Kibana login


(André De Martini) #1

Hey guys.
I installed shield to my elk server, but now i cannot access my kibana anymore.

I did all that this ( tutorial ask for, but the kibana page always says that the username or the password is wrong.

I am sure that the user/password is correct because I use it to check/add users with the command " POST _shield/user".

GET http://localhost:9200/_shield/user Enter username for shield at localhost:9200: amartini Password: {"amartini":{"username":"amartini","roles":["admin"],"full_name":null,"email":null,"metadata":#{}}}[

file: elasticsearch.yml /export/stack path.logs: /export/logs/elasticsearch localhost shield.audit.enabled: true

file: kibana.yml "localhost" elasticsearch.url: "https://localhost:9200" elasticsearch.username: "kibana" elasticsearch.password: "abc123" server.ssl.cert: /etc/ssl/certs/Wildcard-fcl-SHA2.cert server.ssl.key: /etc/ssl/certs/Wildcard-fcl-SHA2.key /etc/ssl/certs/Wildcard-fcl-SHA2.pem logging.dest: /export/logs/kibana/kibana.log

Please help me =(

(Mark Walkom) #2

Check the access logs in ES and it should give you some details on what is happening.

(André De Martini) #3

The only log that is being populated is the elasticsearch-access.log.
It is logging this message every 2 seconds:
[2016-05-03 10:14:58,624] [Midas] [rest] [anonymous_access_denied] origin_address=[edited:MYIP], uri=[/_bulk]

(André De Martini) #4

Dont know if it helps but this log message occurs even if kibana is down.
I tough that only the kibana ask information from ES.

(Mark Walkom) #5

It could be Logstash.

(system) #6