Hi after restart of VM where is elasticsearch node install my kibana dont work. Kibana is not ready yet.
if i try command: journalctl -u kibana -xe
i get this message:
Aug 20 12:16:15 dca-siem-01 kibana[32809]: [2024-08-20T12:16:15.021+00:00][ERROR][elasticsearch-service] Unable to retrieve version information from Elastic>
I try connection from kibana to elastic node with curl:
curl -u <username>:<password> https://localhost:9200 --insecure -v
* Trying 10.0.9.51:9200...
* Connected to 10.0.9.51 (10.0.9.51) port 9200 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* CAfile: /etc/ssl/certs/ca-certificates.crt
* CApath: /etc/ssl/certs
* TLSv1.0 (OUT), TLS header, Certificate Status (22):
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS header, Finished (20):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (OUT), TLS header, Unknown (21):
* TLSv1.3 (OUT), TLS alert, unknown CA (560):
* SSL certificate problem: self-signed certificate in certificate chain
* Closing connection 0
curl: (60) SSL certificate problem: self-signed certificate in certificate chain
More details here: https://curl.se/docs/sslcerts.html
curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
i try to turn off https and auth.
elasticsearch.hosts: ["http://10.0.9.51:9200"]
elasticsearch.ssl.verificationMode: none
# Enable security features
xpack.security.enabled: false
xpack.security.enrollment.enabled: true
# Enable encryption for HTTP API client connections, such as Kibana, Logstash, and Agents
xpack.security.http.ssl:
enabled: false
keystore.path: certs/http.p12
# Enable encryption and mutual authentication between cluster nodes
xpack.security.transport.ssl:
enabled: true
verification_mode: certificate
keystore.path: certs/elastic-certificates.p12
truststore.path: certs/elastic-certificates.p12
then i try curl on http
curl -X GET "http://10.0.9.51:9200?pretty"
{
"name" : "dca-elk-n1",
"cluster_name" : "dca",
"cluster_uuid" : "bu8hl9gXQN2YCUqbyBi3PQ",
"version" : {
"number" : "8.13.2",
"build_flavor" : "default",
"build_type" : "deb",
"build_hash" : "16cc90cd2d08a3147ce02b07e50894bc060a4cbf",
"build_date" : "2024-04-05T14:45:26.420424304Z",
"build_snapshot" : false,
"lucene_version" : "9.10.0",
"minimum_wire_compatibility_version" : "7.17.0",
"minimum_index_compatibility_version" : "7.0.0"
},
"tagline" : "You Know, for Search"
}
can someone help what is the problem what can i do more ?