Hi there,
I was creating custom user via Kibana for writing logs to elastic purpose only.
Firstly I specify custom role ->
Then I tried my C# app in debug mode and no logs are added.
When I did the same with elastic user, logs are added properly.
Could you advise how can I fix it?
Best Regards, Oleg
Am not too sure about C# app ..can you throw more light on it . Is that a third party tool ?
also I have pinged @Larry_Gregory for more insights
Can you share the response that you get from Elasticsearch when you try to write these logs? Elasticsearch should give you an explanation of why the operation failed, which will help us diagnose this.
I checked access to ElasticSearch with elastic and my custom user credentials via this command in K8s elasticsearch pod ->
curl -u [any user] 'http://azure-elasticsearch-prod:9200' and get the same response:
{
"name" : "azure-elasticsearch-prod-0",
"cluster_name" : "docker-cluster",
"cluster_uuid" : "kGL6IWb3Rgug-bcnOxO90Q",
"version" : {
"number" : "7.1.1",
"build_flavor" : "default",
"build_type" : "docker",
"build_hash" : "7a013de",
"build_date" : "2019-05-23T14:04:00.380842Z",
"build_snapshot" : false,
"lucene_version" : "8.0.0",
"minimum_wire_compatibility_version" : "6.8.0",
"minimum_index_compatibility_version" : "6.0.0-beta1"
},
"tagline" : "You Know, for Search"
}
What about logs - I used this command - 'kubectl logs -f my-pod' and there was nothing that can be mapped with my user activity. May be there is another place where I can look through the logs?
Oleg
Thanks for the additional information. What response does your c# application get from Elasticsearch when you try to write the logs?
Is the application writing to an existing index, or is the application supposed to create its own index? If it's creating its own index, then you'll also need to grant the create_index index privilege. See https://www.elastic.co/guide/en/elastic-stack-overview/current/security-privileges.html for an explanation of available privileges
Larry, adding 'create_index' helps me.
And I think i need review my app. Add some try-catch block while connecting to elasticsearch.
Thanks a lot!
Oleg
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.