We have been using kibana templates for suricata that were developed for Elastic in opensearch dashboards succesfully. We have imported them successfully when OS was in the 1.1 range of releases and have been upgrading the cluster since.
Unfortunately we have lost the cluster so we had to start over, but importing the templates in 1.3.2 results in an error while importing (both through the GUI and curl). The same dashboards were fine in 1.3.2 when we followed the migration path, it’s just a matter of importing:
{"statusCode":422,"error":"Unprocessable Entity","message":"Document \"92edee20-74c4-11ea-bb42-278f04c43ada\" has property \"index-pattern\" which belongs to a more recent version of OpenSearch Dashboards [7.11.0]. The last known version is [7.6.0]"} % Total % Received % Xferd Average Speed Time Time Time Current
I’ve tried replacing version numbers with sed, but couldn’t get the import to work. Any ideas on how to fix this?
