Security error in Elasticsearch after X-Pack install

I just set up an ELK version 5.5.2 server that was successfully receiving winlogbeat and syslog messages.

I just installed XPack and now I don't see any of my logs in Kibana. When I try to get my cluster health with "curl -XGET 'localhost:9200/_xpack/security/user?pretty'", I get an error

""error" : {
"root_cause" : [
"type" : "security_exception",
"reason" : "missing authentication token for REST request [/_xpack/security/user?pretty]",

I've reset the default password for the elastic, kibana and logstash_system users. I've updated the kibana.yml file with the new kibana password. I've also created a new user called support.

I think this has something to do with the fact that all my requests need to be associated with a user, but I'm not sure how to get that configured. I think I've set everything up properly from the documentation.

Any help would be hot.

You need to send basic authentication via curl using -u <username>:<password>.

kibana need add user add passowrd connect to es cluster in kibana.yml configure file

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.