Hi,
Some of our Kibana instances are shutting down due to an LDAP error that is occuring in ES nodes. The error we receive in Kibana is Request Timeout after 3000ms. The following is the error we are receiving in the kibana logs:
{"type":"log","@timestamp":"2018-07-21T07:55:25Z","tags":["status","plugin:logstash@6.2.3","error"],"pid":76720,"state":"red","message":"Status changed from red to red - [security_exception] unable to authenticate user [*******] for REST request [/_xpack], with { header={ WWW-Authenticate=\"Basic realm=\\\"security\\\" charset=\\\"UTF-8\\\"\" } }","prevState":"red","prevMsg":"Request Timeout after 3000ms"}
{"type":"log","@timestamp":"2018-07-21T07:55:25Z","tags":["warning","monitoring-ui","kibana-monitoring"],"pid":76720,"message":"Unable to fetch data from kibana_settings collector"}
{"type":"error","@timestamp":"2018-07-21T07:55:25Z","tags":["warning","monitoring-ui","kibana-monitoring"],"pid":76720,"level":"error","error":{"message":"[security_exception] unable to authenticate user [*******] for REST request [/.kibana/_search?ignore_unavailable=true&filter_path=aggregations.types.buckets], with { header={ WWW-Authenticate=\"Basic realm=\\\"security\\\" charset=\\\"UTF-8\\\"\" } }","name":"Error","stack":"[security_exception] unable to authenticate user [*******] for REST request [/.kibana/_search?ignore_unavailable=true&filter_path=aggregations.types.buckets], with { header={ WWW-Authenticate=\"Basic realm=\\\"security\\\" charset=\\\"UTF-8\\\"\" } } :: {\"path\":\"/.kibana/_search\",\"query\":{\"ignore_unavailable\":true,\"filter_path\":\"aggregations.types.buckets\"},\"body\":\"{\\\"size\\\":0,\\\"query\\\":{\\\"terms\\\":{\\\"type\\\":[\\\"dashboard\\\",\\\"visualization\\\",\\\"search\\\",\\\"index-pattern\\\",\\\"graph-workspace\\\",\\\"timelion-sheet\\\"]}},\\\"aggs\\\":{\\\"types\\\":{\\\"terms\\\":{\\\"field\\\":\\\"type\\\",\\\"size\\\":6}}}}\",\"statusCode\":401,\"response\":\"{\\\"error\\\":{\\\"root_cause\\\":[{\\\"type\\\":\\\"security_exception\\\",\\\"reason\\\":\\\"unable to authenticate user [*******] for REST request [/.kibana/_search?ignore_unavailable=true&filter_path=aggregations.types.buckets]\\\",\\\"header\\\":{\\\"WWW-Authenticate\\\":\\\"Basic realm=\\\\\\\"security\\\\\\\" charset=\\\\\\\"UTF-8\\\\\\\"\\\"}}],\\\"type\\\":\\\"security_exception\\\",\\\"reason\\\":\\\"unable to authenticate user [*******] for REST request [/.kibana/_search?ignore_unavailable=true&filter_path=aggregations.types.buckets]\\\",\\\"header\\\":{\\\"WWW-Authenticate\\\":\\\"Basic realm=\\\\\\\"security\\\\\\\" charset=\\\\\\\"UTF-8\\\\\\\"\\\"}},\\\"status\\\":401}\",\"wwwAuthenticateDirective\":\"Basic realm=\\\"security\\\" charset=\\\"UTF-8\\\"\"}\n at respond (/opt/appl/kibana/node_modules/elasticsearch/src/lib/transport.js:295:15)\n at checkRespForFailure (/opt/appl/kibana/node_modules/elasticsearch/src/lib/transport.js:254:7)\n at HttpConnector.<anonymous> (/opt/appl/kibana/node_modules/elasticsearch/src/lib/connectors/http.js:159:7)\n at IncomingMessage.bound (/opt/appl/kibana/node_modules/elasticsearch/node_modules/lodash/dist/lodash.js:729:21)\n at emitNone (events.js:91:20)\n at IncomingMessage.emit (events.js:185:7)\n at endReadableNT (_stream_readable.js:974:12)\n at _combinedTickCallback (internal/process/next_tick.js:80:11)\n at process._tickDomainCallback (internal/process/next_tick.js:128:9)"},"message":"[security_exception] unable to authenticate user [*******] for REST request [/.kibana/_search?ignore_unavailable=true&filter_path=aggregations.types.buckets], with { header={ WWW-Authenticate=\"Basic realm=\\\"security\\\" charset=\\\"UTF-8\\\"\" } }"}