Authentication of [elastic] was terminated by realm [reserved] - failed to authenticate user [elastic] | @timestamp=2022-11-23T07:21:04.573Z log.level=INFO ecs.version=1.2.0 service.name=ES_ECS event.dataset=elasticsearch.server process.thread.name=elasticsearch[9cc768f0c53c][system_critical_read][T#1] log.logger=org.elasticsearch.xpack.security.authc.RealmsAuthenticator elasticsearch.cluster.uuid=rjIYMrQ7QTeC9n03FL4KgQ elasticsearch.node.id=lZosd5s8RKqvnLfvCrtJwQ elasticsearch.node.name=9cc768f0c53c elasticsearch.cluster.name=docker-cluster
I'm running this on Docker: GitHub - deviantony/docker-elk: The Elastic stack (ELK) powered by Docker and Compose.
It've been running for a good while and has also been updated to 8.5.0 and 8.5.1 where credentials are created and stored on initialization.
I'm able to log in to Kibana and I see the logs ingested through Logstash, as expected.
So, this error regarding authentication, I'm not really sure why it pops up. Is there a way I can troubleshoot futher to see exactly what process is denied access and why?
Thank you very much for your support!