Security exception Shield

security

(bowow) #1

Hi,
I have shield with ES and Kibana enabled. I am trying to analyze twitter data using elasticsearch. My config file looks like the following:

Twttter

input {
twitter {
consumer_key => "<>"
consumer_secret => "<>"
oauth_token => "<>"
oauth_token_secret => "<>"
keywords => ["#Amp"]
full_tweet => "true"
}
}
filter {

}

output {
elasticsearch {
hosts => "10.10.20.111"
index => "twitter"
document_type => "real"
}
#stdout { codec => rubydebug }

}

When i run the twitter.conf file, I get the following error:

[401] {"error":{"root_cause":[{"type":"security_exception","reason":"missing authentication token for REST request [/_template/logstash]","header":{"WWW-Authenticate":"Basic realm="shield" charset="UTF-8""}}],"type":"security_exception","reason":"missing authentication token for REST request [/_template/logstash]","header":{"WWW-Authenticate":"Basic realm="shield" charset="UTF-8""}},"status":401} {:class=>"Elasticsearch::Transport::Transport::Errors::Unauthorized", :level=>:error}


(Tim Vernum) #2

When you install shield into elasticsearch, you require that all requests into elasticsearch provide a username+password (*)

You need to update your logstash config to have appropriate security credentials:
Please read https://www.elastic.co/guide/en/shield/2.4/logstash.html (you should switch the version of the docs so that it matches your version of shield)

(*) There are options to disable that, but since the purpose of shield is to provide security, you probably don't want to turn it off.


(system) #3

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.