Hi Folks,
I have 3 node elasticsearch , 2 logstash nodes and 1 kibana node . Do i mention all three elasticsearch nodes in kibana.yml's "elasticsearch.hosts" config line ? . It was working when i had just the master elastic IP in kibana.yml when the cluster was running in Single-node setup.
Like this ? currently i have assigned all 3 as [Master and DATA nodes]
# This section was automatically generated during setup.
elasticsearch.hosts: ['https://10.27.101.100:9200','https://10.27.101.247:9200','https://10.27.101.63:9200']
this is the log line seen with error
{"service":{"node":{"roles":["background_tasks","ui"]}},"ecs":{"version":"8.6.0"},"@timestamp":"2023-04-12T06:23:31.000+00:00","message":"Failed to authenticate anonymous service account: {\"error\":{\"root_cause\":[{\"type\":\"security_exception\",\"reason\":\"missing authentication credentials for REST request [/_security/_authenticate]\",\"header\":{\"WWW-Authenticate\":[\"Basic realm=\\\"security\\\" charset=\\\"UTF-8\\\"\",\"Bearer realm=\\\"security\\\"\",\"ApiKey\"]}}],\"type\":\"security_exception\",\"reason\":\"missing authentication credentials for REST request [/_security/_authenticate]\",\"header\":{\"WWW-Authenticate\":[\"Basic realm=\\\"security\\\" charset=\\\"UTF-8\\\"\",\"Bearer realm=\\\"security\\\"\",\"ApiKey\"]}},\"status\":401}","log":{"level":"WARN","logger":"plugins.security.anonymous-access"},"process":{"pid":622225},"trace":{"id":"21a889d32ffef255e517124407d2eaf0"},"transaction":{"id":"feaa6836a00081c3"}}
{"service":{"node":{"roles":["background_tasks","ui"]}},"ecs":{"version":"8.6.0"},"@timestamp":"2023-04-12T06:23:31.000+00:00","message":"Default capabilities will be returned since anonymous service account cannot authenticate.","log":{"level":"WARN","logger":"plugins.security.anonymous-access"},"process":{"pid":622225},"trace":{"id":"21a889d32ffef255e517124407d2eaf0"},"transaction":{"id":"feaa6836a00081c3"}}