Quick rundown of what led to my current issue: Index filled EC2 completely, manually deleted nodes, no longer able to start Elasticsearch
After wiping the node (i.e Deleting everything inside the /var/lib/elasticsearch
folder), Kibana could no longer start as it gives me this error when running sudo systemctl status kibana
: [security_exception] failed to authenticate user [kibana]
and "license information could not be obtained from Elasticsearch for the data cluster"
I just did a fresh reinstall of Kibana via dpkg -i kibana..._.deb
and the issue still persists. I suspect that it has to do with the elastic install holding onto some authentication info from the (now deleted) .kibana
index that no longer exists? Perhaps the keystore is out of date in /etc/elasticsearch
?