View this page in Japanese (日本語) | Chinese (简体中文) | Back to README
Check out the following AWS official web pages to see if the bug is already being worked on.
Amazon OpenSearch Service Workshop content is available for you on GitHub.
- We have published “Amazon Elasticsearch Service Intro Workshop”!- Learn & experience the service in 2 hours -- from basic usage to the latest update (Japanese language)
- Amazon Elasticsearch Service Intro Workshop
There may be a time when deployment doesn’t finish even after waiting for 30 minutes or longer. This may be because something happened when creating a domain in Amazon OpenSearch Service. OpenSearch Service is deployed by AWS Lambda functions: deploy-aes and configure-aes. So you can check aes-siem-deploy-aes and aes-siem-configure-aes in CloudWatch Logs to see whether deployment is still in progress, or stopped due to an error. If you see an error, please fix it or clean up as described in README and then redeploy.
STDERR logs are not loaded by default. Add the following to user.ini if you need to load them.
ignore_container_stderr = False
There is a discrepancy between the time when the log was generated and the timestamp in OpenSearch Service when STDERR of container logs is loaded via Firelens
@timestamp is based on the time when the log is loaded because STDERR has many different log formats and some log formats do not even contain a time field.
You can set a new password with AWS Management Console.
- Navigate to the OpenSearch Service console
- Select [aes-siem] domain
- Select [Actions] at the top of screen and choose the [Edit security configuration] from the drop-down menu.
- Check [Create master user] from [Fine-grained access control - powered by Open Distro for Elasticsearch]
- Type [aesadmin] to [Master usernames] and [any password] to [Master password]/[Confirm master password]
- Select [Submit] at the bottom right of the screen