Have little to no Linux nor ELK knowledge and am moving into the position of owning ELK. The previous owner is helping me, and I'm trying to figure this out on my own. This one has me stumped?
I believe that I have setup xpack to use TLS in the elasticsearch & kibana YMLs, but obviously it's not working. Since I am so new to this, wondering if I'm just missing something here?
Kibana Log Error:
{
"type": "error",
"@timestamp": "2018-02-18T08:39:38-05:00",
"tags": ["fatal"],
"pid": 7566,
"level": "fatal",
"error": {
"message": "child \"xpack\" fails because [child \"security\" fails because [\"http\" is not allowed]]",
"name": "ValidationError",
"stack": "ValidationError: child \"xpack\" fails because [child \"security\" fails because [\"http\" is not allowed]]\n at Object.exports.process (/usr/share/kibana/node_modules/joi/lib/errors.js:181:19)\n at _validateWithOptions (/usr/share/kibana/node_modules/joi/lib/any.js:651:31)\n at root.validate (/usr/share/kibana/node_modules/joi/lib/index.js:121:23)\n at Config._commit (/usr/share/kibana/src/server/config/config.js:119:35)\n at Config.set (/usr/share/kibana/src/server/config/config.js:89:10)\n at Config.extendSchema (/usr/share/kibana/src/server/config/config.js:62:10)\n at /usr/share/kibana/src/plugin_discovery/plugin_config/extend_config_service.js:22:12\n at next (native)\n at step (/usr/share/kibana/src/plugin_discovery/plugin_config/extend_config_service.js:45:191)\n at /usr/share/kibana/src/plugin_discovery/plugin_config/extend_config_service.js:45:361"
},
"message": "child \"xpack\" fails because [child \"security\" fails because [\"http\" is not allowed]]"
}
RHEL 7, ELK 30 day trial, Kibana 6.2 with Xpack 6.2, ElasctSearch 6.2 with Xpack 6.2
The ElasticSearch nodes are up and green.
YML entries are "sanitized", but are in the order they appear in the "live" files.
kibana.yml
server.port: 5601
server.host: 2.2.2.2
elasticsearch.url: "https://2.2.2.2:9200"
elasticsearch.username: "kibana"
elasticsearch.password: "kibana"
elasticsearch.ssl.certificateAuthorities: /etc/kibana/elastic-stack-ca.p12
elasticsearch.ssl.enabled: true
elasticsearch.ssl.verificationMode: certificate
elasticsearch.ssl.certificate: elastic-stack-ca..p12
elasticsearch.ssl.key: elastic-stack-ca..p12
xpack.security.enabled: false
xpack.security.encryptionKey: "SomethingOver36Charachters0123456789012345"
xpack.security.http.ssl.enabled: true
xpack.security.http.ssl.keystore.path: /etc/kibana/elastic-stack-ca..p12
xpack.security.http.ssl.truststore.path: /etc/kibana/elastic-stack-ca..p12
xpack.ssl.verification_mode: certificate
elasticsearch.requestTimeout: 60000
elasticsearch.yml
node.name: ${HOSTNAME}
node.master: true
node.data: true
node.ingest: true
cluster.name: uatelk
discovery.zen.ping.unicast.hosts: ["2.2.2.2", "2.2.2.12", "2.2.2.13", "2.2.2.14"]
xpack.security.transport.ssl.keystore.path: elastic-stack-ca.p12
xpack.security.transport.ssl.truststore.path: elastic-stack-ca.p12
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.enabled: false
xpack.security.http.ssl.enabled: true
xpack.security.http.ssl.keystore.path: elastic-stack-ca.p12
xpack.security.http.ssl.truststore.path: elastic-stack-ca.p12
network.host: 2.2.2.2
http.port: 9200