Environment
Sentinel 8.4
Situation
In Sentinel 8.4, Elasticsearch is not getting started and we are getting the following exception:
Starting Sentinel...Indexing service is initializing. It might take a few minutes, please wait..Exception in thread "main" java.lang.NoSuchMethodError: org.apache.http.impl.client.HttpClientBuilder.setSSLHostnameVerifier(Ljavax/net/ssl/HostnameVerifier;)Lorg/apache/http/impl/client/HttpClientBuilder;at esecurity.ccs.comp.event.visualization.ESRestUtil.<init>(ESRestUtil.java:112)at esecurity.ccs.comp.event.visualization.ESRestUtil.getInstance(ESRestUtil.java:121)at esecurity.ccs.comp.event.visualization.ESRestUtil.main(ESRestUtil.java:136)
Resolution
This is a sporadic issue and will not happen in all the Sentinel setups. The following workaround will resolve this issue:
1) Switch to the directory /<sentinel-installation-path>/opt/novell/sentinel/bin/2) Open the file elasticsearch.sh3) Replace the line LIB_LOCATION="${ESEC_HOME}/lib/*:. " with LIB_LOCATION="${ESEC_HOME}/lib/ccsapp*.jar "
Note: When making changes to Sentinel system files it is recommended to first save the original file:
E.g. cp elasticsearch.sh elasticsearch.sh.old
4) Do the same in the following script files:- create_kibana_index_pattern.sh- elasticsearch_index_template.sh- elasticsearchRestClient.sh- load_kibana_data.sh- reSyncAlert.sh
Note: Once the update is complete and the file is saved, confirm that the owner and permissions have not changed. Accidentally changing ownership or permissions of Sentinel files can render the system unusable:
E.g. -rwx------ 1 novell novell
Cause
JAVA was not loading dependency properly from scripts.