-
Notifications
You must be signed in to change notification settings - Fork 168
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Kibana status RED using v1.9.1 #56
Comments
Hi @johncst, did you configure kibana.yml with the HTTP Basic Auth credentials? Please post the relevant parts of your elasticsearch.yml and kibana.yml so we can investigate better! |
Hi @sscarduzio, thanks for the reply. All I did was what it said in the readme.md, which was put case #2 in elasticsearch.yml, which I now see is probably my issue. I didn't put anything in kibana.yml. I saw the snippet in your example directory, so I'm guessing I need to alter what I did in both .yml files. Forbiddenaccess_control_rules:
kibana.yml - If you have any additional guidelines on what goes into elasticsearch.yml and what goes into kibana.yml, I'd appreciate the advice and instruction. Like I said, I figured it was user error on my part. I just don't know enough about your plugin yet. However BRAVO for doing this and sharing with the rest of us!!! |
Hey @johncst, thanks for the compliment. My pleasure! 👍 Yes, I believe the instructions are a bit incomplete then. Thanks for finding out!
This will make sure that the kibana process is free to talk to ES, however, the browser will still be required to insert the username and password. BTW: would you like to contribute to the project by adding the solution to your issue to the readme? I don't want to steal the credits :) Enjoy! |
No credit necessary. I'm more than happy to add my very small contribution when people like you contribute your time to help others. I suggest adding the following after USE CASE 2, and before ##### 3 - Restart Elasticsearch. BTW, I tried this under both Ubuntu and Windows, and it works in both. If you are using authentication (USE CASE 2), you need to activate authentication in kibana.yml as well. Authentication in Kibana is not active by default, and if you look in kibana.yml, you will see the default username and password commented-out:
Un-comment the elasticsearch.username and elasticsearch.password lines, and change the entries to match those found in elasticsearch.yml. Referring to USE CASE 2, the entries would now look like:
Restart the Kibana server. |
Hi sscarduzio, I am using Kibana 4.5.1 , ES of 2.3, shiled of 2.3.3 but when I tried to start Kibana I get below error "[error][status][plugin:elasticsearch] Status changed from yellow to red - Authentication Exception" So in kibana.yml file I have uncommented below lines after creating euser from commandline with admin role elasticsearch.url: "http//localhost:9200" Now I am getting below error "ValidationError: child "elasticsearch" fails because [child "url" fails because ["url" must be a valid uri with a scheme matching the http|https pattern]]" Can you please help here to fix the issue? |
You missed the semicolon before the double slash! |
Thanks a lot for your reply. It worked fine.But when I logged into Kibana it gives message as Index Patterns I tried to download filebeat template I get below error curl -XPUT 'http://ipaddress/_template/filebeat?pretty' -d@filebeat-index-template.json |
curl -XPUT 'http://localhost:9200/_template/filebeat?pretty' -d@filebeat-index-template.json |
Well, if you're trying to create stuff via the REST API in an instance of ElasticSearch with this plugin installed, you'll get a 401 because that's how it is supposed to work. Right? You have to disable the plugin first, create the template and re-enable it. At least this is how I understood your situation. |
Also, pass the absolute path of the json file to that curl. |
Let me give a quick view what exactly I am trying to do Step1: I have installed Elastic search 2.3 , Kibana 4.5, Logastash 2.3 and shield 2.3 on single server. In elasticsearch.yml I have uncommented #network.host: private ip In Kibana.yml I have uncommented below #server.host: "privateip" #elasticsearch.url: "http://privateip:9200" #elasticsearch.username: "xxx" #server.ssl.cert: absolutepath of certifcate created using esusers command line I have created one admin user with admin role and another user with user role. Right now I am able to login to Kibana with user credentials created. Step 2: Load Kibana Dashboards curl -L -O https://download.elastic.co/beats/dashboards/beats-dashboards-1.1.0.zip _It fails_*************** Load Filebeat Index Template in Elasticsearch in home directory of ELK server curl -XPUT 'http://localhost:9200/_template/filebeat?pretty' -d@filebeat-index-template.json Above setps fails ************************* Step 3: Setup Filebeat on client servers Copy SSL Certificate from ELK server to absolute path of client server Install Filebeat package filebeat.yml is as below paths: Elasticsearch as outputelasticsearch:
Path to template file
Logstash as outputlogstash: Optional TLS. By default is off.tls: Ste 4: Test Filebeat Installation curl -XGET 'http://localhost:9200/filebeat-*/_search?pretty' It fails Can you please let me know how can I proceed. For security purpose I have installed Shield I am facing lot of issues. With NGINX it is straight forward but there is no control on user access. |
Wait, you're using Shield? So you're not using readonlyrest plugin? |
yes thats true I am using Shiled now. How can I create indexing using filebeat and load Kibana dashboards. |
Well, I'd love to help you, but I never used Shield. The reason is that It's proprietary software and I'm not interested in using it. This plugin pre-dates Shield and covers just a few of the features of Shield, and they work very differently! |
do you have any links where it gives steps on how to install shield or can I still use REST API. As per below links of elasticsearch websites still they use REST API https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-installation.html |
I fiugured out few things like passing on user details and I am at last step of indexing which failed. Can you help here please Step1: I have installed Elastic search 2.3 , Kibana 4.5, Logastash 2.3 and shield 2.3 on single server. created using esusers command line I have created one admin user with admin role and another user with user role. Right now I am able to login to Kibana with user credentials created. Step 2: Loaded Kibana Dashboards step3 : Tried to test filebeat installation and I get below error. curl -XGET "http://ipaddress:9200/filebeat-_/_search?pretty" -u admin -p Please help me in fixing this issue |
Just addidtional info which can help you After loginpage opens up in Kibana. I did below steps Loading Kibana dashboards: curl -L -O http://download.elastic.co/beats/dashboards/beats-dashboards-1.2.3.zip unzip beats-dashboards-1.2.3.zip ./load.sh -url http://ipaddress:9200 -u admin:xxx _Load Filebeat Index Template in Elasticsearch_******************* _Load the template with this command:_**************************** curl -XPUT 'http://ipaddress:9200/_template/filebeat?pretty' -d@filebeat-index-template.json _Installed filebeat and configured it on client server_********************************* step3 : Tried to test filebeat installation on ELK server and I get below error. curl -XGET "http://ipaddress:9200/filebeat-_/_search?pretty" -u admin -p Please help me in fixing this issue |
Just installed v1.9.1 with ES 2.3.1, and plugged Use Case #2 into elasticsearch.yml. ES started OK, but starting the Kibana server showed:
~/kibana$ bin/kibana
log [09:44:26.639] [info][status][plugin:kibana] Status changed from uninitialized to green - Ready
log [09:44:26.689] [info][status][plugin:elasticsearch] Status changed from uninitialized to yellow - Waiting for Elasticsearch
log [09:44:26.715] [info][status][plugin:kbn_vislib_vis_types] Status changed from uninitialized to green - Ready
log [09:44:26.724] [info][status][plugin:markdown_vis] Status changed from uninitialized to green - Ready
log [09:44:26.729] [info][status][plugin:metric_vis] Status changed from uninitialized to green - Ready
log [09:44:26.736] [info][status][plugin:spyModes] Status changed from uninitialized to green - Ready
log [09:44:26.754] [info][status][plugin:statusPage] Status changed from uninitialized to green - Ready
log [09:44:26.760] [info][status][plugin:table_vis] Status changed from uninitialized to green - Ready
log [09:44:26.783] [info][listening] Server running at http://0.0.0.0:5601
log [09:44:26.792] [error][status][plugin:elasticsearch] Status changed from yellow to red - Authentication Exception
Trying to start Kibana from the browser showed a RED - authentication error message. I restarted ES, and it became unresponsive. Any request to :9200 waited forever. Removing the plugin broke ES and Kibana to the point they had to be reloaded.
If I can provide any additional debugging info, please let me know. This might be user error, but I thought I'd let you know...
The text was updated successfully, but these errors were encountered: