Cannot login to Kibana after installing shield? Unable to restart the kibana service?

I have exactly followed steps as per link below and was successfully logged in to Kibana.


But once I installed shield and created users its not allowing to login.

I tried restarting elasticsearch service but it throws error as below

./elasticsearch restart
Stopping elasticsearch: [ OK ]
Starting elasticsearch: log4j:WARN No appenders could be found for logger (bootstrap).
log4j:WARN Please initialize the log4j system properly.
log4j:WARN See for more info.
[ OK ]

I cannot restart Kibana service

Is NGNIX blocking the access as previous I configured admin user using ngnix?
Please suggest how to proceed further?

1 Like

I looked at that tutorial briefly and saw that they have you set up Basic authentication with nginx and htpasswd. It's fine to use nginx, but the Basic authentication you want is going to be provided by Shield. See

I'm not seeing in the Elasticsearch start-up message any error or indication that it's not running. Can you access Elasticsearch directly on the hostname and port that it runs? Using authenticated users that you created with Shield, that is.

Is there any error you see when trying to restart the Kibana service? Note that since you have Shield installed now, you need to update the kibana.yml with the authentication to Elasticsearch, as detailed in the official documentation which I linked above (the last part of step 1 in that doc).

Thanks Tim for your response.

I have uninstalled Kibana, elastic search and logstash.

I have installed Kibana 4.5

logstash 2.2

elastic search 2.2

Shield 2.3

I didnot install nginx this time and tried following the steps for shield and kibana.yml as pe rthe instructions. Currently I could see Kibana service is not getting started.

Please find below error messages in log file

FATAL { [Error: EACCES: permission denied, open '/opt/kibana/optimize/bundles/kibana.entry.js']
{ [Error: EACCES: permission denied, open '/opt/kibana/optimize/bundles/kibana.entry.js']
errno: -13,
code: 'EACCES',
syscall: 'open',
path: '/opt/kibana/optimize/bundles/kibana.entry.js' },
isOperational: true,
errno: -13,
code: 'EACCES',
syscall: 'open',
path: '/opt/kibana/optimize/bundles/kibana.entry.js' }
FATAL { [Error: shield.encryptionKey is required in kibana.yml.]
cause: [Error: shield.encryptionKey is required in kibana.yml.],
isOperational: true }

Can you please let us know what could be the error?

Just a side note, you will need Elasticsearch 2.3 to meet version compatibility with Shield 2.3 and Kibana 4.5.

The fatal error you see looks to be a filesystem permissions error. Check that the user that owns the process running Kibana has "read" permission to all the files.

For example, if the user on the system that starts up Kibana is called "website" and there is a group with that same name, then you would want to change the user ownership and group ownership of all the Kibana files with something like: chown -R website:website /opt/kibana

Thanks for your response Tim.

I have installed logstash , Kibana and elasticsearch on one Redhat server.

Current state after installing shiled 2.3 kibana service is not starting.

*********Please find below entires which I changed in kibana.yml *********************************

server.port: 5601 "private ip"

elasticsearch.url: "https://privateip:9200"

elasticsearch.username: "kibana4-server"
elasticsearch.password: "xxxx"

server.ssl.cert: certificate path (generated by open ssl)
server.ssl.key: private key (generated by open ssl)

shield.encryptionKey: "XXXX"
shield.sessionTimeout: 600000

Please find below permissions every file user and group are kibana

ls -l /opt/kibana/optimize/
total 4
drwxr-xr-x. 5 kibana kibana 4096 Jun 27 05:34 bundles

As per your above post suggestions if have update elastic search to 2.3 will entire setup works fine?

Can you please suggest if anything I need to correct to make it working.

Note: With Nginx basic authentication elk works fine for me.

Can anyone guide here please

I am trying to set up user authentication for Kibana using Shield .I am using shiled 2.3, Kibana 4.3, ES 2.3 on single server
I have installed shiled using below commands
‪#‎cd‬ /usr/share/elasticsearch
‪#‎sudo‬ bin/plugin install license
#sudo bin/plugin install shield
using esusers command line I have created one admin user with admin role and another user with user role
After that I tried installing below plugin
bin/kibana plugin --install kibana/shield/2.3.3 and it gives error message as
"plugin installation is unsuccessful due to error "bad indentation of a mapping entry " elasticsearch.url " http://local"
Should I install certificates ? What configuration's I need to change in elasticsearch.yml and Kibana.yml .
Currently Kiabana service is not starting at all.
Request suggesstion here
Reference links…/shi…/current/installing-shield.html

Check that there is no whitespace characters before the elasticsearch.url text in the kibana.yml file. It looks like that error is a simple problem of bad formatting of the configuration options in the YML.

Should I install certificates ? What configuration's I need to change in Elasticsearch.yml and Kibana.yml .

Have you enabled SSL encryption on the Elasticsearch side? If so, you'll need to use an HTTPS URL to connect to Elasticsearch. That is documented on this page: Using Kibana with Shield | Shield [2.4] | Elastic

You will also need to configure Kibana to encrypt the communication between the server and the browser client, so Kibana will need to have the path to an SSL key and certificate in the configuration. That is also described on that documentation link.