Troubleshooting New Health and Wellness
This topic describes how to troubleshoot New Health and Wellness issues.
| Issue |
An error ‘n of m shards failed’ or ‘unknown field in the index’ in the New Health and Wellness dashboards. |
| Resolution |
Refresh the index patterns, perform the following:
Note: If the issue still persists, refresh other index patterns such as nw-metricbeat* or nw-concentrator* and so on. |
| Issue |
Unable to send data to elastic search once disk usage reaches 85%. |
| Explanation |
If the Elasticsearch disk usage reaches 85%, the saved objects (index patterns, dashboards, visualizations etc) becomes read-only mode. And, services does not write new metrics to Elasticsearch or allow to edit any saved objects. |
| Resolution | To change the indexes to write mode, execute the following command on the host in which Elasticsearch is installed: curl -k --cert /etc/pki/nw/elastic/elasticsearch-cert.pem --key /etc/pki/nw/elastic/elasticsearch-key.pem -X PUT -H "Content-Type: application/json" -d '{"index.blocks.read_only_allow_delete": null }' https://localhost:9200/_all/_settings Note: This command is supported only with certificates. |
| Issue | New Health and Wellness > Pivot to Dashboard fails due to time synchronization issue. |
| Explanation | Pivot to dashboard fails if there is no time synchronization between the NetWitness Server and the host on which New Health and Wellness is installed. |
| Resolution |
You must synchronize the time and pivot to dashboard. To synchronize the time do one of the following:
|
