-
Notifications
You must be signed in to change notification settings - Fork 6.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
security_exception: unable to authenticate user [kibana_system] #863
Comments
|
@daniejoh not sure what your thumb down is supposed to mean. The issue description clearly shows that the setup wasn't executed. docker-elk won't work without setting up users. |
That was maybe a little harsh, sorry about that. I am having the same problem as issue author. I have run
I see now that the setup exits with error. However I cannot figure out why. Any ideas? Again, sorry about the thumbs down! |
Thanks for the additional details. I see that the setup exited with code 28, which is an error documented as What happens if you re- run the setup? |
I started again from scratch, and this is the result:
It consistently crashes here after about 10-20 seconds. Environment:
|
Then I'll need the full output of |
The log is too big to post here.. I sent it to the email listed on your github profile. |
Logs received 👍 {
"@timestamp": "2023-05-30T07:15:16.913Z",
"log.level": "WARN",
"message": "flood stage disk watermark [95%] exceeded on [3dcHXXVrSA25e9kysjIvBQ][elasticsearch][/usr/share/elasticsearch/data] free: 1.2gb[2%], all indices on this node will be marked read-only",
"ecs.version": "1.2.0",
"service.name": "ES_ECS",
"event.dataset": "elasticsearch.server",
"process.thread.name": "elasticsearch[elasticsearch][management][T#1]",
"log.logger": "org.elasticsearch.cluster.routing.allocation.DiskThresholdMonitor",
"elasticsearch.cluster.uuid": "Wbmi6A-BSouuW8oG8teiBw",
"elasticsearch.node.id": "3dcHXXVrSA25e9kysjIvBQ",
"elasticsearch.node.name": "elasticsearch",
"elasticsearch.cluster.name": "docker-cluster"
} Ref.
Relevant doc pages:
Closing now because:
|
That was indeed the issue for me. Thank you for the help, and fast responses 😄 |
kibana output:
Is there anything else I need to modify? The kibana log here is wrong
other err:
$ docker-compose exec elasticsearch bin/elasticsearch-reset-password --batch --user logstash_internal
ERROR: Failed to reset password for the [logstash_internal] user
The text was updated successfully, but these errors were encountered: