Delete indexes and indexes pattern is forbidden

(Stefano Guidobaldi) #1


I just set up a new ELK cluster made by: 3 master/data nodes, 2 coordinating nodes and 1 kibana node, version 6.7. I have some filebeats sending data to logstash, then logstash sends data to elasticsearch.

I tried sending some logs through filebeat->logstash->elastic and I was able to index them. From Kibana, I created a index pattern for my new data and everything went fine until yesterday, where I decided to delete index and index pattern and create them anew.
Trying to delete them from Kibana resulted in a "403 Forbidden" error that I don't seem to be able to resolve.
I also tried to delete index with Postman from my laptop, always getting a 403 forbidden.

I'm running out of ideas. Here's the config of one of my nodes. Any suggestion would be appreciated.

# This file is being managed by Ansible. Do not modify!

# CLUSTER cluster

# NODE es-1

node.master: true true
node.ingest: true

node.attr.rack_id: rack-1

cluster.routing.allocation.awareness.attributes: rack_id
cluster.routing.allocation.node_concurrent_recoveries: 2

# PATH /data/elasticsearch
path.logs: /var/log/elasticsearch


transport.tcp.port: 9300
transport.tcp.compress: true

http.port: 9200
http.enabled: true
http.cors.enabled: true 
http.cors.allow-origin: "*"
http.compression: true

# DISCOVERY ["", "", ""]

discovery.zen.minimum_master_nodes: 2

discovery.zen.ping_timeout: 10s
discovery.zen.fd.ping_retries: 3
discovery.zen.fd.ping_interval: 3s
discovery.zen.fd.ping_timeout: 30s

# Set this property to true to lock the memory:
bootstrap.memory_lock: true

action.auto_create_index: true
action.destructive_requires_name: true
(system) closed #2

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.