Authentication of [elastic] was terminated by realm [reserved]

Authentication of [elastic] was terminated by realm [reserved] - failed to authenticate user [elastic] | @timestamp=2022-11-23T07:21:04.573Z log.level=INFO ecs.version=1.2.0 service.name=ES_ECS event.dataset=elasticsearch.server process.thread.name=elasticsearch[9cc768f0c53c][system_critical_read][T#1] log.logger=org.elasticsearch.xpack.security.authc.RealmsAuthenticator elasticsearch.cluster.uuid=rjIYMrQ7QTeC9n03FL4KgQ elasticsearch.node.id=lZosd5s8RKqvnLfvCrtJwQ elasticsearch.node.name=9cc768f0c53c elasticsearch.cluster.name=docker-cluster

I'm running this on Docker: GitHub - deviantony/docker-elk: The Elastic stack (ELK) powered by Docker and Compose.

It've been running for a good while and has also been updated to 8.5.0 and 8.5.1 where credentials are created and stored on initialization.

I'm able to log in to Kibana and I see the logs ingested through Logstash, as expected.

So, this error regarding authentication, I'm not really sure why it pops up. Is there a way I can troubleshoot futher to see exactly what process is denied access and why?

Thank you very much for your support!

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.