New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Cannot Create Cross Site Index Patterns in Kibana 6.7.1 #35229
Comments
Hi, |
Thank you! Let me know if you need anything else to troubleshoot/debug. |
@hgoscenski-vail I'm going to work on reproducing this locally but it might be helpful if you pop open the inspector in your browser and see if there are any failed http requests. |
I do not see any errors in the inspector. |
@hgoscenski-vail I set up a remote cluster but was able to create index patterns against it. You are using Searchguard - is there a way to see if the problem exists without Searchguard? |
It very well may be an issue with Searchguard, from reading through some issue tickets here and the changelogs it looks like there may be different permissions needed in 6.7.1 vs 6.5.1 to access and use the cross cluster index pattern creation. Do you know what permissions are required to do so? I could spin up 2 new clusters and set one up as a remote but I have a feeling I would just be duplicating your results. |
@hgoscenski-vail I'm not aware of any permissions changing in a minor version. That said, I'm happy to read what you've come across. |
@hgoscenski-vail That issue and PR addressed a problem that was discovered and addressed before release and expressed itself via the error |
It should correspond to a failed http request in the network tab in dev tools. To be honest, I'm not sure if failed network requests always display in the console. Anyway, seeing that failed request would be helpful. |
I can try over the next few days and see if I can catch an error in the Dev tools console. |
Anything in red in the network tab when that happens? |
Click on one of those network request entries to see the POST params in the request. |
Looks like Searchguard had a bug with CCS index creation. Should be fixed in 25.0 floragunncom/search-guard/pull/675 |
@pukhanov Thank you! I updated my instances and I was able to create the remote index patterns. |
Kibana version:
6.7.1
Elasticsearch version:
6.7.1
Server OS version:
Running in Docker on Centos 7
Browser version:
Chrome 73, Firefox Nightly
Browser OS version:
MacOS 10.14
Original install method (e.g. download page, yum, from source, etc.):
Docker from docker.elastic.co
Describe the bug:
Showing failed to load remote clusters occasionally when going to the index pattern creation page.
Upgraded from Kibana/Elasticsearch 6.5.1 to 6.7.1 using a rolling upgrade. After the update all seemed fine but after a user went to create a new index patterns they were unable to use the : syntax.
The data is present in the cluster and can be matched against without the remote cluster component. When adding a *: or sf-prod: in front of an index pattern I know exists on all remote clusters the page churns for a moment then says "The index pattern you've entered doesn't match any indices." For a moment, immediately after adding the :, if I am sufficiently quick I can click the "Next Step" button and create the index pattern anyway.
I can also import index patterns with the : syntax from the Saved Objects tab of the management page.
Testing in the Kibana Dev Tools pane shows that I can see and search against those remote clusters/indices and see the results that I am expecting.
Remote Cluster Config:
Querying to remote cluster:
Steps to reproduce:
Expected behavior:
Index pattern is created and able to be used in Kibana.
Screenshots (if relevant):
Errors in browser console (if relevant):
No errors in browser console.
Provide logs and/or server output (if relevant):
Kibana logs when attempting to create index pattern
Any additional context:
I am using Searchguard to provide access control to the clusters. Searchguard is configured to provide the user I am testing with full access to all indicies. The kibana_server user is given these permissions:
and for the kibana user which is automatically assigned to all signed in users:
EDIT: Redacting.
The text was updated successfully, but these errors were encountered: