Troubleshooting
This page lists common issues you may encounter and how to resolve them.
No CSV files found
Symptoms:
list-inputsprints “No CSV files found”runprints “No CSV files found.”
Fix:
Confirm
input.input_dirpoints to the folder containing your CSV exportsConfirm
input.file_globmatches your files (for example*.csv)Confirm file extension/case matches what your OS/filesystem shows
Invalid config / pre-flight checks failing
Symptoms:
validate-configfailsrunfails early with “Invalid config”
Fix:
Start from
config/config.example.yamland apply only necessary changesEnsure your YAML indentation is correct (spaces, not tabs)
Confirm required fields for enabled integrations are present (endpoints, usernames, etc.)
Missing OpenAI API key
Symptoms:
validate-configfails becauseOPENAI_API_KEYis not presentrunfails (non-dry-run)
Fix:
Set
OPENAI_API_KEYin your environmentPrefer env vars over hardcoding
openai.api_keyinto YAMLIf you only want to test ingestion/output structure, run:
miyabi-qualys-ai-triage-pack run --config config/config.yaml --dry-run
Slack integration errors
Common symptoms:
“Missing Slack bot token …”
“Slack channel not found …”
Fix:
Ensure
notifications.enabled: trueEnsure
integrations.slack.enabled: trueProvide the bot token via
SLACK_BOT_TOKEN(recommended) orintegrations.slack.bot_tokenFor channels:
Use a valid channel name (like
#security-jobs) that the bot can access, orConfigure the channel ID (C…/G…) if your workspace/channel discovery is restricted
Email integration errors (SendGrid/SMTP)
Symptoms:
SendGrid: “Missing SendGrid API key …”
SMTP: authentication or TLS errors, connection refused/timeouts
Fix:
Ensure
notifications.enabled: trueEnable only one email method at a time unless you intentionally want both:
integrations.sendgrid.enabledorintegrations.smtp.enabled
Set
SENDGRID_API_KEY(SendGrid) or configure SMTP host/port/TLS/credentialsConfirm
to_emailsis configured (otherwise notifications may do nothing)
ZIP attachment/upload not included
Symptoms:
Slack message includes a warning about ZIP size or missing
index.htmlEmail body mentions ZIP not included due to size limit
Fix:
Confirm the pipeline produced
output/<csv_name>/index.htmlIncrease the size limit (Slack:
report_zip_max_mb, email:report_zip_max_mb) only if acceptableReduce attachment size by configuring include/exclude patterns:
report_zip_include_patternsreport_zip_exclude_patterns
OpenSearch errors
Symptoms:
Authentication errors (401/403), TLS verification errors, timeouts
Fix:
Confirm
integrations.opensearch.enabled: trueConfirm endpoint and auth settings:
API key via
OPENSEARCH_API_KEY(recommended) orintegrations.opensearch.auth.api_keyOr basic auth (
username+ password/env var)
For TLS issues in dev/local:
Set
integrations.opensearch.tls_verify: false(dev only)
Metabase/Postgres errors
Symptoms:
Connection refused, authentication failure, SSL mode errors
Fix:
Confirm
integrations.metabase.enabled: trueConfirm host/port/dbname/username/password (prefer
METABASE_PG_PASSWORD)Ensure the database is reachable from where the tool runs
Confirm
sslmodematches your Postgres deployment requirements
Expected behavior:
The tool will create tables (idempotently) and then insert:
raw vulnerabilities
report runs
report items (Top X)
Syslog / Splunk HEC issues
Symptoms:
Timeouts, connection errors, events missing downstream
Fix:
Confirm the receiver endpoint is reachable from the machine running the tool
For syslog:
UDP can drop messages; prefer TCP when you need higher reliability
For Splunk:
Confirm HEC token (
SPLUNK_HEC_TOKEN) and endpoint URLConfirm TLS verification settings match your environment