Kibana Logs Authentication Failure

Echo_01 · March 25, 2025, 3:02pm

Kibana is generating failure logs like the following:

[2025-03-25T15:49:06.652+01:00][INFO ][plugins.security.authentication] Authentication attempt failed: {"error":{"root_cause":[{"type":"security_exception","reason":"unable to authenticate user [elastic] for REST request [/_security/_authenticate]","header":{"WWW-Authenticate":["Basic realm=\"security\" charset=\"UTF-8\"","Bearer realm=\"security\"","ApiKey"]}}],"type":"security_exception","reason":"unable to authenticate user [elastic] for REST request [/_security/_authenticate]","header":{"WWW-Authenticate":["Basic realm=\"security\" charset=\"UTF-8\"","Bearer realm=\"security\"","ApiKey"]}},"status":401}

I cannot find an 'elastic' user defined anywhere in the Kibana configuration.

Can anyone point me in the direction of the configuration for [plugins.security.authentication] ?

Topic		Replies	Views
Help with Failed to authenticate user error for elastic Kibana	2	5290	December 12, 2019
Failed to authenticate user [elastic] on Kibana v.6.4.0 Elasticsearch elastic-stack-security	2	1342	December 9, 2018
Authentication of [kibana_system] was terminated by realm [reserved] - failed to authenticate user [kibana_system] Elasticsearch elastic-stack-security	6	13303	August 10, 2022
Error in custom plugin of Kibana Kibana	20	745	August 6, 2019
Error authenticating user: {"error":{"root_cause":[{"type":"security_exception","reason":"unable to authenticate user [elastic] for REST Elastic Search	8	60	March 27, 2025

Kibana Logs Authentication Failure

Related topics