LDAP integrated ELK with Shield

Yes this is the only realm I have enabled. For role mapping I have used uid and in realm configuration attribute as mail.
Yes, in the elasticsearch-access log I do see these entries -
So is this configuration correct ?

[2016-06-21 17:25:21,115] [Night Nurse] [transport] [access_granted] origin_type=[rest], origin_address=[127.0.0.1], principal=[vinodar3@in.ibm.com], action=[indices:data/read/search[phase/query+fetch]], indices=[.kibana]
[2016-06-21 17:25:21,529] [Night Nurse] [rest] [authentication_failed] origin_address=[9.126.112.35], principal=[AVJBYJ744], uri=[/_nodes/http]
[2016-06-21 17:25:23,198] [Night Nurse] [rest] [authentication_failed] origin_address=[9.126.112.35], principal=[AVJBYJ744], uri=[/_nodes/http]
[2016-06-21 17:25:23,622] [Night Nurse] [transport] [access_granted] origin_type=[rest], origin_address=[127.0.0.1], principal=[vinodar3@in.ibm.com], action=[cluster:monitor/nodes/info]

To me this looks correct. vinodar3@in.ibm.com is authenticating and being authorized and AVJBYJ744 is not (its not a email address...).

Thanks, now I do not see any exception in elastic search logs, logstash and kibana logs.

Hi ,

Now I am trying to configure 2 nodes ELK cluster with Shield plugin enabled but cluster status says its yellow. When I check the cluster status its NOT showing me 2 nodes where as I have configured unique cluster name. Also tried using unicast and multicast option but no luck.

Am I missing anything ?

@vienodp please open a new issue as this is something different. Also, when you open the issue please include all details such as versions, configuration from both nodes, and any messages from the logs such as exceptions.

Ok , I have created new issue for that.