Hello,
I just set up a new ELK cluster made by: 3 master/data nodes, 2 coordinating nodes and 1 kibana node, version 6.7. I have some filebeats sending data to logstash, then logstash sends data to elasticsearch.
I tried sending some logs through filebeat->logstash->elastic and I was able to index them. From Kibana, I created a index pattern for my new data and everything went fine until yesterday, where I decided to delete index and index pattern and create them anew.
Trying to delete them from Kibana resulted in a "403 Forbidden" error that I don't seem to be able to resolve.
I also tried to delete index with Postman from my laptop, always getting a 403 forbidden.
I'm running out of ideas. Here's the config of one of my nodes. Any suggestion would be appreciated.
# This file is being managed by Ansible. Do not modify!
# CLUSTER
cluster.name: cluster
# NODE
node.name: es-1
node.master: true
node.data: true
node.ingest: true
node.attr.rack_id: rack-1
# CLUSTER
cluster.routing.allocation.awareness.attributes: rack_id
cluster.routing.allocation.node_concurrent_recoveries: 2
# PATH
path.data: /data/elasticsearch
path.logs: /var/log/elasticsearch
# NETWORK
network.host: 192.168.0.203
transport.tcp.port: 9300
transport.tcp.compress: true
http.port: 9200
http.enabled: true
http.cors.enabled: true
http.cors.allow-origin: "*"
http.compression: true
# DISCOVERY
discovery.zen.ping.unicast.hosts: ["192.168.0.203", "192.168.0.204", "192.168.0.205"]
discovery.zen.minimum_master_nodes: 2
discovery.zen.ping_timeout: 10s
discovery.zen.fd.ping_retries: 3
discovery.zen.fd.ping_interval: 3s
discovery.zen.fd.ping_timeout: 30s
# OTHER
# Set this property to true to lock the memory:
bootstrap.memory_lock: true
action.auto_create_index: true
action.destructive_requires_name: true