How to fix ui settings status to green and plugin:elasticsearch@5.0.1] Status changed from yellow to red - Authentication Exception

We are getting following error in kibana log file, how to fix those errors.
log [04:28:49.556] [error][status][plugin:xpack_main@5.0.1] Status changed from yellow to red - Authentication Exception
log [04:28:49.558] [error][status][plugin:elasticsearch@5.0.1] Status changed from yellow to red - Authentication Exception

[04:28:49.804] [error][status][ui settings] Status changed from uninitialized to red - Elasticsearch plugin is red

Our kibana.yaml file is as follows:

Kibana is served by a back end server. This setting specifies the port to use.

server.port: 5601

Specifies the address to which the Kibana server will bind. IP addresses and host names are both valid values.

The default is 'localhost', which usually means remote machines will not be able to connect.

To allow connections from remote users, set this parameter to a non-loopback address. "localhost" ""

Enables you to specify a path to mount Kibana at if you are running behind a proxy. This only affects

the URLs generated by Kibana, your proxy is expected to remove the basePath value before forwarding requests

to Kibana. This setting cannot end in a slash.

#server.basePath: ""

The maximum payload size in bytes for incoming server requests.

#server.maxPayloadBytes: 1048576

The Kibana server's name. This is used for display purposes. "your-hostname"

The URL of the Elasticsearch instance to use for all your queries.

#elasticsearch.url: "http://localhost:9200"
elasticsearch.url: ""

When this setting’s value is true Kibana uses the hostname specified in the

setting. When the value of this setting is false, Kibana uses the hostname of the host

that connects to this Kibana instance.

#elasticsearch.preserveHost: true
elasticsearch.preserveHost: true

Kibana uses an index in Elasticsearch to store saved searches, visualizations and

dashboards. Kibana creates a new index if the index doesn’t already exist.

#kibana.index: ".kibana"
kibana.index: ".kibana"

The default application to load.

#kibana.defaultAppId: "discover"
kibana.defaultAppId: "discover"

If your Elasticsearch is protected with basic authentication, these settings provide

the username and password that the Kibana server uses to perform maintenance on the Kibana

index at startup. Your Kibana users still need to authenticate with Elasticsearch, which

is proxied through the Kibana server.

#elasticsearch.username: "user"
elasticsearch.username: "kibana"
#elasticsearch.password: "pass"
elasticsearch.password: "kibanaadmin"

Paths to the PEM-format SSL certificate and SSL key files, respectively. These

files enable SSL for outgoing requests from the Kibana server to the browser.

#server.ssl.cert: /path/to/your/server.crt
#server.ssl.key: /path/to/your/server.key

Optional settings that provide the paths to the PEM-format SSL certificate and key files.

These files validate that your Elasticsearch backend uses the same key files.

#elasticsearch.ssl.cert: /path/to/your/client.crt
#elasticsearch.ssl.key: /path/to/your/client.key

Optional setting that enables you to specify a path to the PEM file for the certificate

authority for your Elasticsearch instance. /path/to/your/CA.pem

To disregard the validity of SSL certificates, change this setting’s value to false.

#elasticsearch.ssl.verify: true

Time in milliseconds to wait for Elasticsearch to respond to pings. Defaults to the value of

the elasticsearch.requestTimeout setting.

#elasticsearch.pingTimeout: 1500

Time in milliseconds to wait for responses from the back end or Elasticsearch. This value

must be a positive integer.

#elasticsearch.requestTimeout: 30000
elasticsearch.requestTimeout: 30000

List of Kibana client-side headers to send to Elasticsearch. To send no client-side

headers, set this value to [] (an empty list).

#elasticsearch.requestHeadersWhitelist: [ authorization ]

Header names and values that are sent to Elasticsearch. Any custom headers cannot be overwritten

by client-side headers, regardless of the elasticsearch.requestHeadersWhitelist configuration.

#elasticsearch.customHeaders: {}

Time in milliseconds for Elasticsearch to wait for responses from shards. Set to 0 to disable.

#elasticsearch.shardTimeout: 0
elasticsearch.shardTimeout: 0

Time in milliseconds to wait for Elasticsearch at Kibana startup before retrying.

#elasticsearch.startupTimeout: 5000

Specifies the path where Kibana creates the process ID file.

#pid.file: /var/run/

Enables you specify a file where Kibana stores log output.

logging.dest: stdout

Set the value of this setting to true to suppress all logging output.

#logging.silent: false

Set the value of this setting to true to suppress all logging output other than error messages.

#logging.quiet: false

Set the value of this setting to true to log all events, including system usage information

and all requests.

logging.verbose: false

Set the interval in milliseconds to sample system and process performance

metrics. Minimum is 100ms. Defaults to 5000.

#ops.interval: 5000

#xpack.reporting.kibanaServer.hostname: "" "something_at_least_32_characters" true true false
xpack.monitoring.enabled: false
xpack.graph.enabled: false
xpack.reporting.enabled: false

We had one nod elastic search setup. On on the same node kibana and elastic search is running.

hi @Sanjay1,

have you disabled the plugins in Elasticsearch as well?

Specifically, disable security in the elasticsearch.yml file too. false

1 Like

Thank you, Thomas for help.
I disable the plugins as suggested by false in elasticsearch.yml and that helps.

Let me start testing it.

As I am new to the Kibana and elastic search may have few more question.

My pupose is to enable the x-pack but landed into few challenges after following the documents ro setup user id/password for kibana user and elstic user.


This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.