnater-qasource amolnater-qasource added bug impact:high Short-term priority; add to current release, or definitely next. Team:Elastic-Agent-Data-Plane Label for the Agent Data Plane team labels Feb 26, 2025
@elasticmachine
Copy link
Collaborator

Pinging @elastic/elastic-agent-data-plane (Team:Elastic-Agent-Data-Plane)

@amolnater-qasource
Copy link
Author

@muskangulati-qasource Please review.

@muskangulati-qasource
Copy link

Secondary review is Done for this ticket!

@cmacknz cmacknz added Team:Security-Windows Platform Windows Platform Team in Security Solution and removed Team:Elastic-Agent-Data-Plane Label for the Agent Data Plane team labels Mar 3, 2025
@elasticmachine
Copy link
Collaborator

Pinging @elastic/sec-windows-platform (Team:Security-Windows Platform)

@marc-gr marc-gr self-assigned this Mar 4, 2025
@marc-gr marc-gr mentioned this issue Mar 5, 2025
Merged
6 tasks
This was referenced Mar 5, 2025
Merged
Merged
Closed
Merged
Merged
Closed
@marc-gr
Copy link
Contributor

marc-gr commented Mar 5, 2025

a fix for this has been merged, when backports are merged too it should be solved and good to re validate

@amolnater-qasource
Copy link
Author

Thanks @marc-gr

@amolnater-qasource amolnater-qasource added the QA:Ready For Testing Code is merged and ready for QA to validate label Mar 5, 2025
@marc-gr
Copy link
Contributor

marc-gr commented Mar 5, 2025

backport has been merged in 9.0

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@marc-gr marc-gr

Labels
bug impact:high Short-term priority; add to current release, or definitely next. QA:Ready For Testing Code is merged and ready for QA to validate Team:Security-Windows Platform Windows Platform Team in Security Solution
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@cmacknz @marc-gr @elasticmachine @muskangulati-qasource @amolnater-qasource