Elasticsearch warn unable to install syscall filter


(Giuseppe Tricarico) #1

Hi

with elasticsearch ver 2.20 and jdk 1.8.74 when elasticsearch start I see the followinf warning

[2016-02-22 12:16:00,140][WARN ][bootstrap ] unable to install
syscall filter: seccomp unavailable: requires kernel 3.5+ with CONFIG_SECCOMP and CONFIG_SECCOMP_FILTER compiled in

I can find no help on the web for that message.

Has anyone find a similar message, do I have to worry about that?


(Jörg Prante) #2

You can safely ignore this message.

The meaning of the message is that Elasticsearch security module made an extra effort to revoke Linux process privileges to reduce so called "attack vector" for malevolent activities, but your Linux kernel is either too old or not able to offer that process privilege revoke API. That does not influence or harm the function of Elasticsearch.

You should only consider to run a more modern Linux.


(anks) #3

I am getting this message in logs and ElasticSearch unable to start.

unable to install syscall filter: seccomp unavailable: CONFIG_SECCOMP not compiled into kernel, CONFIG_SECCOMP and CONFIG_SECCOMP_FILTER are needed


(Dan R) #4

Hi
I have the same problem and elasticsearch won't start. This is the only log es produces on service start.
Does anyone have a solution?

Es 2.3.5
On rhel 6.6

Thanks


(KiRan) #5

ElasticSearch unable to start. Does anyone have a solution?

unable to install syscall filter: java.lang.UnsupportedOperationException: seccomp unavailable: CONFIG_SECCOMP not compiled into kernel, CONFIG_SECCOMP and CONFIG_SECCOMP_FILTER are needed.


(Carlosvega) #6

Same here with 2.3.2.

https://discuss.elastic.co/t/cant-start-es-with-heap-size-larger-than-7g/82580


(system) #8