Security error in Elasticsearch after X-Pack install


I just set up an ELK version 5.5.2 server that was successfully receiving winlogbeat and syslog messages.

I just installed XPack and now I don't see any of my logs in Kibana. When I try to get my cluster health with "curl -XGET 'localhost:9200/_xpack/security/user?pretty'", I get an error

""error" : {
"root_cause" : [
"type" : "security_exception",
"reason" : "missing authentication token for REST request [/_xpack/security/user?pretty]",

I've reset the default password for the elastic, kibana and logstash_system users. I've updated the kibana.yml file with the new kibana password. I've also created a new user called support.

I think this has something to do with the fact that all my requests need to be associated with a user, but I'm not sure how to get that configured. I think I've set everything up properly from the documentation.

Any help would be hot.

(Jason Tedor) #2

You need to send basic authentication via curl using -u <username>:<password>.

(andy_zhou) #3

kibana need add user add passowrd connect to es cluster in kibana.yml configure file

(system) #4

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.