View this page in Japanese (日本語) | Back to README
- Check out the following AWS official web pages to see if the bug is already being worked on.
- Amazn ES Workshop content is available for you on GitHub.
- We have published “Amazon Elasticsearch Service Intro Workshop”!- Learn & experience the service in 2 hours -- from basic usage to the latest update (Japanese language)
- Amazon Elasticsearch Service Intro Workshop
There may be a time when deployment doesn’t finish even after waiting for 30 minutes or longer. This may be because something happened when creating a domain in Amazon Elasticsearch Service (Amazon ES). Amazon ES is deployed by AWS Lambda functions: deploy-aes and configure-aes. So you can check aes-siem-deploy-aes and aes-siem-configure-aes in CloudWatch Logs to see whether deployment is still in progress, or stopped due to an error. If you see an error, please fix it or clean up as described in README and then redeploy.
STDERR logs are not loaded by default. Add the following to user.ini if you need to load them.
ignore_container_stderr = FalseThere is a discrepancy between the time when the log was generated and the timestamp in Amazon ES when STDERR of container logs is loaded via Firelens.
@timestamp is based on the time when the log is loaded because STDERR has many different log formats and some log formats do not even contain a time field.
You can set a new password with AWS Management Console.
- Navigate to the Amazon ES console
- Select [aes-siem] domain
- Select [Actions] at the top of screen and choose the [Modify authnetication] from the drop-down menu.
- Check [Create master user] from [Fine-grained access control - powered by Open Distro for Elasticsearch]
- Type [aesadmin] to [Master usernames] and [any password] to [Master password]/[Confirm master password]
- Select [Submit] at the bottom right of the screen