I am looking at the Elasticsearch Audit logs and i am getting an authentication denied for User Elastic, why would our servers be authenticating against our Elasticsearch nodes when we are getting logs from the beats and there are indexes tied to the logs
What is this request need to track it down as it is flooding our logs
Yeah , so these logs are coming from a data node, and the origin IP is ( all over the place ) but this specific instance is coming from our coordinating node, ( has multiple beats , kibana , elasticsearch on it ) and no its internal
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.