ElasticsearchException[Failure running machine learning native code - unsupported OS or distribution

ElasticsearchException[Failure running machine learning native code - unsupported OS or distribution

ElasticsearchException[Failure running machine learning native code. This could be due to running on an unsupported OS or distribution, missing OS libraries, or a problem with the temp directory. To bypass this problem by running Elasticsearch without machine learning functionality set [xpack.ml.enabled: false].

Problem encountered while running wazuh monitoring solution and kubernetes image on older hardware

Solution:

in elastic_stack/elasticsearch/single-node/elasticsearch-sts.yaml
in the "env" section:

          env:
            - name: ES_JAVA_OPTS
              value: '-Xms1024m -Xmx1024m '
            - name: bootstrap.memory_lock
              value: 'false'
            - name: cluster.name
              value: wazuh
            - name: network.host
              value: 0.0.0.0
            - name: node.name
              value: node-1

add

            - name: xpack.ml.enabled
              value: 'false'

if you are using only docker-compose

edit docker-compose.yml

# Wazuh App Copyright (C) 2020 Wazuh Inc. (License GPLv2)                                                                                               
version: '2'                                                                                                                                            

services:                                                                                                                                               
  wazuh:                                                                                                                                                
    image: wazuh/wazuh:3.12.2_7.6.2                                                                                                                     
    hostname: wazuh-manager                                                                                                                             
    restart: always                                                                                                                                     
    ports:                                                                                                                                              
      - "1514:1514/udp"                                                                                                                                 
      - "1515:1515"                                                                                                                                     
      - "514:514/udp"                                                                                                                                   
      - "55000:55000"                                                                                                                                   

  elasticsearch:                                                                                                                                        
    image: wazuh/wazuh-elasticsearch:3.12.2_7.6.2                                                                                                       
    hostname: elasticsearch                                                                                                                             
    restart: always                                                                                                                                     
    ports:                                                                                                                                              
      - "9200:9200"                                                                                                                                     
    environment:                                                                                                                                        
      - "ES_JAVA_OPTS=-Xms1g -Xmx1g"                                                                                                                    
      - ELASTIC_CLUSTER=true                                                                                                                            
      - CLUSTER_NODE_MASTER=true                                                                                                                        
      - CLUSTER_MASTER_NODE_NAME=es01                                                                                                                   

add:

    environment:                                                                                                                                        
       ...
      - xpack.ml.enabled=false