Elastic Security Issues

Phyo_WaThone_Win · September 13, 2023, 4:10am

Hello,

Firslty, sorry for my english. In my elastic panel, I see this error

In your Elasticsearch configuration (elasticsearch.yml), enable:

Elasticsearch security(opens in a new tab or window). Set xpack.security.enabled to true .
API key service(opens in a new tab or window). Set xpack.security.authc.api_key.enabled to true .

API key service(opens in a new tab or window). Set xpack.security.authc.api_key.enabled to true .

So, I research about of this error on internet. I see a lot of writeups for this error. But in my elasticsearch.yml file, I cannot
see

xpack.security.enabled: true

and

xpack.security.authc.api_key.enabled: true

Here is my elasticsearch.yml configuration file.

# ======================== Elasticsearch Configuration =========================
#
# NOTE: Elasticsearch comes with reasonable defaults for most settings.
#       Before you set out to tweak and tune the configuration, make sure you
#       understand what are you trying to accomplish and the consequences.
#
# The primary way of configuring a node is via this file. This template lists
# the most important settings you may want to configure for a production cluster.
#
# Please consult the documentation for further information on configuration options:
# https://www.elastic.co/guide/en/elasticsearch/reference/index.html
#
# ---------------------------------- Cluster -----------------------------------
#
# Use a descriptive name for your cluster:
#
#cluster.name: my-application
#
# ------------------------------------ Node ------------------------------------
#
# Use a descriptive name for the node:
#
#node.name: node-1
#
# Add custom attributes to the node:
#
#node.attr.rack: r1
#
# ----------------------------------- Paths ------------------------------------
#
# Path to directory where to store the data (separate multiple locations by comma):
#
path.data: /var/lib/elasticsearch
#
# Path to log files:
#
path.logs: /var/log/elasticsearch
#
# ----------------------------------- Memory -----------------------------------
#
# Lock the memory on startup:
#
#bootstrap.memory_lock: true
#
# Make sure that the heap size is set to about half the memory available
# on the system and that the owner of the process is allowed to use this
# limit.
#
# Elasticsearch performs poorly when the system is swapping the memory.
#
# ---------------------------------- Network -----------------------------------
#
# By default Elasticsearch is only accessible on localhost. Set a different
# address here to expose this node on the network:
#
network.host: localhost
#
# By default Elasticsearch listens for HTTP traffic on the first free port it
# finds starting at 9200. Set a specific HTTP port here:
#
#http.port: 9200
#
# For more information, consult the network module documentation.
#
# --------------------------------- Discovery ----------------------------------
#
# Pass an initial list of hosts to perform discovery when this node is started:
# The default list of hosts is ["127.0.0.1", "[::1]"]
#
#discovery.seed_hosts: ["host1", "host2"]
#
# Bootstrap the cluster using an initial set of master-eligible nodes:
#
#cluster.initial_master_nodes: ["node-1", "node-2"]
#
# For more information, consult the discovery and cluster formation module documentation.
#
# ---------------------------------- Various -----------------------------------
#
# Require explicit names when deleting indices:
#
#action.destructive_requires_name: true
#
# ---------------------------------- Security ----------------------------------
#
#                                 *** WARNING ***
#
# Elasticsearch security features are not enabled by default.
# These features are free, but require configuration changes to enable them.
# This means that users don’t have to provide credentials and can get full access
# to the cluster. Network connections are also not encrypted.
#
# To protect your data, we strongly encourage you to enable the Elasticsearch security features. 
# Refer to the following documentation for instructions.
#
# https://www.elastic.co/guide/en/elasticsearch/reference/7.16/configuring-stack-security.html

#xpack.security.enable: true

My ELK version is 7.17.13 and When I installation I use this methods How To Install Elasticsearch, Logstash, and Kibana (Elastic Stack) on Ubuntu 22.04 | DigitalOcean

Please help me.

carly.richmond · September 13, 2023, 11:18am

Hi @Phyo_WaThone_Win,

Welcome to the community! I can see that you don't have those options added to your elasticsearch.yml. Can you add them to your configuration? That should get rid of the error and ensure you have the security settings enabled.

system · October 11, 2023, 11:18am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Enabled xpack.security.authc.api_key.enabled=true but _security/api_key still not working Elasticsearch elastic-stack-security	6	2695	April 8, 2021
Configure xpack.security.enabled but not work in elasticsearch v8.2.0 Elasticsearch elastic-stack-security	4	307	June 16, 2022
Setting xpack.security.enabled = true Elasticsearch elastic-stack-security	8	25489	June 29, 2019
Xpack.security.enabled: true Enable Kibana Security Features (Elasticsearch 7.10) Kibana elastic-stack-security	3	811	January 7, 2021
ERROR: X-Pack Security is disabled by configuration Elasticsearch	8	21893	May 7, 2019

Elastic Security Issues

Related Topics