Kibana not working after setting up minimal security

wes.campbell · June 16, 2022, 10:12pm

I have the below setup for Elasticsearch

I have the below setup for Kibana
server.host: "0.0.0.0"
Elasticsearch.username: "kibana_system"
Elasticsearch.logQueries: true
logging.dest: D:\Elastic\kibana-7.17.0\Logs\stdout
logging.verbose: true

I have run "Elasticsearch-setup-passwords auto" (backed up the passwords to a notepad)
Started Elasticsearch service and logged in using "elastic" and the provided password.
Elasticsearch works

I then ran the following:
"kibana-keystore create"
"kibana-keystore add Elasticsearch.password" (entered kibana_system password provided by the password setup)
started Kibana service.
I get the following with no login prompt. Just blank.

bhavyarm · June 17, 2022, 7:21pm

Hello,

Can you try to access Kibana in incognito window? @azasypkin for further help.

Thanks,
Bhavya

azasypkin · June 20, 2022, 6:58am

Hi @wes.campbell ,

What do you see in Kibana logs? Also is capital E letter in Elasticsearch.password and other Elasticsearch related settings a typo in a message or this is what you used in configuration? All settings should be in a lower case.

Best,
Oleg

wes.campbell · June 20, 2022, 9:43pm

I ran the command again. But, this time using "kibana-keystore add Elasticsearch" (The "e" is lowercase but for some reason it is showing here as "E"). Same issue.
The Elasticsearch settings is what I currently have in the config.

azasypkin · June 21, 2022, 7:42am

Okay, so what do you have in Kibana logs (all logs starting from the moment when you start Kibana)?

wes.campbell · June 21, 2022, 4:45pm

The following are the only "warning" logs. All others are either "debug" or "info"

{"type":"log","@timestamp":"2022-06-21T11:30:11-05:00","tags":["warning","config","deprecation"],"pid":12368,"message":"\"logging.dest\" has been deprecated and will be removed in 8.0. To set the destination moving forward, you can use the \"console\" appender in your logging configuration or define a custom one."}
{"type":"log","@timestamp":"2022-06-21T11:30:11-05:00","tags":["warning","config","deprecation"],"pid":12368,"message":"\"logging.verbose\" has been deprecated and will be removed in 8.0. Moving forward, you can use \"logging.root.level:all\" in your logging configuration."}
{"type":"log","@timestamp":"2022-06-21T11:30:11-05:00","tags":["warning","config","deprecation"],"pid":12368,"message":"Starting in 8.0, the Kibana logging format will be changing. This may affect you if you are doing any special handling of your Kibana logs, such as ingesting logs into Elasticsearch for further analysis. If you are using the new logging configuration, you are already receiving logs in both old and new formats, and the old format will simply be going away. If you are not yet using the new logging configuration, the log format will change upon upgrade to 8.0. Beginning in 8.0, the format of JSON logs will be ECS-compatible JSON, and the default pattern log format will be configurable with our new logging system. Please refer to the documentation for more information about the new logging format."}
{"type":"log","@timestamp":"2022-06-21T11:30:11-05:00","tags":["warning","config","deprecation"],"pid":12368,"message":"Setting [elasticsearch.logQueries] is deprecated and no longer used. You should set the log level to \"debug\" for the \"elasticsearch.queries\" context in \"logging.loggers\" or use \"logging.verbose: true\"."}
{"type":"log","@timestamp":"2022-06-21T11:30:11-05:00","tags":["warning","config","deprecation"],"pid":12368,"message":"The default mechanism for Reporting privileges will work differently in future versions, which will affect the behavior of this cluster. Set \"xpack.reporting.roles.enabled\" to \"false\" to adopt the future behavior before upgrading."}
{"type":"log","@timestamp":"2022-06-21T11:30:11-05:00","tags":["warning","config","deprecation"],"pid":12368,"message":"User sessions will automatically time out after 8 hours of inactivity starting in 8.0. Override this value to change the timeout."}
{"type":"log","@timestamp":"2022-06-21T11:30:11-05:00","tags":["warning","config","deprecation"],"pid":12368,"message":"Users are automatically required to log in again after 30 days starting in 8.0. Override this value to change the timeout."}
{"type":"log","@timestamp":"2022-06-21T11:30:12-05:00","tags":["warning","plugins","security","config"],"pid":12368,"message":"Generating a random key for xpack.security.encryptionKey. To prevent sessions from being invalidated on restart, please set xpack.security.encryptionKey in the kibana.yml or use the bin/kibana-encryption-keys command."}
{"type":"log","@timestamp":"2022-06-21T11:30:12-05:00","tags":["warning","plugins","security","config"],"pid":12368,"message":"Session cookies will be transmitted over insecure connections. This is not recommended."}
{"type":"log","@timestamp":"2022-06-21T11:30:12-05:00","tags":["warning","plugins","security","config"],"pid":12368,"message":"Generating a random key for xpack.security.encryptionKey. To prevent sessions from being invalidated on restart, please set xpack.security.encryptionKey in the kibana.yml or use the bin/kibana-encryption-keys command."}
{"type":"log","@timestamp":"2022-06-21T11:30:12-05:00","tags":["warning","plugins","security","config"],"pid":12368,"message":"Session cookies will be transmitted over insecure connections. This is not recommended."}
{"type":"log","@timestamp":"2022-06-21T11:30:12-05:00","tags":["warning","plugins","reporting","config"],"pid":12368,"message":"Generating a random key for xpack.reporting.encryptionKey. To prevent sessions from being invalidated on restart, please set xpack.reporting.encryptionKey in the kibana.yml or use the bin/kibana-encryption-keys command."}
{"type":"log","@timestamp":"2022-06-21T11:30:12-05:00","tags":["warning","plugins","encryptedSavedObjects"],"pid":12368,"message":"Saved objects encryption key is not set. This will severely limit Kibana functionality. Please set xpack.encryptedSavedObjects.encryptionKey in the kibana.yml or use the bin/kibana-encryption-keys command."}
{"type":"log","@timestamp":"2022-06-21T11:30:12-05:00","tags":["warning","plugins","actions"],"pid":12368,"message":"APIs are disabled because the Encrypted Saved Objects plugin is missing encryption key. Please set xpack.encryptedSavedObjects.encryptionKey in the kibana.yml or use the bin/kibana-encryption-keys command."}
{"type":"log","@timestamp":"2022-06-21T11:30:12-05:00","tags":["warning","plugins","alerting"],"pid":12368,"message":"APIs are disabled because the Encrypted Saved Objects plugin is missing encryption key. Please set xpack.encryptedSavedObjects.encryptionKey in the kibana.yml or use the bin/kibana-encryption-keys command."}

azasypkin · June 22, 2022, 6:50am

The following are the only "warning" logs. All others are either "debug" or "info"

Yeah, it'd be great to see the full log, we don't need DEBUG logs, but we need logs indicating Kibana could or couldn't connect to Elasticsearch, these have INFO level.

Also have you tried other browsers? Do you see any errors in the browser's Dev Tools console?

wes.campbell · June 22, 2022, 5:55pm

I have been getting that screen when opening kibana locally on the server. When I load the site remotely I get the login prompt and the credentials work. I should have checked that initially. Sorry for wasting you're time.

azasypkin · June 22, 2022, 6:28pm

No worries, glad you've sorted it out!

system · July 20, 2022, 6:29pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.