All the beats were working fine till i had not enabled security(username/password). But when i enabled it, everything went down, and when i try to start the filebeat, it throws an the below error
Error:- 2018-09-24T10:28:12.858+0800 ERROR instance/beat.go:743 Exiting: Error importing Kibana dashboards: fail to create the Kibana loader: Error creating Kibana client: Error creating Kibana client: fail to get the Kibana version: HTTP GET request to /api/status fails: . Response: {"statusCode":401,"error":"Unauthorized"}.
Exiting: Error importing Kibana dashboards: fail to create the Kibana loader: Error creating Kibana client: Error creating Kibana client: fail to get the Kibana version: HTTP GET request to /api/status fails: . Response: {"statusCode":401,"error":"Unauthorized"}.
Exiting: error loading config file: yaml: line 169: did not find expected key
Since i am using logstash, I have enabled it like this in filebeat.yml, let me know whether i need to use logstash credentials to push the details from filebeat>> logstash
output.logstash:
The Logstash hosts
hosts: ["XXXXXXXXX:5044"]
Optional SSL. By default is off.
List of root certificates for HTTPS server verifications
I Followed the documentation for the latest 6.4 version and based on that i created a filebeat user internal and try to run it and I get the following error.
Exiting: Error importing Kibana dashboards: fail to create the Kibana loader: Error creating Kibana client: Error creating Kibana client: can not convert 'object' into 'string' accessing 'setup.kibana.host' (source:'filebeat.yml')
After enabling the security, whether you created the users for ES, Kibana and logstash?
Seems to be the issue with the credentials mismatch! Recommend to review the credentials of the respective users!
Mentioned that you are pushing logs to the Logstash!
es:admin/create] is unauthorized for user [kibana]"})
[2018-09-25T13:52:28,360][INFO ][logstash.outputs.elasticsearch] retrying failed action with response code: 403 ({"type"=>"security_exception", "reason"=>"action [indices:admin/create] is unauthorized for user [kibana]"})
[2018-09-25T13:52:28,360][INFO ][logstash.outputs.elasticsearch] retrying failed action with response code: 403 ({"type"=>"security_exception", "reason"=>"action [indices:admin/create] is unauthorized for user [kibana]"})
[2018-09-25T13:52:28,360][INFO ][logstash.outputs.elasticsearch] retrying failed action with response code: 403 ({"type"=>"security_exception", "reason"=>"action [indices:admin/create] is unauthorized for user [kibana]"})
But now the issue is fixed, as the user kibana didnt have the permissions. So yes you are right , user and roles played an important role now. The issue is fixed.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.