StatusCode: 500 all services running

Infos:

• AlmaLinux release 8.6
• Zammad version 5.2.x - Package
• ruby 3.0.4p208 (2022-04-12 revision 3fa771dded)
• 4 core, 8gb mem

Expected behavior:

• Reports should open

Actual behavior:

StatusCode: 500
Unable to process GET request to elasticsearch URL ‘http://localhost:9200/zammad_production_ticket/_search’. Check the response and payload for detailed information:

Response:
#<UserAgent::Result:0x0000559fc18e53d0 @success=false, @body=“{"error":{"root_cause":[{"type":"x_content_parse_exception","reason":"[1:51] [bool] failed to parse field [must]"}],"type":"x_content_parse_exception","reason":"[1:51] [bool] failed to parse field [must]","caused_by":{"type":"illegal_argument_exception","reason":"field name is null or empty"}},"status":400}”, @data=nil, @code=“400”, @content_type=nil, @error=“Client Error: #<Net::HTTPBadRequest 400 Bad Request readbody=true>!”, @header={“x-elastic-product”=>“Elasticsearch”, “warning”=>“299 Elasticsearch-7.17.5-8d61b4f7ddf931f219e3745f295ed2bbc50c8e84 "Elasticsearch built-in security features are not enabled. Without authentication, your cluster could be accessible to anyone. See Set up minimal security for Elasticsearch | Elasticsearch Guide [7.17] | Elastic to enable security."”, “content-type”=>“application/json; charset=UTF-8”, “content-length”=>“182”}>

Payload:
{“query”:{“bool”:{“must”:[{“term”:{“state_id”:null}},{“range”:{“created_at”:{“from”:“2020-12-31T22:00:00Z”,“to”:“2021-12-31T21:59:59Z”}}}],“must_not”:[{“term”:{“state.name.keyword”:“merged”}}]}},“size”:0,“aggs”:{“time_buckets”:{“date_histogram”:{“field”:“created_at”,“calendar_interval”:“month”,“time_zone”:“Africa/Johannesburg”}}},“sort”:[{“updated_at”:{“order”:“desc”}},“_score”]}

Payload size: 0M

what I have configured/tried/verified:

• zammad run rails r “Setting.set(‘es_url’, ‘http://localhost:9200’)”

• indexed (I am able to seach tickets in Zammad)

• output from “netstat -tan|grep 9200”:
tcp6 0 0 127.0.0.1:9200 :::* LISTEN
tcp6 0 0 ::1:9200 :::* LISTEN

• output from “curl http://localhost:9200”:
{
“name” : “hostname”,
“cluster_name” : “elasticsearch”,
“cluster_uuid” : “UBB6RBcvTPW4P__YuhLf_A”,
“version” : {
“number” : “7.17.5”,
“build_flavor” : “default”,
“build_type” : “rpm”,
“build_hash” : “8d61b4f7ddf931f219e3745f295ed2bbc50c8e84”,
“build_date” : “2022-06-23T21:57:28.736740635Z”,
“build_snapshot” : false,
“lucene_version” : “8.11.1”,
“minimum_wire_compatibility_version” : “6.8.0”,
“minimum_index_compatibility_version” : “6.0.0-beta1”
},
“tagline” : “You Know, for Search”
}

• systemctl status elasticsearch:
elasticsearch.service - Elasticsearch
Loaded: loaded (/usr/lib/systemd/system/elasticsearch.service; enabled; vendor preset: disabled)
Active: active (running) since Mon 2022-07-25 22:58:00 SAST; 10h ago
Docs: https://www.elastic.co
Main PID: 5295 (java)
Tasks: 82 (limit: 48488)
Memory: 4.3G
CGroup: /system.slice/elasticsearch.service
├─5295 /usr/share/elasticsearch/jdk/bin/java -Xshare:auto -Des.networkaddress.cache.ttl=60 -Des.networkaddress.cache.negative.ttl=10 -XX:+AlwaysPreTouch -Xss1m -Djava.awt.headless=true -Dfile.encodi>
└─5498 /usr/share/elasticsearch/modules/x-pack-ml/platform/linux-x86_64/bin/controller

• /etc/elasticsearch/elasticsearch.yml Left standard

How do I proceed from here?

regards

Reinstalled elasticsearch and it is working again now.