Kibana "Reindex" Failed

Elasticsearch and Kibana was running with 5.x for some time and I've updated to 6.x after some pain, the next logical jump is to 7.0.

Following the documentation, I understand that I need to reindex my indicies via the 7.0 upgrade wizard, however I'm experiencing some massive issues with doing this.

Clicking the button that says "Reindex" it asks me to confirm that the _all field will be removed, and I accept this and click "Continue with Reindex" then select "Run reindex" - At this point, it changes from blue to grey and then back to blue.

Going back to the Kibana console, the reindex button says "Failed" but there's no additional information as to why it failed.

Where's a good place to start? Looking at the logs I cannot see anything that would indicate a problem.

If you click on the button with "Failed", do you see the failure details in the flyover?

Hi @tylersmalley - Unfortunately not, I don't see anything pop up that indicates a problem at all, it just allows me to run the reindex again! Quite frustrating! Where would I find the specific log that would detail UI errors?

Can I get the response from this API call?


(You will need to replace http://localhost:5601 with the URL to your Kibana instance.)

@tylersmalley - Just ran that command and the following response was provided:


I'm not sure what I was expecting but that looks overly positive, sadly!

So I ran kibana again from the console and hitting the button to reindex seems to generate the below:

 error  [14:37:29.949]  [cluster_block_exception] blocked by: [FORBIDDEN/8/index
 write (api)]; :: {"path":"/.kibana/doc/upgrade-assistant-telemetry%3Aupgrade-as
":"{\"script\":{\"source\":\"\\n              if (ctx._source[params.type][param
s.counterFieldName] == null) {\\n                ctx._source[params.type][params
.counterFieldName] = params.count;\\n              }\\n              else {\\n
              ctx._source[params.type][params.counterFieldName] += params.count;
\\n              }\\n              ctx._source.updated_at = params.time;\\n
\":\"cluster_block_exception\",\"reason\":\"blocked by: [FORBIDDEN/8/index write
 (api)];\"}],\"type\":\"cluster_block_exception\",\"reason\":\"blocked by: [FORB
IDDEN/8/index write (api)];\"},\"status\":403}"}
    at respond (C:\ELK-6.8.1\Kibana\node_modules\elasticsearch\src\lib\transport
    at checkRespForFailure (C:\ELK-6.8.1\Kibana\node_modules\elasticsearch\src\l
    at HttpConnector.<anonymous> (C:\ELK-6.8.1\Kibana\node_modules\elasticsearch
    at IncomingMessage.wrapper (C:\ELK-6.8.1\Kibana\node_modules\elasticsearch\n
    at IncomingMessage.emit (events.js:194:15)
    at endReadableNT (_stream_readable.js:1103:12)
    at process._tickCallback (internal/process/next_tick.js:63:19)

Does that mean anything?

What user are you logged in as, what roles or privileges does it have? Looks like your getting forbidden write exceptions.

There's no RBAC at all on the cluster, its completely open - Very strange indeed!

I ran the following on the Elasticsearch cluster:

elasticsearch-users list
No users found

I then tried using Kibana dev tools with:
GET /_security/user

which generated the below expected response:

  "error": {
    "root_cause": [
        "type": "exception",
        "reason": "Security must be explicitly enabled when using a [basic] license. Enable security by setting [] to [true] in the elasticsearch.yml file and restart the node."
    "type": "exception",
    "reason": "Security must be explicitly enabled when using a [basic] license. Enable security by setting [] to [true] in the elasticsearch.yml file and restart the node."
  "status": 500

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.