Could not start datafeed

Hello,

I am getting below errors while trying to create a single metric Job in machine learning tab of Kibana.

Errors:
Could not start datafeed for Jobname [status_exception] cannot start datafeed [datafeed-Jobname] because job [Jobname] is not open

Could not start datafeed: [status_exception] cannot start datafeed [datafeed-Jobname] because job [Jobname] is not open

The problem is that whenever a job is created, automatically is closed. I tried to open it with:

POST _xpack/ml/anomaly_detectors/{jobname}/_open

but it returned false.

I have used the sample data provided by the elastic team, in particular the stocks data.

Can any one help me on this issue.

Hi Arturo

Can you tell me if an error was returned when you tired to open the job, is there anything in the elasticsearch log file you can share? Also which version of x-pack are you using and have you recently upgraded?

Thanks

Hello David,

No error was returned, only the following:

I am using the 5.4.3 version, i tried tu upgrade to last version but i was having problems with security folder after installing x-pack.

Machine Learning was still in beta for version 5.4 there have been many improvements since 5.4 so I do really encourage you to upgrade.

Perhaps I can help you with your upgrade issue did you know there is an Upgrade Assistant in 5.6?

Hello David,
I have upgraded to version 6.2.2, I think it is the latest one.
But now i can not access to kibana, the error is the following:

log [12:53:06.533] [warning][license][xpack] License information from the X-Pack plugin could not be obtained from Elasticsearch for the [data] cluster. [security_exception] missing authentication token for REST request [/_xpack], with { header={ WWW-Authenticate="Basic realm="security" charset="UTF-8"" } } :: {"path":"/_xpack","statusCode":401,"response":"{"error":{"root_cause":[{"type":"security_exception","reason":"missing authentication token for REST request [/_xpack]","header":{"WWW-Authenticate":"Basic realm=\"security\" charset=\"UTF-8\""}}],"type":"security_exception","reason":"missing authentication token for REST request [/_xpack]","header":{"WWW-Authenticate":"Basic realm=\"security\" charset=\"UTF-8\""}},"status":401}","wwwAuthenticateDirective":"Basic realm="security" charset="UTF-8""}

The configuration of kibana.yml is the following:

Kibana is served by a back end server. This setting specifies the port to use.

#server.port: 5601

Specifies the address to which the Kibana server will bind. IP addresses and host names are both valid values.

The default is 'localhost', which usually means remote machines will not be able to connect.

To allow connections from remote users, set this parameter to a non-loopback address.

#server.host: "localhost"

Enables you to specify a path to mount Kibana at if you are running behind a proxy. This only affects

the URLs generated by Kibana, your proxy is expected to remove the basePath value before forwarding requests

to Kibana. This setting cannot end in a slash.

#server.basePath: ""

The maximum payload size in bytes for incoming server requests.

#server.maxPayloadBytes: 1048576

The Kibana server's name. This is used for display purposes.

#server.name: "your-hostname"

The URL of the Elasticsearch instance to use for all your queries.

#elasticsearch.url: "http://localhost:9200"

When this setting's value is true Kibana uses the hostname specified in the server.host

setting. When the value of this setting is false, Kibana uses the hostname of the host

that connects to this Kibana instance.

#elasticsearch.preserveHost: true

Kibana uses an index in Elasticsearch to store saved searches, visualizations and

dashboards. Kibana creates a new index if the index doesn't already exist.

#kibana.index: ".kibana"

The default application to load.

#kibana.defaultAppId: "home"

If your Elasticsearch is protected with basic authentication, these settings provide

the username and password that the Kibana server uses to perform maintenance on the Kibana

index at startup. Your Kibana users still need to authenticate with Elasticsearch, which

is proxied through the Kibana server.

#elasticsearch.username: "user"
#elasticsearch.password: "pass"

Enables SSL and paths to the PEM-format SSL certificate and SSL key files, respectively.

These settings enable SSL for outgoing requests from the Kibana server to the browser.

#server.ssl.enabled: false
#server.ssl.certificate: /path/to/your/server.crt
#server.ssl.key: /path/to/your/server.key

Optional settings that provide the paths to the PEM-format SSL certificate and key files.

These files validate that your Elasticsearch backend uses the same key files.

#elasticsearch.ssl.certificate: /path/to/your/client.crt
#elasticsearch.ssl.key: /path/to/your/client.key

Optional setting that enables you to specify a path to the PEM file for the certificate

authority for your Elasticsearch instance.

#elasticsearch.ssl.certificateAuthorities: [ "/path/to/your/CA.pem" ]

To disregard the validity of SSL certificates, change this setting's value to 'none'.

#elasticsearch.ssl.verificationMode: full

Time in milliseconds to wait for Elasticsearch to respond to pings. Defaults to the value of

the elasticsearch.requestTimeout setting.

#elasticsearch.pingTimeout: 1500

Time in milliseconds to wait for responses from the back end or Elasticsearch. This value

must be a positive integer.

#elasticsearch.requestTimeout: 30000

List of Kibana client-side headers to send to Elasticsearch. To send no client-side

headers, set this value to [] (an empty list).

#elasticsearch.requestHeadersWhitelist: [ authorization ]

Header names and values that are sent to Elasticsearch. Any custom headers cannot be overwritten

by client-side headers, regardless of the elasticsearch.requestHeadersWhitelist configuration.

#elasticsearch.customHeaders: {}

Time in milliseconds for Elasticsearch to wait for responses from shards. Set to 0 to disable.

#elasticsearch.shardTimeout: 0

Time in milliseconds to wait for Elasticsearch at Kibana startup before retrying.

#elasticsearch.startupTimeout: 5000

Specifies the path where Kibana creates the process ID file.

#pid.file: /var/run/kibana.pid

Enables you specify a file where Kibana stores log output.

#logging.dest: stdout

Set the value of this setting to true to suppress all logging output.

#logging.silent: false

Set the value of this setting to true to suppress all logging output other than error messages.

#logging.quiet: false

Set the value of this setting to true to log all events, including system usage information

and all requests.

#logging.verbose: false

Set the interval in milliseconds to sample system and process performance

metrics. Minimum is 100ms. Defaults to 5000.

#ops.interval: 5000

The default locale. This locale can be used in certain circumstances to substitute any missing

translations.

#i18n.defaultLocale: "en"

How can i solve this?

Thank you very much.

Arturo.

6.2 requires an additional security setup compared to 5.4 in particular you will need the kibana user's authentication settings in kibana.yml

elasticsearch.username: "kibana"
elasticsearch.password: "kibanapassword"

where the password is created by the setup-passwords command.

The guides to installing x-pack in elasticsearch and x-pack for kibana will take you through everything you need to do in a step-by-step manner.

Hello David,
I tried to re-install it, following the instructions you gave me, but i still can not loggin in kibana because of the same error:

[08:51:02.581] [warning][license][xpack] License information from the X-Pack plugin could not be obtained from Elasticsearch for the [data] cluster. [security_exception] missing authentication token for REST request [/_xpack], with { header={ WWW-Authenticate="Basic realm="security" charset="UTF-8"" } } :: {"path":"/_xpack","statusCode":401,"response":"{"error":{"root_cause":[{"type":"security_exception","reason":"missing authentication token for REST request [/_xpack]","header":{"WWW-Authenticate":"Basic realm=\"security\" charset=\"UTF-8\""}}],"type":"security_exception","reason":"missing authentication token for REST request [/_xpack]","header":{"WWW-Authenticate":"Basic realm=\"security\" charset=\"UTF-8\""}},"status":401}","wwwAuthenticateDirective":"Basic realm="security" charset="UTF-8""}

I changed the kibana.yml with the following, where "changeme" is the setup password for elastic, kibana and logstash

elasticsearch.username: "kibana"
elasticsearch.password: "changeme"

Maybe the password has to comply with some security rules?

Thank you very much.
Arturo

HI,

Which license do you have for X-Pack? The warning above suggests you are using the basic license which does not support security (or Machine Learning). Did you start with a trial license and perhaps it has expired or maybe you need to start the trial license

You can view the current license with

GET /_xpack/license

If you have a license you need to update it with the license API

Hi David,

I write you the details of my current license, in order to know if with this one i can use the x-pack or not:

"cluster_name": "elasticsearch",
"version": "6.2.2",
"license": {
"status": "active",
"uid": "b54b91ea-b238-4b54-843f-6dc71d68e8b2",
"type": "trial",
"issue_date": "2018-03-20T08:27:23.678Z",
"issue_date_in_millis": 1521534443678,
"expiry_date": "2018-04-19T08:27:23.678Z",
"expiry_date_in_millis": 1524126443678,
"max_nodes": 1000,
"issued_to": "elasticsearch",
"issuer": "elasticsearch",
"start_date_in_millis": -1,
"hkey": "d5ae4ac9a765040705068bc26bffaa1784e3e3dacba7488f0b78e7a9e6e0b706",
"cluster_needs_tls": true
},

Thank you very much

You appear to have a valid trial license I'm not sure why you see this problem.

@ikakavas do you have any idea what is causing this error?

@Arturo Can you please verify that the password you are using in kibana.yml is correct ? You can test this with

curl -XGET -u kibana 'http://localhost:9200/'

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.