Trouble setting up TLS in Kibana with Docker

Cyberdemic · September 26, 2020, 6:19am

I'm trying to setup ELK stack in Docker Swarm following this guide with some modifications.

I've tried a number of different options, and while it's helped me learn more of ELK, I still haven't managed to get it working. Here is what i'm after:

I want to enable transport TLS, which from what I under stand is encryption internally between nodes? As well as TLS for http to be able to access Kibana on "https://<domain_name>.com"

My steps to install:

Deploy create-certs.yml file and remove when finished.
Deploy stack-elk.yml file.
Create passwords for built-in users
a. bin/elasticsearch-setup-passwords auto --batch --url https://es01:9200
Change password in elastic_pass.txt and ELASTICSEARCH_PASSWORD in kibana service.
Remove stack-elk.yml file and redeploy.

create-certs.yml

version: '3.7'

volumes:

  elk-certs:

configs:

  instance_config:

    file: ./elasticsearch/instances.yml

networks:

  elk:

    driver: overlay

services:

  create_certs:

    image: docker.elastic.co/elasticsearch/elasticsearch:7.9.1

    networks:

      - elk

    volumes:

      - type: bind

        source: /mnt/elk-certs

        target: /certs

    configs:

      - source: instance_config

        target: /usr/share/elasticsearch/config/certificates/instances.yml

    command: >

      bash -c '

        yum install -y -q -e 0 unzip;

        if [[ ! -f /certs/bundle.zip ]]; then

          bin/elasticsearch-certutil cert --silent --keep-ca-key ca --pem --in config/certificates/instances.yml -out /certs/bundle.zip;

          unzip /certs/bundle.zip -d /certs;

        fi;

        chown -R 1000:0 /certs

        ls -la /certs

      '

    user: "0"

    working_dir: /usr/share/elasticsearch

    deploy:

      placement:

        constraints:

          - node.labels.type == primary

stack-elk.yml

version: '3.7'

x-default-opts:
  &default-opts
  logging:
    options:
      max-size: "1m"

configs:
  elastic_limits_config:
    file: ./elasticsearch/config/limits.conf
  elastic_systemd_override:
    file: ./elasticsearch/config/override.conf
  logstash_config:
    file: ./logstash/config/logstash.yml
  logstash_pipeline:
    file: ./logstash/pipeline/logstash.conf

networks:
  elk:
    driver: overlay
    driver_opts: 
      encrypted: "true" 
  traefik-public:
    external: true

volumes:
  elk-certs:
  elk-data:

secrets:
  elastic_pass:
    file: ./elastic_pass.txt
  kibana_system_pass:
    file: ./kibana_system_pass.txt


services:
  es01:
    <<: *default-opts
    image: docker.elastic.co/elasticsearch/elasticsearch:7.9.1  
    ports:
      - "9200:9200"  
      - "9300:9300"  
    configs:
      - source: elastic_limits_config
        target: /etc/security/limits.conf
      - source: elastic_systemd_override
        target: /etc/systemd/system/elasticsearch.service.d/override.conf
    secrets:
      - source: elastic_pass
        target: elastic_pass_secret
        uid: '103'
        gid: '103'
        mode: 0400
    volumes:
      - type: bind
        source: /gluster/volume/elk-certs 
        target: /usr/share/elasticsearch/config/certificates
      - type: bind
        source: /gluster/volume/elk-data
        target: /usr/share/elasticsearch/data
    environment:
      node.name: es01
      discovery.type: ''  
      discovery.seed_hosts: es01
      cluster.name: docker-cluster
      cluster.initial_master_nodes: es01
      network.host: 0.0.0.0
      ES_JAVA_OPTS: "-Xmx512m -Xms512m" 
      ELASTIC_PASSWORD_FILE: /run/secrets/elastic_pass_secret
      MAX_LOCKED_MEMORY: unlimited
      xpack.monitoring.collection.enabled: "true"
      xpack.license.self_generated.type: basic
      xpack.security.enabled: "true"
      xpack.security.http.ssl.enabled: "true"
      xpack.security.http.ssl.key: /usr/share/elasticsearch/config/certificates/es01/es01.key
      xpack.security.http.ssl.certificate: /usr/share/elasticsearch/config/certificates/es01/es01.crt
      xpack.security.http.ssl.certificate_authorities: /usr/share/elasticsearch/config/certificates/ca/ca.crt
      # xpack.security.http.ssl.certificate_authorities: /usr/share/elasticsearch/config/certificates/ca/elasticsearch-ca.pem
      xpack.security.http.ssl.verification_mode: certificate

      xpack.security.transport.ssl.enabled: "true"
      xpack.security.transport.ssl.verification_mode: certificate  
      xpack.security.transport.ssl.certificate_authorities: /usr/share/elasticsearch/config/certificates/ca/ca.crt
      # xpack.security.transport.ssl.certificate_authorities: /usr/share/elasticsearch/config/certificates/ca/elasticsearch-ca.pem
      xpack.security.transport.ssl.certificate: /usr/share/elasticsearch/config/certificates/es01/es01.crt
      xpack.security.transport.ssl.key: /usr/share/elasticsearch/config/certificates/es01/es01.key

      # xpack.security.transport.ssl.keystore.path: /usr/share/elasticsearch/config/certificates/es01/http.p12
      # xpack.security.transport.ssl.truststore.path: /usr/share/elasticsearch/config/certificates/es01/http.p12
    networks:
      - elk
    healthcheck:
      test: curl --cacert /usr/share/elasticsearch/config/certificates/ca/ca.crt -s https://localhost:9200 >/dev/null; if [[ $$? == 52 ]]; then echo 0; else echo 1; fi
      interval: 30s
      timeout: 10s
      retries: 5
    deploy:
      mode: replicated
      replicas: 1 
      restart_policy:
        condition: on-failure
        delay: 10s
        max_attempts: 5
        window: 60s
      resources:
        limits:
          memory: 1G 


  logstash:
    <<: *default-opts
    image: docker.elastic.co/logstash/logstash:7.9.1  
    ports:
      - "5000:5000"
      - "9600:9600"
    secrets:
    - source: elastic_pass
      target: elastic_pass_secret
      uid: '103'
      gid: '103'
      mode: 040
    configs:
      - source: logstash_config
        target: /usr/share/logstash/config/logstash.yml
      - source: logstash_pipeline
        target: /usr/share/logstash/pipeline/logstash.conf
    environment:
      LS_JAVA_OPTS: "-Xmx256m -Xms256m"
    volumes:
      - type: bind
        source: /gluster/volume/elk-certs
        target: /usr/share/elasticsearch/config/certificates
    networks:
      - elk
    deploy:
      mode: replicated
      replicas: 1


  kibana:
    <<: *default-opts
    image: docker.elastic.co/kibana/kibana:7.9.1  
    ports:
      - "5601:5601"
    environment:
      SERVER_NAME: kibana
      SERVER_HOST: 0.0.0.0
      SERVER_SSL_ENABLED: "true"
      SERVER_SSL_KEY: /usr/share/elasticsearch/config/certificates/kibana/kibana.key
      SERVER_SSL_CERTIFICATE: /usr/share/elasticsearch/config/certificates/kibana/kibana.crt
      # SERVER_SSL_KEYSTORE_PATH: /usr/share/elasticsearch/config/certificates/es01/http.p12
      # SERVER_SSL_TRUSTSTORE_PATH: /usr/share/elasticsearch/config/certificates/es01/http.p12
      # SERVER_SSL_CERTIFICATEAUTHORITIES: /usr/share/elasticsearch/config/certificates/ca/elasticsearch-ca.pem
      SERVER_SSL_CLIENTAUTHENTICATION: optional

      ELASTICSEARCH_USERNAME: kibana_system  
      ELASTICSEARCH_PASSWORD: kvv6nju4hLuI3eE7nbdr
      ELASTICSEARCH_HOSTS: https://es01:9200
      ELASTICSEARCH_URL: https://es01:9200
      ELASTICSEARCH_SSL_VERIFICATIONMODE: certificate
      ELASTICSEARCH_SSL_CERTIFICATEAUTHORITIES: /usr/share/elasticsearch/config/certificates/ca/ca.crt
      ELASTICSEARCH_REQUESTTIMEOUT: 60000
      # ELASTICSEARCH_SSL_CERTIFICATE: /usr/share/elasticsearch/config/certificates/kibana/kibana.crt
      # ELASTICSEARCH_SSL_KEY: /usr/share/elasticsearch/config/certificates/kibana/kibana.key
      # ELASTICSEARCH_SSL_CERTIFICATEAUTHORITIES: /usr/share/elasticsearch/config/certificates/ca/elasticsearch-ca.pem
      # ELASTICSEARCH_SSL_KEYSTORE_PATH: /usr/share/elasticsearch/config/certificates/es01/http.p12
      # ELASTICSEARCH_SSL_TRUSTSTORE_PATH: /usr/share/elasticsearch/config/certificates/es01/http.p12
      XPACK_SECURITY_HTTP_SSL_CLIENT_AUTHENTICATION: optional
      XPACK_SECURITY_ENABLED: "true"
      XPACK_SECURITY_ENCRYPTIONKEY: long string
      XPACK_ENCRYPTEDSAVEDOBJECTS_ENCRYPTIONKEY: long string
      XPACK_REPORTING_ENCRYPTIONKEY: long string
      MONITORING_UI_CONTAINER_ELASTICSEARCH_ENABLED: "true"
    volumes:
      - type: bind
        source: /gluster/volume/elk-certs
        target: /usr/share/elasticsearch/config/certificates
    depends_on:
      - es01
    networks:
      - elk
      - traefik-public 
    deploy:
      mode: replicated
      replicas: 1
      labels:
        traefik.enable: "true"
        traefik.docker.network: traefik-public
        traefik.constraint-label: traefik-public
        traefik.http.routers.kibana-http.rule: Host(`kibana.example.com`)
        traefik.http.routers.kibana-http.entrypoints: http
        traefik.http.routers.kibana-http.middlewares: https-redirect
        traefik.http.routers.kibana-https.rule: Host(`kibana.example.com`)
        traefik.http.routers.kibana-https.entrypoints: https
        traefik.http.routers.kibana-https.tls: "true"
        traefik.http.routers.kibana-https.tls.certresolver: le
        traefik.http.services.kibana.loadbalancer.server.port: 5601
        # Security Headers
        traefik.http.middlewares.kibana-headers.headers.framedeny: "true"
        traefik.http.middlewares.kibana-headers.headers.forceSTSHeader: "true"
        traefik.http.routers.kibana-https.middlewares: kibana-headers,admin-auth

Cyberdemic · September 26, 2020, 6:20am

Elasticsearch logs

elk_es01.1.4l7vwxtcmiyo@ddvc3    | {"type": "server", "timestamp": "2020-09-26T04:51:14,148Z", "level": "INFO", "component": "o.e.x.m.p.l.CppLogMessageHandler", "cluster.name": "docker-cluster", "node.name": "es01", "message": "[controller/411] [Main.cc@114] controller (64 bit): Version 7.9.1 (Build 6ed2566ba11bb5) Copyright (c) 2020 Elasticsearch BV" }
elk_es01.1.4l7vwxtcmiyo@ddvc3    | {"type": "server", "timestamp": "2020-09-26T04:51:15,054Z", "level": "INFO", "component": "o.e.x.s.a.s.FileRolesStore", "cluster.name": "docker-cluster", "node.name": "es01", "message": "parsed [0] roles from file [/usr/share/elasticsearch/config/roles.yml]" }
elk_es01.1.4l7vwxtcmiyo@ddvc3    | {"type": "server", "timestamp": "2020-09-26T04:51:16,904Z", "level": "INFO", "component": "o.e.d.DiscoveryModule", "cluster.name": "docker-cluster", "node.name": "es01", "message": "using discovery type [zen] and seed hosts providers [settings]" }
elk_es01.1.4l7vwxtcmiyo@ddvc3    | {"type": "server", "timestamp": "2020-09-26T04:51:17,668Z", "level": "WARN", "component": "o.e.g.DanglingIndicesState", "cluster.name": "docker-cluster", "node.name": "es01", "message": "gateway.auto_import_dangling_indices is disabled, dangling indices will not be automatically detected or imported and must be managed manually" }
elk_es01.1.4l7vwxtcmiyo@ddvc3    | {"type": "server", "timestamp": "2020-09-26T04:51:18,513Z", "level": "INFO", "component": "o.e.n.Node", "cluster.name": "docker-cluster", "node.name": "es01", "message": "initialized" }
elk_es01.1.4l7vwxtcmiyo@ddvc3    | {"type": "server", "timestamp": "2020-09-26T04:51:18,517Z", "level": "INFO", "component": "o.e.n.Node", "cluster.name": "docker-cluster", "node.name": "es01", "message": "starting ..." }
elk_es01.1.4l7vwxtcmiyo@ddvc3    | {"type": "server", "timestamp": "2020-09-26T04:51:18,698Z", "level": "INFO", "component": "o.e.t.TransportService", "cluster.name": "docker-cluster", "node.name": "es01", "message": "publish_address {10.0.0.118:9300}, bound_addresses {0.0.0.0:9300}" }
elk_es01.1.4l7vwxtcmiyo@ddvc3    | {"type": "server", "timestamp": "2020-09-26T04:51:19,153Z", "level": "INFO", "component": "o.e.b.BootstrapChecks", "cluster.name": "docker-cluster", "node.name": "es01", "message": "bound or publishing to a non-loopback address, enforcing bootstrap checks" }
elk_es01.1.4l7vwxtcmiyo@ddvc3    | {"type": "server", "timestamp": "2020-09-26T04:51:19,157Z", "level": "INFO", "component": "o.e.c.c.Coordinator", "cluster.name": "docker-cluster", "node.name": "es01", "message": "cluster UUID [PRYG3WzVQyShiRI_gBlc9Q]" }
elk_es01.1.4l7vwxtcmiyo@ddvc3    | {"type": "server", "timestamp": "2020-09-26T04:51:19,184Z", "level": "WARN", "component": "o.e.d.SeedHostsResolver", "cluster.name": "docker-cluster", "node.name": "es01", "message": "failed to resolve host [es01]",
elk_es01.1.4l7vwxtcmiyo@ddvc3    | "stacktrace": ["java.net.UnknownHostException: es01: Name or service not known",
elk_es01.1.4l7vwxtcmiyo@ddvc3    | "at java.net.Inet4AddressImpl.lookupAllHostAddr(Native Method) ~[?:?]",
elk_es01.1.4l7vwxtcmiyo@ddvc3    | "at java.net.InetAddress$PlatformNameService.lookupAllHostAddr(InetAddress.java:932) ~[?:?]",
elk_es01.1.4l7vwxtcmiyo@ddvc3    | "at java.net.InetAddress.getAddressesFromNameService(InetAddress.java:1505) ~[?:?]",
elk_es01.1.4l7vwxtcmiyo@ddvc3    | "at java.net.InetAddress$NameServiceAddresses.get(InetAddress.java:851) ~[?:?]",
elk_es01.1.4l7vwxtcmiyo@ddvc3    | "at java.net.InetAddress.getAllByName0(InetAddress.java:1495) ~[?:?]",
elk_es01.1.4l7vwxtcmiyo@ddvc3    | "at java.net.InetAddress.getAllByName(InetAddress.java:1354) ~[?:?]",
elk_es01.1.4l7vwxtcmiyo@ddvc3    | "at java.net.InetAddress.getAllByName(InetAddress.java:1288) ~[?:?]",
elk_es01.1.4l7vwxtcmiyo@ddvc3    | "at org.elasticsearch.transport.TcpTransport.parse(TcpTransport.java:548) ~[elasticsearch-7.9.1.jar:7.9.1]",
elk_es01.1.4l7vwxtcmiyo@ddvc3    | "at org.elasticsearch.transport.TcpTransport.addressesFromString(TcpTransport.java:490) ~[elasticsearch-7.9.1.jar:7.9.1]",
elk_es01.1.4l7vwxtcmiyo@ddvc3    | "at org.elasticsearch.transport.TransportService.addressesFromString(TransportService.java:855) ~[elasticsearch-7.9.1.jar:7.9.1]",
elk_es01.1.4l7vwxtcmiyo@ddvc3    | "at org.elasticsearch.discovery.SeedHostsResolver.lambda$resolveHostsLists$0(SeedHostsResolver.java:144) ~[elasticsearch-7.9.1.jar:7.9.1]",
elk_es01.1.4l7vwxtcmiyo@ddvc3    | "at java.util.concurrent.FutureTask.run(FutureTask.java:264) ~[?:?]",
elk_es01.1.4l7vwxtcmiyo@ddvc3    | "at org.elasticsearch.common.util.concurrent.ThreadContext$ContextPreservingRunnable.run(ThreadContext.java:651) ~[elasticsearch-7.9.1.jar:7.9.1]",
elk_es01.1.4l7vwxtcmiyo@ddvc3    | "at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1130) [?:?]",
elk_es01.1.4l7vwxtcmiyo@ddvc3    | "at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:630) [?:?]",
elk_es01.1.4l7vwxtcmiyo@ddvc3    | "at java.lang.Thread.run(Thread.java:832) [?:?]"] }
elk_es01.1.4l7vwxtcmiyo@ddvc3    | {"type": "server", "timestamp": "2020-09-26T04:51:19,288Z", "level": "INFO", "component": "o.e.c.s.MasterService", "cluster.name": "docker-cluster", "node.name": "es01", "message": "elected-as-master ([1] nodes joined)[{es01}{VRZ0v8esSimk8pF0-py03w}{6Rz8EtMfSZGzjgkylWs7qw}{10.0.0.118}{10.0.0.118:9300}{dilmrt}{ml.machine_memory=1073741824, xpack.installed=true, transform.node=true, ml.max_open_jobs=20} elect leader, _BECOME_MASTER_TASK_, _FINISH_ELECTION_], term: 4, version: 65, delta: master node changed {previous [], current [{es01}{VRZ0v8esSimk8pF0-py03w}{6Rz8EtMfSZGzjgkylWs7qw}{10.0.0.118}{10.0.0.118:9300}{dilmrt}{ml.machine_memory=1073741824, xpack.installed=true, transform.node=true, ml.max_open_jobs=20}]}" }
elk_es01.1.4l7vwxtcmiyo@ddvc3    | {"type": "server", "timestamp": "2020-09-26T04:51:19,489Z", "level": "INFO", "component": "o.e.c.s.ClusterApplierService", "cluster.name": "docker-cluster", "node.name": "es01", "message": "master node changed {previous [], current [{es01}{VRZ0v8esSimk8pF0-py03w}{6Rz8EtMfSZGzjgkylWs7qw}{10.0.0.118}{10.0.0.118:9300}{dilmrt}{ml.machine_memory=1073741824, xpack.installed=true, transform.node=true, ml.max_open_jobs=20}]}, term: 4, version: 65, reason: Publication{term=4, version=65}" }
elk_es01.1.4l7vwxtcmiyo@ddvc3    | {"type": "server", "timestamp": "2020-09-26T04:51:19,577Z", "level": "INFO", "component": "o.e.h.AbstractHttpServerTransport", "cluster.name": "docker-cluster", "node.name": "es01", "message": "publish_address {10.0.0.118:9200}, bound_addresses {0.0.0.0:9200}", "cluster.uuid": "PRYG3WzVQyShiRI_gBlc9Q", "node.id": "VRZ0v8esSimk8pF0-py03w"  }
elk_es01.1.4l7vwxtcmiyo@ddvc3    | {"type": "server", "timestamp": "2020-09-26T04:51:19,578Z", "level": "INFO", "component": "o.e.n.Node", "cluster.name": "docker-cluster", "node.name": "es01", "message": "started", "cluster.uuid": "PRYG3WzVQyShiRI_gBlc9Q", "node.id": "VRZ0v8esSimk8pF0-py03w"  }
elk_es01.1.4l7vwxtcmiyo@ddvc3    | {"type": "server", "timestamp": "2020-09-26T04:51:20,042Z", "level": "INFO", "component": "o.e.l.LicenseService", "cluster.name": "docker-cluster", "node.name": "es01", "message": "license [8539f833-9073-439c-85c1-4523f66682de] mode [basic] - valid", "cluster.uuid": "PRYG3WzVQyShiRI_gBlc9Q", "node.id": "VRZ0v8esSimk8pF0-py03w"  }
elk_es01.1.4l7vwxtcmiyo@ddvc3    | {"type": "server", "timestamp": "2020-09-26T04:51:20,045Z", "level": "INFO", "component": "o.e.x.s.s.SecurityStatusChangeListener", "cluster.name": "docker-cluster", "node.name": "es01", "message": "Active license is now [BASIC]; Security is enabled", "cluster.uuid": "PRYG3WzVQyShiRI_gBlc9Q", "node.id": "VRZ0v8esSimk8pF0-py03w"  }
elk_es01.1.4l7vwxtcmiyo@ddvc3    | {"type": "server", "timestamp": "2020-09-26T04:51:20,062Z", "level": "INFO", "component": "o.e.g.GatewayService", "cluster.name": "docker-cluster", "node.name": "es01", "message": "recovered [5] indices into cluster_state", "cluster.uuid": "PRYG3WzVQyShiRI_gBlc9Q", "node.id": "VRZ0v8esSimk8pF0-py03w"  }
elk_es01.1.4l7vwxtcmiyo@ddvc3    | {"type": "server", "timestamp": "2020-09-26T04:51:21,467Z", "level": "INFO", "component": "o.e.c.r.a.AllocationService", "cluster.name": "docker-cluster", "node.name": "es01", "message": "Cluster health status changed from [RED] to [GREEN] (reason: [shards started [[.monitoring-es-7-2020.09.26][0]]]).", "cluster.uuid": "PRYG3WzVQyShiRI_gBlc9Q", "node.id": "VRZ0v8esSimk8pF0-py03w"  }
elk_es01.1.4l7vwxtcmiyo@ddvc3    | {"type": "server", "timestamp": "2020-09-26T04:51:42,523Z", "level": "WARN", "component": "o.e.x.s.t.n.SecurityNetty4HttpServerTransport", "cluster.name": "docker-cluster", "node.name": "es01", "message": "http client did not trust this server's certificate, closing connection Netty4HttpChannel{localAddress=/10.0.106.3:9200, remoteAddress=/10.0.106.12:36700}", "cluster.uuid": "PRYG3WzVQyShiRI_gBlc9Q", "node.id": "VRZ0v8esSimk8pF0-py03w"  }
elk_es01.1.4l7vwxtcmiyo@ddvc3    | {"type": "server", "timestamp": "2020-09-26T04:51:47,743Z", "level": "WARN", "component": "o.e.x.s.t.n.SecurityNetty4HttpServerTransport", "cluster.name": "docker-cluster", "node.name": "es01", "message": "http client did not trust this server's certificate, closing connection Netty4HttpChannel{localAddress=/10.0.106.3:9200, remoteAddress=/10.0.106.12:36704}", "cluster.uuid": "PRYG3WzVQyShiRI_gBlc9Q", "node.id": "VRZ0v8esSimk8pF0-py03w"  }
elk_es01.1.4l7vwxtcmiyo@ddvc3    | {"type": "server", "timestamp": "2020-09-26T04:51:52,835Z", "level": "WARN", "component": "o.e.x.s.t.n.SecurityNetty4HttpServerTransport", "cluster.name": "docker-cluster", "node.name": "es01", "message": "http client did not trust this server's certificate, closing connection Netty4HttpChannel{localAddress=/10.0.106.3:9200, remoteAddress=/10.0.106.12:36708}", "cluster.uuid": "PRYG3WzVQyShiRI_gBlc9Q", "node.id": "VRZ0v8esSimk8pF0-py03w"  }
elk_es01.1.4l7vwxtcmiyo@ddvc3    | {"type": "server", "timestamp": "2020-09-26T04:51:57,897Z", "level": "WARN", "component": "o.e.x.s.t.n.SecurityNetty4HttpServerTransport", "cluster.name": "docker-cluster", "node.name": "es01", "message": "http client did not trust this server's certificate, closing connection Netty4HttpChannel{localAddress=/10.0.106.3:9200, remoteAddress=/10.0.106.12:36712}", "cluster.uuid": "PRYG3WzVQyShiRI_gBlc9Q", "node.id": "VRZ0v8esSimk8pF0-py03w"  }
elk_es01.1.4l7vwxtcmiyo@ddvc3    | {"type": "server", "timestamp": "2020-09-26T04:52:02,969Z", "level": "WARN", "component": "o.e.x.s.t.n.SecurityNetty4HttpServerTransport", "cluster.name": "docker-cluster", "node.name": "es01", "message": "http client did not trust this server's certificate, closing connection Netty4HttpChannel{localAddress=/10.0.106.3:9200, remoteAddress=/10.0.106.12:36716}", "cluster.uuid": "PRYG3WzVQyShiRI_gBlc9Q", "node.id": "VRZ0v8esSimk8pF0-py03w"  }
elk_es01.1.4l7vwxtcmiyo@ddvc3    | {"type": "server", "timestamp": "2020-09-26T04:52:08,032Z", "level": "WARN", "component": "o.e.x.s.t.n.SecurityNetty4HttpServerTransport", "cluster.name": "docker-cluster", "node.name": "es01", "message": "http client did not trust this server's certificate, closing connection Netty4HttpChannel{localAddress=/10.0.106.3:9200, remoteAddress=/10.0.106.12:36722}", "cluster.uuid": "PRYG3WzVQyShiRI_gBlc9Q", "node.id": "VRZ0v8esSimk8pF0-py03w"  }
elk_es01.1.4l7vwxtcmiyo@ddvc3    | {"type": "server", "timestamp": "2020-09-26T04:52:13,105Z", "level": "WARN", "component": "o.e.x.s.t.n.SecurityNetty4HttpServerTransport", "cluster.name": "docker-cluster", "node.name": "es01", "message": "http client did not trust this server's certificate, closing connection Netty4HttpChannel{localAddress=/10.0.106.3:9200, remoteAddress=/10.0.106.12:36724}", "cluster.uuid": "PRYG3WzVQyShiRI_gBlc9Q", "node.id": "VRZ0v8esSimk8pF0-py03w"  }
elk_es01.1.4l7vwxtcmiyo@ddvc3    | {"type": "server", "timestamp": "2020-09-26T04:52:18,163Z", "level": "WARN", "component": "o.e.x.s.t.n.SecurityNetty4HttpServerTransport", "cluster.name": "docker-cluster", "node.name": "es01", "message": "http client did not trust this server's certificate, closing connection Netty4HttpChannel{localAddress=/10.0.106.3:9200, remoteAddress=/10.0.106.12:36728}", "cluster.uuid": "PRYG3WzVQyShiRI_gBlc9Q", "node.id": "VRZ0v8esSimk8pF0-py03w"  }

Cyberdemic · September 26, 2020, 6:21am

Kibana logs - Adding ELASTICSEARCH_REQUESTTIMEOUT: 60000 prevented timeout errors i received. I can provide logs without this setting if that would be helpful.

 {"type":"log","@timestamp":"2020-09-26T05:14:30Z","tags":["warning","config","deprecation"],"pid":7,"message":"Config key [monitoring.cluster_alerts.email_notifications.email_address] will be required for email notifications to work in 8.0.\""}
    elk_kibana.1.gmlgyk612w9b@ddvc2    | {"type":"log","@timestamp":"2020-09-26T05:14:31Z","tags":["info","plugins-system"],"pid":7,"message":"Setting up [92] plugins: [usageCollection,telemetryCollectionManager,telemetry,telemetryCollectionXpack,kibanaUsageCollection,newsfeed,mapsLegacy,kibanaLegacy,taskManager,ossTelemetry,licensing,observability,globalSearch,globalSearchProviders,code,timelion,share,legacyExport,esUiShared,charts,bfetch,expressions,data,home,console,consoleExtensions,apmOss,cloud,management,upgradeAssistant,licenseManagement,indexPatternManagement,advancedSettings,watcher,searchprofiler,painlessLab,grokdebugger,savedObjects,visualizations,visualize,visTypeVislib,visTypeVega,visTypeTimeseries,visTypeTimelion,features,security,snapshotRestore,reporting,enterpriseSearch,encryptedSavedObjects,ingestManager,indexManagement,rollup,remoteClusters,crossClusterReplication,indexLifecycleManagement,beats_management,transform,ingestPipelines,graph,canvas,visTypeTagcloud,visTypeTable,visTypeMetric,visTypeMarkdown,tileMap,regionMap,inputControlVis,discover,discoverEnhanced,dashboard,lens,dashboardMode,savedObjectsManagement,spaces,lists,eventLog,actions,case,alerts,alertingBuiltins,ml,apm,uptime,fileUpload,maps,dataEnhanced,securitySolution,infra,monitoring,logstash,translations]"}
    elk_kibana.1.gmlgyk612w9b@ddvc2    | {"type":"log","@timestamp":"2020-09-26T05:14:32Z","tags":["info","plugins","monitoring","monitoring"],"pid":7,"message":"config sourced from: production cluster"}
    elk_kibana.1.gmlgyk612w9b@ddvc2    | {"type":"log","@timestamp":"2020-09-26T05:14:33Z","tags":["warning","plugins","reporting","config"],"pid":7,"message":"Chromium sandbox provides an additional layer of protection, but is not supported for Linux Centos 7.8.2003 OS. Automatically setting 'xpack.reporting.capture.browser.chromium.disableSandbox: true'."}
    elk_kibana.1.gmlgyk612w9b@ddvc2    | {"type":"log","@timestamp":"2020-09-26T05:14:34Z","tags":["info","savedobjects-service"],"pid":7,"message":"Waiting until all Elasticsearch nodes are compatible with Kibana before starting saved objects migrations..."}
    elk_kibana.1.gmlgyk612w9b@ddvc2    | {"type":"log","@timestamp":"2020-09-26T05:14:34Z","tags":["info","savedobjects-service"],"pid":7,"message":"Starting saved objects migrations"}
    elk_kibana.1.gmlgyk612w9b@ddvc2    | {"type":"log","@timestamp":"2020-09-26T05:14:34Z","tags":["info","plugins-system"],"pid":7,"message":"Starting [92] plugins: [usageCollection,telemetryCollectionManager,telemetry,telemetryCollectionXpack,kibanaUsageCollection,newsfeed,mapsLegacy,kibanaLegacy,taskManager,ossTelemetry,licensing,observability,globalSearch,globalSearchProviders,code,timelion,share,legacyExport,esUiShared,charts,bfetch,expressions,data,home,console,consoleExtensions,apmOss,cloud,management,upgradeAssistant,licenseManagement,indexPatternManagement,advancedSettings,watcher,searchprofiler,painlessLab,grokdebugger,savedObjects,visualizations,visualize,visTypeVislib,visTypeVega,visTypeTimeseries,visTypeTimelion,features,security,snapshotRestore,reporting,enterpriseSearch,encryptedSavedObjects,ingestManager,indexManagement,rollup,remoteClusters,crossClusterReplication,indexLifecycleManagement,beats_management,transform,ingestPipelines,graph,canvas,visTypeTagcloud,visTypeTable,visTypeMetric,visTypeMarkdown,tileMap,regionMap,inputControlVis,discover,discoverEnhanced,dashboard,lens,dashboardMode,savedObjectsManagement,spaces,lists,eventLog,actions,case,alerts,alertingBuiltins,ml,apm,uptime,fileUpload,maps,dataEnhanced,securitySolution,infra,monitoring,logstash,translations]"}
    elk_kibana.1.gmlgyk612w9b@ddvc2    | {"type":"log","@timestamp":"2020-09-26T05:14:34Z","tags":["info","plugins","taskManager","taskManager"],"pid":7,"message":"TaskManager is identified by the Kibana UUID: 4ed30124-9023-4253-9e59-fd262fd4c8dc"}
    elk_kibana.1.gmlgyk612w9b@ddvc2    | {"type":"log","@timestamp":"2020-09-26T05:14:38Z","tags":["info","plugins","watcher"],"pid":7,"message":"Your basic license does not support watcher. Please upgrade your license."}
    elk_kibana.1.gmlgyk612w9b@ddvc2    | {"type":"log","@timestamp":"2020-09-26T05:14:38Z","tags":["info","plugins","crossClusterReplication"],"pid":7,"message":"Your basic license does not support crossClusterReplication. Please upgrade your license."}
    elk_kibana.1.gmlgyk612w9b@ddvc2    | {"type":"log","@timestamp":"2020-09-26T05:14:38Z","tags":["info","plugins","monitoring","monitoring","kibana-monitoring"],"pid":7,"message":"Starting monitoring stats collection"}
    elk_kibana.1.lf8e57qeiylh@ddvc2    | {"type":"log","@timestamp":"2020-09-26T05:15:03Z","tags":["warning","plugins-discovery"],"pid":6,"message":"Expect plugin \"id\" in camelCase, but found: beats_management"}
    elk_kibana.1.lf8e57qeiylh@ddvc2    | {"type":"log","@timestamp":"2020-09-26T05:15:03Z","tags":["warning","plugins-discovery"],"pid":6,"message":"Expect plugin \"id\" in camelCase, but found: triggers_actions_ui"}
    elk_kibana.1.lf8e57qeiylh@ddvc2    | [BABEL] Note: The code generator has deoptimised the styling of /usr/share/kibana/x-pack/plugins/canvas/server/templates/pitch_presentation.js as it exceeds the max of 500KB.
    elk_kibana.1.mjb7nbiaakmd@ddvc2    | {"type":"log","@timestamp":"2020-09-26T05:23:03Z","tags":["warning","plugins-discovery"],"pid":8,"message":"Expect plugin \"id\" in camelCase, but found: beats_management"}
    elk_kibana.1.l25wfqwamhqc@ddvc2    | {"type":"log","@timestamp":"2020-09-26T05:18:30Z","tags":["warning","plugins-discovery"],"pid":7,"message":"Expect plugin \"id\" in camelCase, but found: beats_management"}
    elk_kibana.1.mjb7nbiaakmd@ddvc2    | {"type":"log","@timestamp":"2020-09-26T05:23:03Z","tags":["warning","plugins-discovery"],"pid":8,"message":"Expect plugin \"id\" in camelCase, but found: triggers_actions_ui"}
    elk_kibana.1.l25wfqwamhqc@ddvc2    | {"type":"log","@timestamp":"2020-09-26T05:18:30Z","tags":["warning","plugins-discovery"],"pid":7,"message":"Expect plugin \"id\" in camelCase, but found: triggers_actions_ui"}
    elk_kibana.1.mjb7nbiaakmd@ddvc2    | [BABEL] Note: The code generator has deoptimised the styling of /usr/share/kibana/x-pack/plugins/canvas/server/templates/pitch_presentation.js as it exceeds the max of 500KB.
    elk_kibana.1.l25wfqwamhqc@ddvc2    | [BABEL] Note: The code generator has deoptimised the styling of /usr/share/kibana/x-pack/plugins/canvas/server/templates/pitch_presentation.js as it exceeds the max of 500KB.
    elk_kibana.1.2hhdad9wayf2@ddvc2    | {"type":"log","@timestamp":"2020-09-26T05:11:01Z","tags":["info","plugins-service"],"pid":6,"message":"Plugin \"visTypeXy\" is disabled."}
    elk_kibana.1.2hhdad9wayf2@ddvc2    | {"type":"log","@timestamp":"2020-09-26T05:11:01Z","tags":["info","plugins-service"],"pid":6,"message":"Plugin \"auditTrail\" is disabled."}
    elk_kibana.1.2hhdad9wayf2@ddvc2    | {"type":"log","@timestamp":"2020-09-26T05:11:04Z","tags":["warning","config","deprecation"],"pid":6,"message":"Config key [monitoring.cluster_alerts.email_notifications.email_address] will be required for email notifications to work in 8.0.\""}
    elk_kibana.1.2hhdad9wayf2@ddvc2    | {"type":"log","@timestamp":"2020-09-26T05:11:05Z","tags":["info","plugins-system"],"pid":6,"message":"Setting up [92] plugins: [taskManager,licensing,observability,globalSearch,globalSearchProviders,code,usageCollection,ossTelemetry,telemetryCollectionManager,telemetry,telemetryCollectionXpack,kibanaUsageCollection,newsfeed,mapsLegacy,kibanaLegacy,translations,timelion,share,legacyExport,esUiShared,charts,bfetch,expressions,data,home,cloud,console,consoleExtensions,apmOss,searchprofiler,painlessLab,grokdebugger,management,upgradeAssistant,licenseManagement,watcher,advancedSettings,indexPatternManagement,fileUpload,dataEnhanced,savedObjects,visualizations,visualize,visTypeVislib,visTypeVega,visTypeTimeseries,visTypeTimelion,features,security,snapshotRestore,reporting,enterpriseSearch,encryptedSavedObjects,ingestManager,indexManagement,rollup,remoteClusters,crossClusterReplication,indexLifecycleManagement,beats_management,transform,ingestPipelines,maps,graph,canvas,visTypeTagcloud,visTypeTable,visTypeMetric,visTypeMarkdown,tileMap,regionMap,inputControlVis,discover,discoverEnhanced,dashboard,lens,dashboardMode,savedObjectsManagement,spaces,lists,eventLog,actions,case,alerts,alertingBuiltins,ml,securitySolution,infra,monitoring,logstash,apm,uptime]"}
    elk_kibana.1.2hhdad9wayf2@ddvc2    | {"type":"log","@timestamp":"2020-09-26T05:11:08Z","tags":["info","plugins","monitoring","monitoring"],"pid":6,"message":"config sourced from: production cluster"}
    elk_kibana.1.2hhdad9wayf2@ddvc2    | {"type":"log","@timestamp":"2020-09-26T05:11:15Z","tags":["info","savedobjects-service"],"pid":6,"message":"Waiting until all Elasticsearch nodes are compatible with Kibana before starting saved objects migrations..."}
    elk_kibana.1.2hhdad9wayf2@ddvc2    | {"type":"log","@timestamp":"2020-09-26T05:11:15Z","tags":["info","savedobjects-service"],"pid":6,"message":"Starting saved objects migrations"}
    elk_kibana.1.2hhdad9wayf2@ddvc2    | {"type":"log","@timestamp":"2020-09-26T05:11:17Z","tags":["warning","plugins","reporting","config"],"pid":6,"message":"Chromium sandbox provides an additional layer of protection, but is not supported for Linux Centos 7.8.2003 OS. Automatically setting 'xpack.reporting.capture.browser.chromium.disableSandbox: true'."}
    elk_kibana.1.2hhdad9wayf2@ddvc2    | {"type":"log","@timestamp":"2020-09-26T05:11:27Z","tags":["info","plugins-system"],"pid":6,"message":"Starting [92] plugins: [taskManager,licensing,observability,globalSearch,globalSearchProviders,code,usageCollection,ossTelemetry,telemetryCollectionManager,telemetry,telemetryCollectionXpack,kibanaUsageCollection,newsfeed,mapsLegacy,kibanaLegacy,translations,timelion,share,legacyExport,esUiShared,charts,bfetch,expressions,data,home,cloud,console,consoleExtensions,apmOss,searchprofiler,painlessLab,grokdebugger,management,upgradeAssistant,licenseManagement,watcher,advancedSettings,indexPatternManagement,fileUpload,dataEnhanced,savedObjects,visualizations,visualize,visTypeVislib,visTypeVega,visTypeTimeseries,visTypeTimelion,features,security,snapshotRestore,reporting,enterpriseSearch,encryptedSavedObjects,ingestManager,indexManagement,rollup,remoteClusters,crossClusterReplication,indexLifecycleManagement,beats_management,transform,ingestPipelines,maps,graph,canvas,visTypeTagcloud,visTypeTable,visTypeMetric,visTypeMarkdown,tileMap,regionMap,inputControlVis,discover,discoverEnhanced,dashboard,lens,dashboardMode,savedObjectsManagement,spaces,lists,eventLog,actions,case,alerts,alertingBuiltins,ml,securitySolution,infra,monitoring,logstash,apm,uptime]"}
    elk_kibana.1.2hhdad9wayf2@ddvc2    | {"type":"log","@timestamp":"2020-09-26T05:11:27Z","tags":["info","plugins","taskManager","taskManager"],"pid":6,"message":"TaskManager is identified by the Kibana UUID: 3b5efe38-f05e-424d-bfba-8e988fc2940e"}
    elk_kibana.1.2hhdad9wayf2@ddvc2    | {"type":"log","@timestamp":"2020-09-26T05:11:29Z","tags":["info","plugins","watcher"],"pid":6,"message":"Your basic license does not support watcher. Please upgrade your license."}
    elk_kibana.1.2hhdad9wayf2@ddvc2    | {"type":"log","@timestamp":"2020-09-26T05:11:29Z","tags":["info","plugins","crossClusterReplication"],"pid":6,"message":"Your basic license does not support crossClusterReplication. Please upgrade your license."}
    elk_kibana.1.2hhdad9wayf2@ddvc2    | {"type":"log","@timestamp":"2020-09-26T05:11:29Z","tags":["info","plugins","monitoring","monitoring","kibana-monitoring"],"pid":6,"message":"Starting monitoring stats collection"}

Cyberdemic · September 26, 2020, 6:22am

Inside Elasticsearch container i ran the command and seems new passwords have taken effect:

curl --cacert /usr/share/elasticsearch/config/certificates/ca/ca.crt -u kibana_system:kvv6nju4hLuI3eE7nbdr 'https://localhost:9200/_xpack/security/_authenticate?pretty'

Results:

{
  "username" : "kibana_system",
  "roles" : [
    "kibana_system"
  ],
  "full_name" : null,
  "email" : null,
  "metadata" : {
    "_reserved" : true
  },
  "enabled" : true,
  "authentication_realm" : {
    "name" : "reserved",
    "type" : "reserved"
  },
  "lookup_realm" : {
    "name" : "reserved",
    "type" : "reserved"
  }
}

Cluster health check:

curl --cacert /usr/share/elasticsearch/config/certificates/ca/ca.crt -u elastic:SuL1t6l5eWwye8EsX5QX -XGET 'https://localhost:9200/_clu
ster/health?pretty'

Results:

{
  "cluster_name" : "docker-cluster",
  "status" : "green",
  "timed_out" : false,
  "number_of_nodes" : 1,
  "number_of_data_nodes" : 1,
  "active_primary_shards" : 7,
  "active_shards" : 7,
  "relocating_shards" : 0,
  "initializing_shards" : 0,
  "unassigned_shards" : 0,
  "delayed_unassigned_shards" : 0,
  "number_of_pending_tasks" : 0,
  "number_of_in_flight_fetch" : 0,
  "task_max_waiting_in_queue_millis" : 0,
  "active_shards_percent_as_number" : 100.0
}

It also looks like the container restarts every few minutes:

ID                  NAME                IMAGE                                   NODE                DESIRED STATE       CURRENT STATE           ERROR                         PORTS
8llimp3o7avj        elk_kibana.1        docker.elastic.co/kibana/kibana:7.9.1   ddvc2               Running             Running 7 minutes ago                             
mjb7nbiaakmd         \_ elk_kibana.1    docker.elastic.co/kibana/kibana:7.9.1   ddvc2               Shutdown            Failed 7 minutes ago    "task: non-zero exit (137)"
l25wfqwamhqc         \_ elk_kibana.1    docker.elastic.co/kibana/kibana:7.9.1   ddvc2               Shutdown            Failed 11 minutes ago   "task: non-zero exit (137)"
lf8e57qeiylh         \_ elk_kibana.1    docker.elastic.co/kibana/kibana:7.9.1   ddvc2               Shutdown            Failed 16 minutes ago   "task: non-zero exit (137)"
gmlgyk612w9b         \_ elk_kibana.1    docker.elastic.co/kibana/kibana:7.9.1   ddvc2               Shutdown            Failed 19 minutes ago   "task: non-zero exit (137)"

I'm slightly confused by the similar settings such as SERVER_SSL_KEY and ELASTICSEARCH_SSL_KEY. I re-read the documentation and it looks like one is for outbound and one is for inbound TLS traffic? Do I need to have both types set? And if there are any settings that are redundant or unneeded I would like to remove them.

Any help figuring this one out would be greatly appreciated. I'm stumped. Sorry for the long post.

azasypkin · September 28, 2020, 8:39am

Hi @Cyberdemic,

 kibana:
      SERVER_SSL_CLIENTAUTHENTICATION: optional
      XPACK_SECURITY_HTTP_SSL_CLIENT_AUTHENTICATION: optional

I believe you don't need SERVER_SSL_CLIENTAUTHENTICATION since you don't use PKI to authenticate to Kibana.

And XPACK_SECURITY_HTTP_SSL_CLIENT_AUTHENTICATION looks like Elasticsearch setting that Kibana won't recognize.

It also looks like the container restarts every few minutes:

Can you please enable verbose logging (logging.verbose: true) in Kibana and share the log from the moment Kibana starts and crashes (likely the reason of restart)?

I'm slightly confused by the similar settings such as SERVER_SSL_KEY and ELASTICSEARCH_SSL_KEY . I re-read the documentation and it looks like one is for outbound and one is for inbound TLS traffic?

SERVER_SSL_KEY is for the HTTPS between browser and Kibana. The ELASTICSEARCH_SSL_KEY is for the HTTPS between Kibana and Elasticsearch in case you want to have a mutual TLS auth between ES and Kibana. See Configure Kibana | Kibana Guide [master] | Elastic (server.ssl.key and elasticsearch.ssl.key).

Best,
Oleg

Cyberdemic · September 29, 2020, 2:22am

@azasypkin thank you for taking the time to reply. I have removed the 2 PKI settings, enabled verbose logging in kibana, and removed unrecognized xpack command. Mutual TLS auth between ES and Kibana is what i'm after.

Here are my logs for Kibana:

| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: server"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: csp"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: plugins"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: dev"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: server"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: csp"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: uiSettings"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: csp"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: logging"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: server"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: plugins"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: dev"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: savedObjects"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: migrations"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: uiSettings"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: ops"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: logging"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","root"],"pid":6,"message":"setting up root"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","server"],"pid":6,"message":"setting up server"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-service"],"pid":6,"message":"Discovering plugins"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Discovering plugins..."}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Scanning \"/usr/share/kibana/src/plugins\" for plugin sub-directories..."}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Scanning \"/usr/share/kibana/x-pack/plugins\" for plugin sub-directories..."}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Scanning \"/usr/share/kibana/plugins\" for plugin sub-directories..."}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Scanning \"/usr/share/kibana-extra\" for plugin sub-directories..."}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"charts\" at \"/usr/share/kibana/src/plugins/charts\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"bfetch\" at \"/usr/share/kibana/src/plugins/bfetch\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"apmOss\" at \"/usr/share/kibana/src/plugins/apm_oss\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"advancedSettings\" at \"/usr/share/kibana/src/plugins/advanced_settings\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"console\" at \"/usr/share/kibana/src/plugins/console\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"dashboard\" at \"/usr/share/kibana/src/plugins/dashboard\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"data\" at \"/usr/share/kibana/src/plugins/data\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"discover\" at \"/usr/share/kibana/src/plugins/discover\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"expressions\" at \"/usr/share/kibana/src/plugins/expressions\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"embeddable\" at \"/usr/share/kibana/src/plugins/embeddable\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"esUiShared\" at \"/usr/share/kibana/src/plugins/es_ui_shared\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"devTools\" at \"/usr/share/kibana/src/plugins/dev_tools\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}

Cyberdemic · September 29, 2020, 2:24am

| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"indexPatternManagement\" at \"/usr/share/kibana/src/plugins/index_pattern_management\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"home\" at \"/usr/share/kibana/src/plugins/home\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"inputControlVis\" at \"/usr/share/kibana/src/plugins/input_control_vis\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"inspector\" at \"/usr/share/kibana/src/plugins/inspector\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"kibanaLegacy\" at \"/usr/share/kibana/src/plugins/kibana_legacy\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"kibanaReact\" at \"/usr/share/kibana/src/plugins/kibana_react\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"kibanaUsageCollection\" at \"/usr/share/kibana/src/plugins/kibana_usage_collection\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"legacyExport\" at \"/usr/share/kibana/src/plugins/legacy_export\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"management\" at \"/usr/share/kibana/src/plugins/management\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"mapsLegacy\" at \"/usr/share/kibana/src/plugins/maps_legacy\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"kibanaUtils\" at \"/usr/share/kibana/src/plugins/kibana_utils\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"navigation\" at \"/usr/share/kibana/src/plugins/navigation\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"newsfeed\" at \"/usr/share/kibana/src/plugins/newsfeed\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"regionMap\" at \"/usr/share/kibana/src/plugins/region_map\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"savedObjects\" at \"/usr/share/kibana/src/plugins/saved_objects\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}

Cyberdemic · September 29, 2020, 2:45am

| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"savedObjectsManagement\" at \"/usr/share/kibana/src/plugins/saved_objects_management\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"share\" at \"/usr/share/kibana/src/plugins/share\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"statusPage\" at \"/usr/share/kibana/src/plugins/status_page\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"telemetry\" at \"/usr/share/kibana/src/plugins/telemetry\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"telemetryManagementSection\" at \"/usr/share/kibana/src/plugins/telemetry_management_section\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"telemetryCollectionManager\" at \"/usr/share/kibana/src/plugins/telemetry_collection_manager\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"tileMap\" at \"/usr/share/kibana/src/plugins/tile_map\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"timelion\" at \"/usr/share/kibana/src/plugins/timelion\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"uiActions\" at \"/usr/share/kibana/src/plugins/ui_actions\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"usageCollection\" at \"/usr/share/kibana/src/plugins/usage_collection\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"visTypeMarkdown\" at \"/usr/share/kibana/src/plugins/vis_type_markdown\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"visTypeTable\" at \"/usr/share/kibana/src/plugins/vis_type_table\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"visTypeMetric\" at \"/usr/share/kibana/src/plugins/vis_type_metric\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"visTypeTagcloud\" at \"/usr/share/kibana/src/plugins/vis_type_tagcloud\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"visTypeTimelion\" at \"/usr/share/kibana/src/plugins/vis_type_timelion\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"visTypeVega\" at \"/usr/share/kibana/src/plugins/vis_type_vega\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"visTypeVislib\" at \"/usr/share/kibana/src/plugins/vis_type_vislib\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}

Cyberdemic · September 29, 2020, 2:46am

| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"visTypeXy\" at \"/usr/share/kibana/src/plugins/vis_type_xy\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"visualizations\" at \"/usr/share/kibana/src/plugins/visualizations\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"visualize\" at \"/usr/share/kibana/src/plugins/visualize\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"actions\" at \"/usr/share/kibana/x-pack/plugins/actions\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"visTypeTimeseries\" at \"/usr/share/kibana/src/plugins/vis_type_timeseries\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"auditTrail\" at \"/usr/share/kibana/x-pack/plugins/audit_trail\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["warning","plugins-discovery"],"pid":6,"message":"Expect plugin \"id\" in camelCase, but found: beats_management"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"beats_management\" at \"/usr/share/kibana/x-pack/plugins/beats_management\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"canvas\" at \"/usr/share/kibana/x-pack/plugins/canvas\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"case\" at \"/usr/share/kibana/x-pack/plugins/case\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"cloud\" at \"/usr/share/kibana/x-pack/plugins/cloud\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"code\" at \"/usr/share/kibana/x-pack/plugins/code\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"consoleExtensions\" at \"/usr/share/kibana/x-pack/plugins/console_extensions\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"crossClusterReplication\" at \"/usr/share/kibana/x-pack/plugins/cross_cluster_replication\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"dashboardEnhanced\" at \"/usr/share/kibana/x-pack/plugins/dashboard_enhanced\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"dashboardMode\" at \"/usr/share/kibana/x-pack/plugins/dashboard_mode\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"dataEnhanced\" at \"/usr/share/kibana/x-pack/plugins/data_enhanced\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"discoverEnhanced\" at \"/usr/share/kibana/x-pack/plugins/discover_enhanced\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"embeddableEnhanced\" at \"/usr/share/kibana/x-pack/plugins/embeddable_enhanced\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"encryptedSavedObjects\" at \"/usr/share/kibana/x-pack/plugins/encrypted_saved_objects\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}

Cyberdemic · September 29, 2020, 2:47am

| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"enterpriseSearch\" at \"/usr/share/kibana/x-pack/plugins/enterprise_search\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"eventLog\" at \"/usr/share/kibana/x-pack/plugins/event_log\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"features\" at \"/usr/share/kibana/x-pack/plugins/features\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"fileUpload\" at \"/usr/share/kibana/x-pack/plugins/file_upload\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"globalSearch\" at \"/usr/share/kibana/x-pack/plugins/global_search\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"globalSearchProviders\" at \"/usr/share/kibana/x-pack/plugins/global_search_providers\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"graph\" at \"/usr/share/kibana/x-pack/plugins/graph\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"grokdebugger\" at \"/usr/share/kibana/x-pack/plugins/grokdebugger\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"indexLifecycleManagement\" at \"/usr/share/kibana/x-pack/plugins/index_lifecycle_management\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"indexManagement\" at \"/usr/share/kibana/x-pack/plugins/index_management\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"alertingBuiltins\" at \"/usr/share/kibana/x-pack/plugins/alerting_builtins\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"apm\" at \"/usr/share/kibana/x-pack/plugins/apm\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"infra\" at \"/usr/share/kibana/x-pack/plugins/infra\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"alerts\" at \"/usr/share/kibana/x-pack/plugins/alerts\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","plugins-discovery"],"pid":6,"message":"Successfully discovered plugin \"ingestManager\" at \"/usr/share/kibana/x-pack/plugins/ingest_manager\""}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}

Cyberdemic · September 29, 2020, 2:49am

This is around the time the container restarts

| {"type":"log","@timestamp":"2020-09-29T02:37:28Z","tags":["info","plugins-service"],"pid":6,"message":"Plugin \"visTypeXy\" is disabled."}
| {"type":"log","@timestamp":"2020-09-29T02:37:28Z","tags":["info","plugins-service"],"pid":6,"message":"Plugin \"auditTrail\" is disabled."}
| {"type":"log","@timestamp":"2020-09-29T02:37:28Z","tags":["debug","plugins-service"],"pid":6,"message":"Discovered 108 plugins."}
| {"type":"log","@timestamp":"2020-09-29T02:37:28Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: xpack,global_search"}
| {"type":"log","@timestamp":"2020-09-29T02:37:28Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: usageCollection"}
| {"type":"log","@timestamp":"2020-09-29T02:37:28Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: telemetry"}
| {"type":"log","@timestamp":"2020-09-29T02:37:28Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: newsfeed"}
| {"type":"log","@timestamp":"2020-09-29T02:37:28Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: map"}
| {"type":"log","@timestamp":"2020-09-29T02:37:28Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: kibana_legacy"}
| {"type":"log","@timestamp":"2020-09-29T02:37:28Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: data"}
| {"type":"log","@timestamp":"2020-09-29T02:37:28Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: home"}
| {"type":"log","@timestamp":"2020-09-29T02:37:28Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: xpack,cloud"}
| {"type":"log","@timestamp":"2020-09-29T02:37:28Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: xpack,upgrade_assistant"}
| {"type":"log","@timestamp":"2020-09-29T02:37:28Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: xpack,license_management"}
| {"type":"log","@timestamp":"2020-09-29T02:37:28Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: visualize"}
| {"type":"log","@timestamp":"2020-09-29T02:37:28Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: vis_type_vega"}
| {"type":"log","@timestamp":"2020-09-29T02:37:28Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: vis_type_timelion"}
| {"type":"log","@timestamp":"2020-09-29T02:37:28Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: xpack,security"}
| {"type":"log","@timestamp":"2020-09-29T02:37:28Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: xpack,snapshot_restore"}
| {"type":"log","@timestamp":"2020-09-29T02:37:28Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: xpack,reporting"}
| {"type":"log","@timestamp":"2020-09-29T02:37:28Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: enterpriseSearch"}
| {"type":"log","@timestamp":"2020-09-29T02:37:28Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: xpack,ingestManager"}
| {"type":"log","@timestamp":"2020-09-29T02:37:28Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: xpack,remote_clusters"}
| {"type":"log","@timestamp":"2020-09-29T02:37:28Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: xpack,ccr"}
| {"type":"log","@timestamp":"2020-09-29T02:37:28Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: xpack,ilm"}
| {"type":"log","@timestamp":"2020-09-29T02:37:28Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: xpack,beats_management"}
| {"type":"log","@timestamp":"2020-09-29T02:37:28Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: xpack,maps"}
| {"type":"log","@timestamp":"2020-09-29T02:37:28Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: xpack,graph"}
| {"type":"log","@timestamp":"2020-09-29T02:37:28Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: map,tilemap"}
| {"type":"log","@timestamp":"2020-09-29T02:37:28Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: map,regionmap"}
| {"type":"log","@timestamp":"2020-09-29T02:37:28Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: xpack,discoverEnhanced"}
| {"type":"log","@timestamp":"2020-09-29T02:37:28Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: monitoring"}
| {"type":"log","@timestamp":"2020-09-29T02:37:28Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: xpack,apm"}
| {"type":"log","@timestamp":"2020-09-29T02:37:28Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}

azasypkin · September 29, 2020, 6:24am

Hi @Cyberdemic,

Hmm, it doesn't look like a full log, it stops at :"Marking config path as handled: path"}, but usually Kibana verbose logs contain much more info after that. Can you please double check?

Also next time can you just attach link to a log file to your message so that it's not split across multiple posts, that would be much easier to read (e.g. host it at gist.github.com or something like this)?

Best,
Oleg

Cyberdemic · September 30, 2020, 5:52pm

@azasypkin I knew there had to be another way! Never heard of gist so thank you for the info! Here are all the logs:

gist.github.com

https://gist.github.com/cyberdemic/3bbbec388c17f071ca778cf51e809deb

kibana-logs.txt

| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: server"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: csp"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: plugins"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: dev"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: server"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: csp"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: elasticsearch"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: uiSettings"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: path"}
| {"type":"log","@timestamp":"2020-09-29T02:36:06Z","tags":["debug","config"],"pid":6,"message":"Marking config path as handled: csp"}

This file has been truncated. show original

azasypkin · October 1, 2020, 11:43am

Hmm, it seems it's not full log, looks like Kibana is just slowly starting. Can you wait a bit more and capture full log? What we're looking for is either error log messages or the message that Kibana is started (it should print its address in the logs).

Cyberdemic · October 2, 2020, 12:22am

@azasypkin I did a little more digging and did a docker inspect <container_id> on one of the exited containers and noticed OOM. I since have fixed it and have it running. Thank you for your help!

"State": {
            "Status": "exited",
            "Running": false,
            "Paused": false,
            "Restarting": false,
            **"OOMKilled": true,**
            "Dead": false,
            "Pid": 0,
            "ExitCode": 137,
            "Error": "",
            "StartedAt": "2020-10-01T22:06:51.58771074Z",
            "FinishedAt": "2020-10-01T22:09:27.846216412Z"
        },

azasypkin · October 2, 2020, 5:20am

Glad you sorted this out!

system · October 30, 2020, 5:20am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.