Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

audit log prefix settings no longer valid #36162

Closed
inqueue opened this issue Dec 3, 2018 · 2 comments

Comments

Projects
None yet
3 participants
@inqueue
Copy link
Contributor

commented Dec 3, 2018

Elasticsearch version (bin/elasticsearch --version):

bin/elasticsearch --version                                                                                                                                                                     
Java HotSpot(TM) 64-Bit Server VM warning: Option UseConcMarkSweepGC was deprecated in version 9.0 and will likely be removed in a future release.
Version: 6.5.1, Build: default/tar/8c58350/2018-11-16T02:22:42.182257Z, JVM: 10.0.2

Description of the problem including expected versus actual behavior:
Audit log prefix settings appear to be no longer valid in 6.5 though it appears according to #34475 they should have only been deprecated. I was not able to find any documented mention of deprecation or removal of prefix settings.

Steps to reproduce:

xpack.security:
  enabled: true
  audit:
    enabled: true
    outputs: logfile
    logfile.prefix.emit_node_host_name: true

Provide logs (if relevant):

[2018-12-03T11:22:33,786][WARN ][o.e.b.ElasticsearchUncaughtExceptionHandler] [Nw_dK3F] uncaught exception in thread [main]
org.elasticsearch.bootstrap.StartupException: java.lang.IllegalArgumentException: unknown setting [xpack.security.audit.logfile.prefix.emit_node_host_name] did you mean any of [xpack.security.audit.logfile.emit_node_host_name, xpack.security.audit.logfile.emit_node_name, xpack.security.audit.logfile.emit_node_host_address, xpack.security.audit.logfile.events.emit_request_body, xpack.security.audit.logfile.emit_node_id]?
	at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:140) ~[elasticsearch-6.5.1.jar:6.5.1]
	at org.elasticsearch.bootstrap.Elasticsearch.execute(Elasticsearch.java:127) ~[elasticsearch-6.5.1.jar:6.5.1]
	at org.elasticsearch.cli.EnvironmentAwareCommand.execute(EnvironmentAwareCommand.java:86) ~[elasticsearch-6.5.1.jar:6.5.1]
	at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:124) ~[elasticsearch-cli-6.5.1.jar:6.5.1]
	at org.elasticsearch.cli.Command.main(Command.java:90) ~[elasticsearch-cli-6.5.1.jar:6.5.1]
	at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:93) ~[elasticsearch-6.5.1.jar:6.5.1]
	at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:86) ~[elasticsearch-6.5.1.jar:6.5.1]
Caused by: java.lang.IllegalArgumentException: unknown setting [xpack.security.audit.logfile.prefix.emit_node_host_name] did you mean any of [xpack.security.audit.logfile.emit_node_host_name, xpack.security.audit.logfile.emit_node_name, xpack.security.audit.logfile.emit_node_host_address, xpack.security.audit.logfile.events.emit_request_body, xpack.security.audit.logfile.emit_node_id]?
	at org.elasticsearch.common.settings.AbstractScopedSettings.validate(AbstractScopedSettings.java:476) ~[elasticsearch-6.5.1.jar:6.5.1]
	at org.elasticsearch.common.settings.AbstractScopedSettings.validate(AbstractScopedSettings.java:421) ~[elasticsearch-6.5.1.jar:6.5.1]
	at org.elasticsearch.common.settings.AbstractScopedSettings.validate(AbstractScopedSettings.java:392) ~[elasticsearch-6.5.1.jar:6.5.1]
	at org.elasticsearch.common.settings.AbstractScopedSettings.validate(AbstractScopedSettings.java:363) ~[elasticsearch-6.5.1.jar:6.5.1]
	at org.elasticsearch.common.settings.SettingsModule.<init>(SettingsModule.java:148) ~[elasticsearch-6.5.1.jar:6.5.1]
	at org.elasticsearch.node.Node.<init>(Node.java:373) ~[elasticsearch-6.5.1.jar:6.5.1]
	at org.elasticsearch.node.Node.<init>(Node.java:265) ~[elasticsearch-6.5.1.jar:6.5.1]
	at org.elasticsearch.bootstrap.Bootstrap$5.<init>(Bootstrap.java:212) ~[elasticsearch-6.5.1.jar:6.5.1]
	at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:212) ~[elasticsearch-6.5.1.jar:6.5.1]
	at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:333) ~[elasticsearch-6.5.1.jar:6.5.1]
	at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:136) ~[elasticsearch-6.5.1.jar:6.5.1]
	... 6 more
@elasticmachine

This comment has been minimized.

Copy link
Collaborator

commented Dec 3, 2018

@albertzaharovits albertzaharovits self-assigned this Dec 3, 2018

@albertzaharovits

This comment has been minimized.

Copy link
Contributor

commented Dec 3, 2018

Hi @inqueue ,

This is a bug due to me botching the deprecation in the PR you have correctly linked. I am working on the fix right now.

albertzaharovits added a commit that referenced this issue Dec 3, 2018

Fix deprecation of audit log settings (#36175)
I have botched deprecating the "prefix" logfile audit settings
in #34475 , by not registering them.
This commit fixes it and also adds a test that these deprecated
settings are indeed still working and are dynamic.

Closes #36162

albertzaharovits added a commit that referenced this issue Dec 4, 2018

Fix deprecation of audit log settings (#36175)
I have botched deprecating the "prefix" logfile audit settings
in #34475 , by not registering them.
This commit fixes it and also adds a test that these deprecated
settings are indeed still working and are dynamic.

Closes #36162
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.