Troubleshooting

If the UI is not accessible,

Check the docker status

Check that Arkime and ES docker are running and the status is ‘UP’ if any of the dockers is not visible. Try running the ‘start.sh’ with the correct permissions, if the issue is not resolved try

aviz@npbsrv01:~/OPB_Arkime/OPB_Analyzer$ sudo docker ps

Check that Elasticsearch is running and the status is ‘green’

aviz@npbsrv01:~/OPB_Arkime/OPB_Analyzer$ curl http://localhost:9200/_cat/health
1671295994 16:53:14 es-docker-cluster green 1 1 21 21 0 0 0 0 - 100.0%
aviz@npbsrv01:~/OPB_Arkime/OPB_Analyzer$

Try restarting the dockers

when Arkime is unable to connect correctly with Elasticsearch the Arkime UI may not be reachable

aviz@npbsrv01:~/OPB_Arkime/OPB_Analyzer$ sudo docker restart arkime
aviz@npbsrv01:~/OPB_Arkime/OPB_Analyzer$ sudo docker restart elasticsearch

Check that UI is reachable by visiting http://arkime-hostname:8005 from your browser

Changing ES port

If port 9002 is used by another service running on the server, it can be changed in the ‘start.sh’ script before execution

Port format: “Global port:Local port”

Using your favourite text editor, change the ‘Global ports’ to any available and accessible port, also update the same port in the ‘ES_PORT’ attribute.

Changing Arkime Password

Log in to the Web GUI and navigate to User> admin_user ⚙️>Password, enter ‘admin’ as the current password and set a new password for the admin user.

Stopping Arkime & EC

Execute the ‘stop.sh’ script to stop & delete Arkime and EC docker containers, the script will not delete the data & es_data folder and the stored PCAPs.

aviz@npbsrv01:~/OPB_Arkime/OPB_Analyzer$ sudo ./stop.sh 
[sudo] password for aviz: 
arkime
elasticsearch
aviz@npbsrv01:~/OPB_Arkime/OPB_Analyzer$

External Links

PreviousInstalling Arkime NextHow to contact Aviz Networks Support?

Last updated 2 years ago

Was this helpful?