Invalid license found, requires a basic or a valid trial license and received Open source

Hi, I followed this procedure to install ELK on Kubernetes (Deploy ECK in your Kubernetes cluster | Elastic Cloud on Kubernetes [1.4] | Elastic). Everything looks ok. Now, I want to use filebeat on my kubernetes host to send log to elasticsearch but filebeat is complaining about my licence type and send this error message : invalid license found, requires a basic or a valid trial license and received Open source.

When I try to get some details about my ES licence using the API, I receive this :

  "license" : {
    "status" : "active",
    "uid" : "65afaa9axx",
    "type" : "basic",
    "issue_date" : "2021-03-05T03:40:42.235Z",
    "issue_date_in_millis" : 1614915642235,
    "max_nodes" : 1000,
    "issued_to" : "quickstart",
    "issuer" : "elasticsearch",
    "start_date_in_millis" : -1
  }
}

Seems like I'm running a basic licence but filebeat is not seeing that.

Any idea ?

Thx !

hi @Charles100
Exactly which Filebeat distribution did you try to deploy?
and what version of the stack?
Did you perhaps deploy the OSS Filebeat?
Which modules have you enabled?
Can you share the startup Filebeat log lines?

Hi Stephen, I tried different filebeat version, I'm currently running this one : Repositories for APT and YUM | Filebeat Reference [7.11] | Elastic

I only enabled the system module

Version:

{
  "name" : "quickstart-es-default-0",
  "cluster_name" : "quickstart",
  "cluster_uuid" : "k6xTI8CbSASklr1SqmV7cg",
  "version" : {
    "number" : "7.11.1",
    "build_flavor" : "default",
    "build_type" : "docker",
    "build_hash" : "ff17057114c2199c9c1bbecc727003a907c0db7a",
    "build_date" : "2021-02-15T13:44:09.394032Z",
    "build_snapshot" : false,
    "lucene_version" : "8.7.0",
    "minimum_wire_compatibility_version" : "6.8.0",
    "minimum_index_compatibility_version" : "6.0.0-beta1"
  },
  "tagline" : "You Know, for Search"
}

Filebeat startup log :

2021-03-05T16:49:53.298Z        INFO    [beat]  instance/beat.go:1008   Go runtime info {"system_info": {"go": {"os":"linux","arch":"amd64","max_procs":4,"version":"go1.14.14"}}}
2021-03-05T16:49:53.299Z        INFO    [beat]  instance/beat.go:1012   Host info       {"system_info": {"host": {"architecture":"x86_64","boot_time":"2021-03-04T00:38:48Z","containerized":false,"name":"ubuntu-s-4vcpu-8gb-tor1-01","ip":["127.0.0.1/8","::1/128","138.197.169.180/20","10.20.0.6/16","fe80::bcab:d9ff:fef8:8f82/64","10.118.0.3/20","fe80::dc28:1aff:fef5:fadc/64","172.17.0.1/16","fe80::42:fff:fe3f:380d/64","192.168.49.1/24","fe80::42:52ff:fe3d:85f1/64","fe80::c0b5:7ff:fe72:98c6/64"],"kernel_version":"5.4.0-51-generic","mac":["be:ab:d9:f8:8f:82","de:28:1a:f5:fa:dc","02:42:0f:3f:38:0d","02:42:52:3d:85:f1","c2:b5:07:72:98:c6"],"os":{"family":"debian","platform":"ubuntu","name":"Ubuntu","version":"20.04.1 LTS (Focal Fossa)","major":20,"minor":4,"patch":1,"codename":"focal"},"timezone":"UTC","timezone_offset_sec":0,"id":"06ad1562b03b4c62898c642dd6286ba4"}}}
2021-03-05T16:49:53.299Z        INFO    [beat]  instance/beat.go:1041   Process info    {"system_info": {"process": {"capabilities": {"inheritable":null,"permitted":["chown","dac_override","dac_read_search","fowner","fsetid","kill","setgid","setuid","setpcap","linux_immutable","net_bind_service","net_broadcast","net_admin","net_raw","ipc_lock","ipc_owner","sys_module","sys_rawio","sys_chroot","sys_ptrace","sys_pacct","sys_admin","sys_boot","sys_nice","sys_resource","sys_time","sys_tty_config","mknod","lease","audit_write","audit_control","setfcap","mac_override","mac_admin","syslog","wake_alarm","block_suspend","audit_read"],"effective":["chown","dac_override","dac_read_search","fowner","fsetid","kill","setgid","setuid","setpcap","linux_immutable","net_bind_service","net_broadcast","net_admin","net_raw","ipc_lock","ipc_owner","sys_module","sys_rawio","sys_chroot","sys_ptrace","sys_pacct","sys_admin","sys_boot","sys_nice","sys_resource","sys_time","sys_tty_config","mknod","lease","audit_write","audit_control","setfcap","mac_override","mac_admin","syslog","wake_alarm","block_suspend","audit_read"],"bounding":["chown","dac_override","dac_read_search","fowner","fsetid","kill","setgid","setuid","setpcap","linux_immutable","net_bind_service","net_broadcast","net_admin","net_raw","ipc_lock","ipc_owner","sys_module","sys_rawio","sys_chroot","sys_ptrace","sys_pacct","sys_admin","sys_boot","sys_nice","sys_resource","sys_time","sys_tty_config","mknod","lease","audit_write","audit_control","setfcap","mac_override","mac_admin","syslog","wake_alarm","block_suspend","audit_read"],"ambient":null}, "cwd": "/etc/filebeat", "exe": "/usr/share/filebeat/bin/filebeat", "name": "filebeat", "pid": 1372786, "ppid": 1263484, "seccomp": {"mode":"filter","no_new_privs":true}, "start_time": "2021-03-05T16:49:52.530Z"}}}
2021-03-05T16:49:53.299Z        INFO    instance/beat.go:304    Setup Beat: filebeat; Version: 7.11.1
2021-03-05T16:49:53.299Z        INFO    [index-management]      idxmgmt/std.go:184      Set output.elasticsearch.index to 'filebeat-7.11.1' as ILM is enabled.
2021-03-05T16:49:53.299Z        INFO    eslegclient/connection.go:99    elasticsearch url: https://kibana.servebeer.com:443/es
2021-03-05T16:49:53.300Z        WARN    [tls]   tlscommon/tls_config.go:93      SSL/TLS verifications disabled.
2021-03-05T16:49:53.300Z        INFO    [publisher]     pipeline/module.go:113  Beat name: ubuntu-s-4vcpu-8gb-tor1-01
2021-03-05T16:49:53.300Z        INFO    [monitoring]    log/log.go:117  Starting metrics logging every 30s
2021-03-05T16:49:53.300Z        INFO    instance/beat.go:468    filebeat start running.
2021-03-05T16:49:53.301Z        INFO    memlog/store.go:119     Loading data file of '/var/lib/filebeat/registry/filebeat' succeeded. Active transaction id=0
2021-03-05T16:49:53.302Z        INFO    memlog/store.go:124     Finished loading transaction log file for '/var/lib/filebeat/registry/filebeat'. Active transaction id=25
2021-03-05T16:49:53.303Z        INFO    [registrar]     registrar/registrar.go:109      States Loaded from registrar: 2
2021-03-05T16:49:53.303Z        INFO    [crawler]       beater/crawler.go:71    Loading Inputs: 2
2021-03-05T16:49:53.305Z        INFO    log/input.go:157        Configured paths: [/var/log/messages* /var/log/syslog*]
2021-03-05T16:49:53.306Z        INFO    log/input.go:157        Configured paths: [/var/log/auth.log* /var/log/secure*]
2021-03-05T16:49:53.306Z        INFO    [crawler]       beater/crawler.go:108   Loading and starting Inputs completed. Enabled inputs: 0
2021-03-05T16:49:53.306Z        INFO    cfgfile/reload.go:164   Config reloader started
2021-03-05T16:49:53.307Z        INFO    [add_cloud_metadata]    add_cloud_metadata/add_cloud_metadata.go:105    add_cloud_metadata: hosting provider type detected as digitalocean, metadata={"instance":{"id":"234819683"},"provider":"digitalocean","region":"tor1"}
2021-03-05T16:49:53.309Z        INFO    log/input.go:157        Configured paths: [/var/log/auth.log* /var/log/secure*]
2021-03-05T16:49:53.310Z        INFO    log/input.go:157        Configured paths: [/var/log/messages* /var/log/syslog*]
2021-03-05T16:49:53.310Z        INFO    eslegclient/connection.go:99    elasticsearch url: https://kibana.servebeer.com:443/es
2021-03-05T16:49:53.311Z        WARN    [tls]   tlscommon/tls_config.go:93      SSL/TLS verifications disabled.
2021-03-05T16:49:53.311Z        WARN    [tls]   tlscommon/tls_config.go:93      SSL/TLS verifications disabled.
2021-03-05T16:49:53.326Z        INFO    [esclientleg]   eslegclient/connection.go:314   Attempting to connect to Elasticsearch version 7.11.1
2021-03-05T16:49:53.329Z        INFO    log/harvester.go:302    Harvester started for file: /var/log/auth.log
2021-03-05T16:49:53.329Z        INFO    log/harvester.go:302    Harvester started for file: /var/log/syslog
2021-03-05T16:49:53.329Z        INFO    cfgfile/reload.go:224   Loading of config files completed.
2021-03-05T16:49:53.379Z        INFO    [publisher_pipeline_output]     pipeline/output.go:143  Connecting to backoff(elasticsearch(https://kibana.servebeer.com:443/es))
2021-03-05T16:49:53.379Z        INFO    [publisher]     pipeline/retry.go:219   retryer: send unwait signal to consumer
2021-03-05T16:49:53.379Z        INFO    [publisher]     pipeline/retry.go:223     done
2021-03-05T16:49:53.379Z        WARN    [tls]   tlscommon/tls_config.go:93      SSL/TLS verifications disabled.
2021-03-05T16:49:53.391Z        INFO    [esclientleg]   eslegclient/connection.go:314   Attempting to connect to Elasticsearch version 7.11.1
2021-03-05T16:49:53.393Z        INFO    [license]       licenser/check.go:35    License is active for Basic
2021-03-05T16:49:55.112Z        ERROR   [publisher_pipeline_output]     pipeline/output.go:154  Failed to connect to backoff(elasticsearch(https://kibana.servebeer.com:443/es)): Connection marked as failed because the onConnect callback failed: invalid license found, requires a basic or a valid trial license and received Open source
2021-03-05T16:49:55.112Z        INFO    [publisher_pipeline_output]     pipeline/output.go:145  Attempting to reconnect to backoff(elasticsearch(https://kibana.servebeer.com:443/es)) with 1 reconnect attempt(s)
2021-03-05T16:49:55.112Z        INFO    [publisher]     pipeline/retry.go:219   retryer: send unwait signal to consumer
2021-03-05T16:49:55.112Z        INFO    [publisher]     pipeline/retry.go:223     done
2021-03-05T16:49:55.113Z        INFO    [esclientleg]   eslegclient/connection.go:314   Attempting to connect to Elasticsearch version 7.11.1
2021-03-05T16:49:55.114Z        INFO    [license]       licenser/check.go:35    License is active for Basic
2021-03-05T16:49:57.336Z        ERROR   [publisher_pipeline_output]     pipeline/output.go:154  Failed to connect to backoff(elasticsearch(https://kibana.servebeer.com:443/es)): Connection marked as failed because the onConnect callback failed: invalid license found, requires a basic or a valid trial license and received Open source
2021-03-05T16:49:57.336Z        INFO    [publisher_pipeline_output]     pipeline/output.go:145  Attempting to reconnect to backoff(elasticsearch(https://kibana.servebeer.com:443/es)) with 2 reconnect attempt(s)
2021-03-05T16:49:57.336Z        INFO    [publisher]     pipeline/retry.go:219   retryer: send unwait signal to consumer
2021-03-05T16:49:57.336Z        INFO    [publisher]     pipeline/retry.go:223     done
2021-03-05T16:49:57.338Z        INFO    [esclientleg]   eslegclient/connection.go:314   Attempting to connect to Elasticsearch version 7.11.1
2021-03-05T16:49:57.340Z        INFO    [license]       licenser/check.go:35    License is active for Basic
2021-03-05T16:50:02.668Z        ERROR   [publisher_pipeline_output]     pipeline/output.go:154  Failed to connect to backoff(elasticsearch(https://kibana.servebeer.com:443/es)): Connection marked as failed because the onConnect callback failed: invalid license found, requires a basic or a valid trial license and received Open source
2021-03-05T16:50:02.668Z        INFO    [publisher_pipeline_output]     pipeline/output.go:145  Attempting to reconnect to backoff(elasticsearch(https://kibana.servebeer.com:443/es)) with 3 reconnect attempt(s)
2021-03-05T16:50:02.668Z        INFO    [publisher]     pipeline/retry.go:219   retryer: send unwait signal to consumer
2021-03-05T16:50:02.669Z        INFO    [publisher]     pipeline/retry.go:223     done
2021-03-05T16:50:02.670Z        INFO    [esclientleg]   eslegclient/connection.go:314   Attempting to connect to Elasticsearch version 7.11.1
2021-03-05T16:50:02.671Z        INFO    [license]       licenser/check.go:35    License is active for Basic
2021-03-05T16:50:12.435Z        ERROR   [publisher_pipeline_output]     pipeline/output.go:154  Failed to connect to backoff(elasticsearch(https://kibana.servebeer.com:443/es)): Connection marked as failed because the onConnect callback failed: invalid license found, requires a basic or a valid trial license and received Open source
2021-03-05T16:50:12.435Z        INFO    [publisher_pipeline_output]     pipeline/output.go:145  Attempting to reconnect to backoff(elasticsearch(https://kibana.servebeer.com:443/es)) with 4 reconnect attempt(s)
2021-03-05T16:50:12.436Z        INFO    [publisher]     pipeline/retry.go:219   retryer: send unwait signal to consumer
2021-03-05T16:50:12.436Z        INFO    [publisher]     pipeline/retry.go:223     done
2021-03-05T16:50:12.437Z        INFO    [esclientleg]   eslegclient/connection.go:314   Attempting to connect to Elasticsearch version 7.11.1
2021-03-05T16:50:12.438Z        INFO    [license]       licenser/check.go:35    License is active for Basic

Ok its may not be about the license...

Looks like you may be failing to connect to elasticsearch in general, so it is failing on that. I think the license message is a perhaps a by product of failing to connect.

Typically we would see the following ... established being the key... which I do not see.

[publisher_pipeline_output] pipeline/output.go:151 Connection to backoff(elasticsearch(http://localhost:9200)) established

Looks like you are pointing the elasticsearch output to the kibana endpoint? perhaps?

 Failed to connect to backoff(elasticsearch(https://kibana.servebeer.com:443/es)): Connection marked as failed because the onConnect callback failed: invalid license found, requires a basic or a valid trial license and received Open source
2021-03-05T16:50:02.668Z        INFO    [publisher_pipeline_output]     pipeline/output.go:145  Attempting to reconnect to backoff(elasticsearch(https://kibana.servebeer.com:443/es)) with 3 reconnect attempt(s)

I'm trying to connect through ingress ... the domain name is confusing but the route /es should redirect to my the elastic pod...but I can be wrong. I'm gonna try with a simple port-forward to my localhost and see if it works.

Solved. Changed my elastic service to a nodeport so not using ingress anymore.

Thanks Stephen !

Cool not sure what K8s you are on... but I had a discussion with examples on ingress just a week or so ago in case you are interested

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.