Hi, I'm new to this and have setup graylog and elasticsearch but having issue when setting up kibana.
Getting this error when I attempt to connect to kibana:
Mar 19 15:51:53 greylog kibana[7157]: {"type":"log","@timestamp":"2020-03-19T15:51:53Z","tags":["license","debug","xpack"],"pid":7157,"message":"Calling [data] Elasticsearch _xpack API. Polling frequency: 30001"}
Mar 19 15:51:53 greylog kibana[7157]: {"type":"log","@timestamp":"2020-03-19T15:51:53Z","tags":["license","warning","xpack"],"pid":7157,"message":"License information from the X-Pack plugin could not be obtained from Elasticsearch for the [data] cluster. [invalid_index_name_exception] Invalid index name [xpack], must not start with ''., with { index_uuid="na" & index="_xpack" } :: {"path":"/_xpack","statusCode":400,"response":"{\"error\":{\"root_cause\":[{\"type\":\"invalid_index_name_exception\",\"reason\":\"Invalid index name [xpack], must not start with ''.\",\"index_uuid\":\"na\",\"index\":\"_xpack\"}],\"type\":\"invalid_index_name_exception\",\"reason\":\"Invalid index name [xpack], must not start with ''.\",\"index_uuid\":\"na\",\"index\":\"_xpack\"},\"status\":400}"}"}
On the GUI, I get this error:
Cannot connect to the Elasticsearch cluster currently configured for Kibana.
elasticsearch.yml file output (please note: I took out the comment when pasting it)
cluster.name: graylog
action.auto_create_index: false
#node.name: node-1
#node.attr.rack: r1
path.data: /var/lib/elasticsearch
path.logs: /var/log/elasticsearch
#bootstrap.memory_lock: true
network.host: localhost
http.port: 9200
#discovery.zen.minimum_master_nodes:
#gateway.recover_after_nodes: 3
#action.destructive_requires_name: true
kibana.yml output file.
server.port: 5601
server.host: 10.40.21.3
#server.basePath: ""
#server.rewriteBasePath: false
#server.maxPayloadBytes: 1048576
#server.name: "your-hostname"
elasticsearch.hosts: ["http://localhost:9200"]
#elasticsearch.preserveHost: true
#kibana.index: ".kibana"
#kibana.defaultAppId: "home"
#elasticsearch.username: "user"
#elasticsearch.password: "pass"
#server.ssl.enabled: false
#server.ssl.certificate: /path/to/your/server.crt
#server.ssl.key: /path/to/your/server.key
#elasticsearch.ssl.certificate: /path/to/your/client.crt
#elasticsearch.ssl.key: /path/to/your/client.key
#elasticsearch.ssl.certificateAuthorities: [ "/path/to/your/CA.pem" ]
#elasticsearch.ssl.verificationMode: full
#elasticsearch.pingTimeout: 1500
#elasticsearch.requestTimeout: 30000
#elasticsearch.requestHeadersWhitelist: [ authorization ]
#elasticsearch.customHeaders: {}
#elasticsearch.shardTimeout: 30000
#elasticsearch.startupTimeout: 5000
#elasticsearch.logQueries: false
#pid.file: /var/run/kibana.pid
logging.dest: stdout
#logging.silent: false
#logging.quiet: false
logging.verbose: true
#ops.interval: 5000
#i18n.locale: "en"
curl -XGET 'http://localhost:9200'
{
"name" : "dMAWY0g",
"cluster_name" : "graylog",
"cluster_uuid" : "Nd6pAnAxRVq6uJspvSVi2w",
"version" : {
"number" : "6.8.7",
"build_flavor" : "oss",
"build_type" : "rpm",
"build_hash" : "c63e621",
"build_date" : "2020-02-26T14:38:01.193138Z",
"build_snapshot" : false,
"lucene_version" : "7.7.2",
"minimum_wire_compatibility_version" : "5.6.0",
"minimum_index_compatibility_version" : "5.0.0"
},
"tagline" : "You Know, for Search"
}
when i execute this, curl -XGET 'http://10.40.21.3:5601', nothing is returned.
I'm doing this on centos 7.
Btw, another topic but dont see logs under /var/log for kibana. I did a search as well. Not sure why that is the case so had to use journalctl -u kibana.service
Versions installed are:
elasticsearch: "6.8.7"
kibana: kibana-6.8.7-1.x86_64
Your help is appreciated. Thank you very much.