Kibana did not load properly. Check the server output for more information - Kibana not working

Getting this error not able to view Kibana outside VM. Did a F12 on the browser and found the below logs

Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'nonce-HP0NX/jW/tC+KsmO'". Either the 'unsafe-inline' keyword, a hash ('sha256-SHHSeLc0bp6xt4BoVVyUy+3IbVqp3ujLaR+s+kSP5UI='), or a nonce ('nonce-...') is required to enable inline execution.

bootstrap.js:10 A single error about an inline script not firing due to content security policy is expected!

Please help its a production issue

Thanks,
Susmit

2 Likes

faced similar issue.

@Susmit07 and @vchauhan81

Are you using any custom plugins that you have developed in your Kibana installation?

What does the Kibana log state? Also what are the logs generated in ELasticsearch instance to which kibana is pointed to?

@NerdSec and @Brandon_Kobel we are not using custom plugin. Please find the screenshot of the issue and the logs with logging.verbose : true in kibana.yml

Logs:

https://github.com/elastic/kibana/files/3304445/logs.txt

Github Issue link:

log [04:52:40.652] [debug][connection][econnreset] ECONNRESET: Socket was closed by the client (probably the browser) before it could be read completely
respons [04:52:37.657] GET /built_assets/dlls/vendors.bundle.dll.js 200 3011ms - 9.0B

Do you have a reverse-proxy like NGINX or Apache in front of Kibana? My suspicion is that the reverse-proxy is enforcing a "max response size" which is truncating the vendor.dll.js which is causing your issue.

1 Like

Nope, no any reverse proxy or apache being used.

Hi Brandon still no resolution, and we are stuck :frowning:

@Susmit07 would you mind elaborating on the version of Kibana that you're using, the OS of the server it's running on and your network topology in general? I'm unable to recreate the issue that you're seeing without something else like a reverse-proxy truncating the response from Kibana.

1 Like

Hi @Brandon_Kobel,

I am new to ELK stack, so most of the stuff I have learned is either through documentation, forums, etc. In response to Susmit and Vijay, I too have similar problem.

Here are the details:

  1. Kibana and Elastic Search version is 6.5.1
  2. VM on which these are installed separately

NAME="Red Hat Enterprise Linux Server"
VERSION="7.6 (Maipo)"
ID="rhel"
ID_LIKE="fedora"
VARIANT="Server"
VARIANT_ID="server"
VERSION_ID="7.6"
PRETTY_NAME="Red Hat Enterprise Linux Server 7.6 (Maipo)"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:redhat:enterprise_linux:7.6:GA:server"
HOME_URL="https://www.redhat.com/"
BUG_REPORT_URL="https://bugzilla.redhat.com/"

REDHAT_BUGZILLA_PRODUCT="Red Hat Enterprise Linux 7"
REDHAT_BUGZILLA_PRODUCT_VERSION=7.6
REDHAT_SUPPORT_PRODUCT="Red Hat Enterprise Linux"
REDHAT_SUPPORT_PRODUCT_VERSION="7.6"

  1. I am accessing the VM by default with root permissions
  2. Configurations are typical and the extra configuration that I have done and tried with / without -
  • modified localhost to 0.0.0.0 in kibana.yml so that I can access Kibana externally

  • firstly kept elasticsearch url as is i.e. localhost:9200 later on modified it with actual <public_ip_of_vm>:9200

  • later added xpack.security.enabled:falseand restarted but no luck

  • also tried installing nginx server configured the reverse proxy in the below manner but the results were same:
    server {
    listen 80;
    server_name localhost;

    #charset koi8-r;
    #access_log /var/log/nginx/host.access.log main;

    location / {
    proxy_pass http://localhost:5601;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection 'upgrade';
    proxy_set_header Host $host;
    proxy_cache_bypass $http_upgrade;
    }

  1. These VMs are created on the go with ibm internal cloud
  2. I have tried setting up and hosting Angular application on express server, and those application works fine when loaded via local machines or other systems (within secured network)
  3. Java is 1.8 (Oracle)

What I feel is that, main (JS) Module is not loaded due to some unsafe headers/script.

We are stuck here.. and need your help. Thanks in Advance!!!

Any advise, troubleshooting help ??

Hello @Brandon_Kobel . Could you please advise on this ?

@rajeev.tripathi, are you also seeing the ERR_CONNECTION_RESET when the user's browser loads the vendors.bundle.dll.js?

If so, please run curl -so /dev/null http://localhost:5601/built_assets/dlls/vendors.bundle.dll.js -w '%{size_download}' from the server that is running Kibana and the equivalent curl command "substituting the host and port" from the computer that you're trying to access Kibana from. If you could share the output of both of these commands here, it'll help us diagnose further.

Thanks for your reply!

Here are the screenshots. Locally it prints some size while externally it prints some other size.

Point to note - I am using 0.0.0.0 and default port.

Locally

Externally

Hey @rajeev.tripathi, this is what I expected. Something external to Kibana (a reverse-proxy, a load balancer, some other network appliance) is truncating the response.

Okay!! But that is strange.. The topology is straight. We have some VM's (private IBM cloud network) with full admin access. And we typically run it externally (within VPN network).
I also tried setting up nginx and modified it configuration for reverse proxy, but that didn't help too.

Any idea/suggestion to check which is that network appliance truncating the response?

We have VMs having similar configuration and hosting many applications which runs without any problem.

Is kibana ui hosted on node server ? Is there some thing with nodejs we can look at ?

Is kibana ui hosted on node server ? Is there some thing with nodejs we can look at ?

Kibana uses node internally. However, if you're consistently seeing that aforementioned curl command behaving different depending on whether you run it from the server running Kibana or the external machine, it almost certainly isn't something to do with Kibana's use of node internally.

To confirm this suspicion, you can stop Kibana and then use python -m SimpleHTTPServer 5601 from inside a folder on the VM with a multi-megabyte file and then try to download it externally. You should see the file being truncated as well. This will eliminate Kibana and/or Node as the culprit.

Also what does this corresponds to ->

@rajeev.tripathi https://github.com/elastic/kibana/issues/30468

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.