I setup two users on kibana and gave them necessary permission via user roles.
It was working fine until kibana suddenly crashed. On restarting kibana, I am unable to use any users that I created previously. It returns login error.
The same users work fine with elasticsearch via a python api.
Anything in the kibana logs?
I was dumb enough to print them on stdout and not save. So I have the logs only after I restarted kibana. Nothing useful there.
As authentication is done at ES you might want to check that while doing a login from kibana. Without logs I cannot help (and I am guessing none can)
Are you using X-Pack?
Yes I am using X-Pack for this. Sorry I should have mentioned this in the original post.
log [14:36:05.869] [info][status][plugin:ml@5.5.1] Status changed from red to green - Ready
log [14:36:05.901] [error][status][plugin:xpack_main@5.5.1] Status changed from red to red - Elasticsearch is still initializing the kibana index.
log [14:36:05.902] [error][status][plugin:graph@5.5.1] Status changed from red to red - Elasticsearch is still initializing the kibana index.
log [14:36:05.903] [error][status][plugin:reporting@5.5.1] Status changed from red to red - Elasticsearch is still initializing the kibana index.
log [14:36:05.904] [error][status][plugin:security@5.5.1] Status changed from red to red - Elasticsearch is still initializing the kibana index.
log [14:36:05.905] [error][status][plugin:searchprofiler@5.5.1] Status changed from red to red - Elasticsearch is still initializing the kibana index.
log [14:36:05.905] [error][status][plugin:ml@5.5.1] Status changed from green to red - Elasticsearch is still initializing the kibana index.
log [14:36:05.906] [error][status][plugin:tilemap@5.5.1] Status changed from red to red - Elasticsearch is still initializing the kibana index.
log [14:36:05.907] [error][status][plugin:watcher@5.5.1] Status changed from red to red - Elasticsearch is still initializing the kibana index.
log [14:36:05.908] [error][status][plugin:elasticsearch@5.5.1] Status changed from red to red - Elasticsearch is still initializing the kibana index.
log [14:36:08.489] [info][status][plugin:elasticsearch@5.5.1] Status changed from red to green - Kibana index ready
log [14:36:08.490] [info][status][ui settings] Status changed from red to green - Ready
log [14:36:08.511] [info][license][xpack] Imported license information from Elasticsearch for [data] cluster: mode: trial | status: active | expiry date: 2017-09-28T07:18:31+00:00
log [14:36:08.534] [info][status][plugin:xpack_main@5.5.1] Status changed from red to green - Ready
log [14:36:08.535] [info][status][plugin:graph@5.5.1] Status changed from red to green - Ready
log [14:36:08.537] [info][status][plugin:reporting@5.5.1] Status changed from red to green - Ready
log [14:36:08.538] [info][status][plugin:security@5.5.1] Status changed from red to green - Ready
log [14:36:08.539] [info][status][plugin:searchprofiler@5.5.1] Status changed from red to green - Ready
log [14:36:08.540] [info][status][plugin:ml@5.5.1] Status changed from red to green - Ready
log [14:36:08.541] [info][status][plugin:tilemap@5.5.1] Status changed from red to green - Ready
log [14:36:08.542] [info][status][plugin:watcher@5.5.1] Status changed from red to green - Ready
log [14:36:08.565] [info][license][xpack] Imported license information from Elasticsearch for [monitoring] cluster: mode: trial | status: active | expiry date: 2017-09-28T07:18:31+00:00
log [14:36:08.568] [info][status][plugin:monitoring@5.5.1] Status changed from green to yellow - Waiting for Monitoring Health Check
log [14:36:08.770] [info][status][plugin:monitoring@5.5.1] Status changed from yellow to green - Ready
This is the kibana log, after I restarted kibana and elasticsearch
@parth126 can you try checking the roles of the users directly using curl on elastic search.
curl -XGET http://host:port/.security/user/USERNAME?pretty
Pass the username password and cert required in curl command.
Check if the user is found,enabled and has kibana_user role.
Hi @karanshah
That seems to clarify things a bit. None of the users are found.
But surprisingly the users still work when communicating with elasticsearch.
curl -XGET -u elastic 'hostname:port/.security/user/elastic?pretty'
This works fine with the username 'elastic' (default superuser)
But it is unable to find the user 'elastic'
Response:
{
"_index" : ".security",
"_type" : "user",
"_id" : "elastic",
"found" : false
}
What am I doing wrong?
Update:
Seems like this command lists only the new users and roles that I defined and not the default users ('elastic' and 'kibana').
So I tried in on the new user (my-company-admin), and here is the result:
{
"_index" : ".security",
"_type" : "user",
"_id" : "my-company-admin",
"_version" : 1,
"found" : true,
"_source" : {
"username" : "my-company-admin",
"password" : "some encoded stuff",
"roles" : [
"my_company_admin"
],
"full_name" : null,
"email" : null,
"metadata" : null,
"enabled" : true
}
}
Details for the user role (my_company_user):
{
"_index" : ".security",
"_type" : "role",
"_id" : "my_company_admin",
"_version" : 1,
"found" : true,
"_source" : {
"cluster" : [ ],
"indices" : [
{
"names" : [
"my_company*"
],
"privileges" : [
"manage",
"read",
"index"
]
},
{
"names" : [
".kibana*"
],
"privileges" : [
"manage",
"read",
"index"
]
}
],
"run_as" : [ ],
"metadata" : { }
}
}This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.