Importing dashboards in Opensearch Dashboards 2.0 breaks

[sandervandegeijn]

Opensearch + Dashboards at 2.0.0, linked to issue: #6

Importing gives error:

[opensearch-dashboards@dashboards-556c54898c-wmfbh config]$ ./importsuricata.sh
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  503k  100  503k    0     0  1863k      0 --:--:-- --:--:-- --:--:-- 1858k
{"statusCode":422,"error":"Unprocessable Entity","message":"Document \"036d9030-74eb-11ea-bb42-278f04c43ada\" has property \"index-pattern\" which belongs to a more recent version of OpenSearch Dashboards [7.11.0]. The last known version is [7.6.0]"}  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  524k  100  524k    0     0  1024k      0 --:--:-- --:--:-- --:--:-- 1023k
{"statusCode":422,"error":"Unprocessable Entity","message":"Document \"036d9030-74eb-11ea-bb42-278f04c43ada\" has property \"index-pattern\" which belongs to a more recent version of OpenSearch Dashboards [7.11.0]. The last known version is [7.6.0]"}  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100 1050k  100 1050k    0     0  3696k      0 --:--:-- --:--:-- --:--:-- 3698k
{"statusCode":422,"error":"Unprocessable Entity","message":"Document \"92edee20-74c4-11ea-bb42-278f04c43ada\" has property \"index-pattern\" which belongs to a more recent version of OpenSearch Dashboards [7.11.0]. The last known version is [7.6.0]"}  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100 1094k  100 1094k    0     0  2536k      0 --:--:-- --:--:-- --:--:-- 2534k
{"statusCode":422,"error":"Unprocessable Entity","message":"Document \"92edee20-74c4-11ea-bb42-278f04c43ada\" has property \"index-pattern\" which belongs to a more recent version of OpenSearch Dashboards [7.11.0]. The last known version is [7.6.0]"}  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  3366  100  3366    0     0  17532      0 --:--:-- --:--:-- --:--:-- 17623
{"successCount":5,"success":true,"successResults":[{"type":"query","id":"Hidden+Executables+-1","meta":{"title":"Hidden Executables -1","icon":"search"}},{"type":"query","id":"Large+DNS+flows","meta":{"title":"Large DNS flows","icon":"search"}},{"type":"query","id":"Larger+DNS+TXT+records","meta":{"title":"Larger DNS TXT records","icon":"search"}},{"type":"query","id":"Larger+ICMP+flows","meta":{"title":"Larger ICMP flows","icon":"search"}},{"type":"query","id":"Non+standard+TLS+port+with+older+TLS+versions","meta":{"title":"Non standard TLS port with older TLS versions","icon":"search"}}]}[opensearch-dashboards@dashboards-556c54898c-wmfbh config]$

[sandervandegeijn]

I've tried replacing all the version numbers with sed like this:

sed -i 's/7.11.0/7.6.0/g' index-pattern.ndjson

While it did clear the errors on command line, the index patterns/visualisations are working, but the dashboards themselfes are not working.

[atbohmer]

Hello Peter @pevma , could you please look in to this? If not supported we need to build our own dashboard, but it would be more then much appriciated if you could help us out!
TIA

[sandervandegeijn]

Opensearch is something to take a look at, Elastic has gone source available only and in doing so they pissed a lot of people off. Opensearch is gaining traction as a open source project and is well maintained, we really would like to stick with the Apache v2 licensed Opensearch in stead of the Elastic V2 (brr) / SSPL (plain horrible) licensed Elasticsearch.