OpenSearch: How to Fix Security Analytics Error When You Try to Create a New Detector

[post-views]
December 06, 2024 · 1 min read
OpenSearch: How to Fix Security Analytics Error When You Try to Create a New Detector

Sometimes, you can encounter an error shown at the bottom right when you try to create a detector or click on security analytics or any other links within the analytics.
For example, in the screenshot below:

To fix that:
Option 1:

  • Go to Index Management > Indexes
  • Search for the index .opensearch-sap-log-types-config
  • Delete it.

An example is in the screenshot below:

  • Go to Security Analytics Threat detectors Log types

 Now you can see lists of Log types.

If you don’t find index .opensearch-sap-log-types-config
Option 2:

  • Go to Dev Tools
  • Use this command:
GET .opensearch-sap-log-types-config

You will see:

  • Use this command
DELETE .opensearch-sap-log-types-config

Now, everything works fine, and you can Create a New Detector.

Was this article helpful?

Like and share it with your peers.
Join SOC Prime's Detection as Code platform to improve visibility into threats most relevant to your business. To help you get started and drive immediate value, book a meeting now with SOC Prime experts.

Related Posts