If your Elasticsearch is not working; this post is created to resolve your issue. If it is just fine, we still encourage you to read as it provides some behind the scenes information.
Sensei uses Elasticsearch as its datastore. We love Elasticsearch for its feature set. It’s fast & it’s scalable. Though, it has a long dependency list, which requires a lot of effort trying to put it into a OS distribution.
A little history
Short time ago, FreeBSD 11.1 passed away and 11.2 was announced. This was the same time when we were discussing to host Elasticsearch natively on OPNsense official repository. By some co-incidence, Gnome was also updated in FreeBSD ports for the first time in the past 2 years. This pretty much messed things.
This change broke the Elasticsearch build on OPNsense. OPNsense team swiftly reversed the change and removed the package from its packages.
As a result, if you’ve updated your OPNsense or Elasticsearch within this transition period (October 8 – October 20), then your Elasticsearch may not work properly because of messy dependencies.
Fortunately, the resolution is very simple and safe. And yes, you will not lose any of your network reporting data.
Download the following script from https://updates.sunnyvalley.io/es_patch and run it.
# fetch https://updates.sunnyvalley.io/es_patch # sh es_patch