I am setting up a forensics virtual training environment where the system date/time is in May 2016. A lot of the basic features are turned off and the Beats agents are not able to communicate. the Elasticsearch basic license status is "invalid" and has an issue_date or 2018-06. Would this date abnormality cause it to malfunction? If so, is there anything I can do to modify the license?
If it's 6.3 or higher (and it looks like it is), then you can probably solve it by causing the basic license to be generated while the date has been set back to 2016.
If can you rebuild the whole cluster from scratch, then make sure you set the date to 2016 before you start up your first node.
I first noticed the problem when I was trying to get two Elasticsearch nodes to recognize each other. While troubleshooting, I was trying to determine if it were a network/firewall issue or a configuration issue. I spun up another VM for Kibana which picked up the primary Elasticsearch node immediately. When I went in to see the cluster information via the Kibana interface it says "permission error: You do not have permission to view or add remote clusters."
Followed by a popup in the bottom right-hand corner saying: Error refreshing remote clusters 403: Forbidden. You cannot use Remote Clusters because your basic license has expired
ES Version is 7.0.0. I believe I have tried to regenerate the basic license to no avail. I ran "curl -uelastic -XPOST 'http://10.21.5.14:9200/_xpack/license/start_basic'" with seemingly no effect on the license.
I've tried to rebuild several times, and the license date seems to remain the same. I assumed that it was the earliest date that this version could be valid for. Is there any way I can delete the existing license?
I will try to start a trial license and then revert.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.