search

NETWAYS / ansible-collection-elasticstack

A collection to install and manage the Elastic Stack
GNU General Public License v3.0
9 stars 8 forks source link

Feature/sniffing 131 #144

Closed afeefghannam89 closed 1 year ago

afeefghannam89 commented 1 year ago

Enable sniffing for logstash Fix #131

afeefghannam89 commented 1 year ago

When I enable sniffing for Kibana with the version 7 I get the error which I set to you Thomas and elasticsearch hosts will not be listed in the log. "message":"ResponseError: security_exception: [security_exception] Reason: missing authentication credentials for REST request [/_nodes/_all/http]\n at onBody (/usr/share/kibana/node_modules/@elastic/elasticsearch/lib/Transport.js:367:23)\n at IncomingMessage.onEnd (/usr/share/kibana/node_modules/@elastic/elasticsearch/lib/Transport.js:291:11)\n at IncomingMessage.emit (node:events:525:35)\n at endReadableNT (node:internal/streams/readable:1358:12)\n at processTicksAndRejections (node:internal/process/task_queues:83:21)"}

With version 8.7 I do not see any changes in kibana log or the listed ealsticsearch host.

widhalmt commented 1 year ago

It's strange that full cluster checks here fail with timeouts, too. I wonder if some of the last changes broke something in Elasticsearch. I'll have another look and try to fix it in #136 If that works, we can merge it and try angain.

When the same task works with Elastic Stack 8 but fails with 7, we might have hit a breaking change in the API. Maybe the endpoint just was renamed. So either we need to check for the API in the docs of 7 or deactivate it for version 7 all together.

widhalmt commented 1 year ago

From what I found on a short research, the API endpoint Kibana uses for sniffing didn't change from 7.x to 8.x . Maybe the role Kibana uses per default didn't allow sniffing?

Since this only affects 7.x and 7.x won't be supported very long, I could live with disabling sniffing in 7.x completely. We could use if in the template and then remove the if once 7.x has been removed from the code.

afeefghannam89 commented 1 year ago

In version 8 I do not see the listed Elasticsearch hosts in logs, when I enable sniffing, they should be logged, should they? In Logstash I can see the listed Elasticsearch hosts after enabling sniffing. In Kibana It is strange!! I use the sniffing options in kibana.yml here https://www.elastic.co/guide/en/kibana/current/settings.html

afeefghannam89 commented 1 year ago

@widhalmt are you ok with the changes here?