[TLS] Can't generate built-in users passwords

[Jordanlelay]

Problem description

Using the TLS branch without changes, I cannot generate new passwords for the built-in users.

I launched the following command

docker-compose exec -T elasticsearch bin/elasticsearch-setup-passwords auto --batch

Obtained the following result

07:23:49.711 [main] WARN  org.elasticsearch.common.ssl.DiagnosticTrustManager - failed to establish trust with server at [172.22.0.2]; the server provided a certificate with subject name [CN=elasticsearch] and fingerprint [ba3916192819a035d7ce7d9afe594fca7acebe92]; the certificate has subject alternative names [DNS:localhost,DNS:elasticsearch]; the certificate is issued by [CN=Elastic Certificate Tool Autogenerated CA]; the certificate is signed by (subject [CN=Elastic Certificate Tool Autogenerated CA] fingerprint [d9615ba6befe90ba321a77d197f3b8218e12e672] {trusted issuer}) which is self-issued; the [CN=Elastic Certificate Tool Autogenerated CA] certificate is trusted in this ssl context ([xpack.security.http.ssl])
java.security.cert.CertificateException: No subject alternative names matching IP address 172.22.0.2 found
    at sun.security.util.HostnameChecker.matchIP(HostnameChecker.java:165) ~[?:?]
    at sun.security.util.HostnameChecker.match(HostnameChecker.java:101) ~[?:?]
    at sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:452) ~[?:?]
    at sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:426) ~[?:?]
    at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:238) ~[?:?]
    at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:132) ~[?:?]
    at org.elasticsearch.common.ssl.DiagnosticTrustManager.checkServerTrusted(DiagnosticTrustManager.java:79) [elasticsearch-ssl-config-7.13.2.jar:7.13.2]
    at sun.security.ssl.CertificateMessage$T13CertificateConsumer.checkServerCerts(CertificateMessage.java:1341) [?:?]
    at sun.security.ssl.CertificateMessage$T13CertificateConsumer.onConsumeCertificate(CertificateMessage.java:1232) [?:?]
    at sun.security.ssl.CertificateMessage$T13CertificateConsumer.consume(CertificateMessage.java:1175) [?:?]
    at sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:396) [?:?]
    at sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:480) [?:?]
    at sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:458) [?:?]
    at sun.security.ssl.TransportContext.dispatch(TransportContext.java:199) [?:?]
    at sun.security.ssl.SSLTransport.decode(SSLTransport.java:171) [?:?]
    at sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1497) [?:?]
    at sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1403) [?:?]
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:441) [?:?]
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:412) [?:?]
    at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:574) [?:?]
    at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:183) [?:?]
    at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:142) [?:?]
    at org.elasticsearch.xpack.core.common.socket.SocketAccess.lambda$doPrivileged$0(SocketAccess.java:43) [x-pack-core-7.13.2.jar:7.13.2]
    at java.security.AccessController.doPrivileged(AccessController.java:554) [?:?]
    at org.elasticsearch.xpack.core.common.socket.SocketAccess.doPrivileged(SocketAccess.java:42) [x-pack-core-7.13.2.jar:7.13.2]
    at org.elasticsearch.xpack.security.authc.esnative.tool.CommandLineHttpClient.execute(CommandLineHttpClient.java:110) [x-pack-security-7.13.2.jar:7.13.2]
    at org.elasticsearch.xpack.security.authc.esnative.tool.SetupPasswordTool$SetupCommand.checkElasticKeystorePasswordValid(SetupPasswordTool.java:308) [x-pack-security-7.13.2.jar:7.13.2]
    at org.elasticsearch.xpack.security.authc.esnative.tool.SetupPasswordTool$AutoSetup.execute(SetupPasswordTool.java:139) [x-pack-security-7.13.2.jar:7.13.2]
    at org.elasticsearch.cli.EnvironmentAwareCommand.execute(EnvironmentAwareCommand.java:75) [elasticsearch-7.13.2.jar:7.13.2]
    at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:116) [elasticsearch-cli-7.13.2.jar:7.13.2]
    at org.elasticsearch.cli.MultiCommand.execute(MultiCommand.java:80) [elasticsearch-cli-7.13.2.jar:7.13.2]
    at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:116) [elasticsearch-cli-7.13.2.jar:7.13.2]
    at org.elasticsearch.cli.Command.main(Command.java:79) [elasticsearch-cli-7.13.2.jar:7.13.2]
    at org.elasticsearch.xpack.security.authc.esnative.tool.SetupPasswordTool.main(SetupPasswordTool.java:117) [x-pack-security-7.13.2.jar:7.13.2]

SSL connection to https://172.22.0.2:9200/_security/_authenticate?pretty failed: No subject alternative names matching IP address 172.22.0.2 found
Please check the elasticsearch SSL settings under xpack.security.http.ssl.

ERROR: Failed to establish SSL connection to elasticsearch at https://172.22.0.2:9200/_security/_authenticate?pretty.

Stack configuration

No changes made to the existing config

Docker setup

$ docker version
Client: Docker Engine - Community
 Version:           20.10.7
 API version:       1.41
 Go version:        go1.13.15
 Git commit:        f0df350
 Built:             Wed Jun  2 11:56:47 2021
 OS/Arch:           linux/amd64
 Context:           default
 Experimental:      true

Server: Docker Engine - Community
 Engine:
  Version:          20.10.7
  API version:      1.41 (minimum version 1.12)
  Go version:       go1.13.15
  Git commit:       b0f5bc3
  Built:            Wed Jun  2 11:54:58 2021
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.4.6
  GitCommit:        d71fcd7d8303cbf684402823e425e9dd2e99285d
 runc:
  Version:          1.0.0-rc95
  GitCommit:        b9ee9c6314599f1b4a7f497e1f1f856fe433d3b7
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

$ docker-compose version

docker-compose version 1.29.2, build 5becea4c
docker-py version: 5.0.0
CPython version: 3.7.10
OpenSSL version: OpenSSL 1.1.0l  10 Sep 2019

Container logs

$ docker-compose logs

Attaching to docker-elk-tls_logstash_1, docker-elk-tls_kibana_1, docker-elk-tls_elasticsearch_1
kibana_1         | {"type":"log","@timestamp":"2021-06-25T07:26:46+00:00","tags":["info","plugins-service"],"pid":954,"message":"Plugin \"timelines\" is disabled."}
kibana_1         | {"type":"log","@timestamp":"2021-06-25T07:26:46+00:00","tags":["warning","config","deprecation"],"pid":954,"message":"Setting [elasticsearch.username] to \"elastic\" is deprecated. You should use the \"kibana_system\" user instead."}
kibana_1         | {"type":"log","@timestamp":"2021-06-25T07:26:46+00:00","tags":["warning","config","deprecation"],"pid":954,"message":"plugins.scanDirs is deprecated and is no longer used"}
kibana_1         | {"type":"log","@timestamp":"2021-06-25T07:26:46+00:00","tags":["warning","config","deprecation"],"pid":954,"message":"Config key [monitoring.cluster_alerts.email_notifications.email_address] will be required for email notifications to work in 8.0.\""}
kibana_1         | {"type":"log","@timestamp":"2021-06-25T07:26:46+00:00","tags":["warning","config","deprecation"],"pid":954,"message":"Setting [monitoring.username] to \"elastic\" is deprecated. You should use the \"kibana_system\" user instead."}
kibana_1         | {"type":"log","@timestamp":"2021-06-25T07:26:47+00:00","tags":["info","plugins-system"],"pid":954,"message":"Setting up [106] plugins: [taskManager,licensing,globalSearch,globalSearchProviders,banners,code,usageCollection,xpackLegacy,telemetryCollectionManager,telemetry,telemetryCollectionXpack,kibanaUsageCollection,securityOss,share,newsfeed,mapsEms,mapsLegacy,kibanaLegacy,translations,licenseApiGuard,legacyExport,embeddable,uiActionsEnhanced,esUiShared,expressions,charts,bfetch,data,home,apmOss,console,consoleExtensions,searchprofiler,painlessLab,grokdebugger,management,advancedSettings,savedObjects,visualizations,visTypeTimelion,features,licenseManagement,watcher,visTypeVislib,visTypeVega,visTypeTagcloud,visTypeTable,visTypeMetric,visTypeMarkdown,visTypeXy,tileMap,regionMap,presentationUtil,canvas,graph,timelion,dashboard,dashboardEnhanced,visualize,visTypeTimeseries,inputControlVis,indexPatternManagement,discover,discoverEnhanced,savedObjectsManagement,spaces,security,savedObjectsTagging,lens,reporting,lists,encryptedSavedObjects,dataEnhanced,dashboardMode,cloud,snapshotRestore,upgradeAssistant,fleet,indexManagement,rollup,remoteClusters,crossClusterReplication,indexLifecycleManagement,enterpriseSearch,beatsManagement,transform,ingestPipelines,fileUpload,maps,fileDataVisualizer,eventLog,actions,alerting,triggersActionsUi,stackAlerts,ruleRegistry,observability,osquery,ml,securitySolution,cases,infra,monitoring,logstash,apm,uptime]"}
kibana_1         | {"type":"log","@timestamp":"2021-06-25T07:26:47+00:00","tags":["info","plugins","taskManager"],"pid":954,"message":"TaskManager is identified by the Kibana UUID: b59ea23a-cd93-4db7-ac49-85279725c86c"}
kibana_1         | {"type":"log","@timestamp":"2021-06-25T07:26:48+00:00","tags":["warning","plugins","security","config"],"pid":954,"message":"Generating a random key for xpack.security.encryptionKey. To prevent sessions from being invalidated on restart, please set xpack.security.encryptionKey in the kibana.yml or use the bin/kibana-encryption-keys command."}
kibana_1         | {"type":"log","@timestamp":"2021-06-25T07:26:48+00:00","tags":["warning","plugins","security","config"],"pid":954,"message":"Session cookies will be transmitted over insecure connections. This is not recommended."}
kibana_1         | {"type":"log","@timestamp":"2021-06-25T07:26:48+00:00","tags":["warning","plugins","reporting","config"],"pid":954,"message":"Generating a random key for xpack.reporting.encryptionKey. To prevent sessions from being invalidated on restart, please set xpack.reporting.encryptionKey in the kibana.yml or use the bin/kibana-encryption-keys command."}
kibana_1         | {"type":"log","@timestamp":"2021-06-25T07:26:48+00:00","tags":["warning","plugins","reporting","config"],"pid":954,"message":"Chromium sandbox provides an additional layer of protection, but is not supported for Linux CentOS 8.4.2105\n OS. Automatically setting 'xpack.reporting.capture.browser.chromium.disableSandbox: true'."}
kibana_1         | {"type":"log","@timestamp":"2021-06-25T07:26:48+00:00","tags":["warning","plugins","encryptedSavedObjects"],"pid":954,"message":"Saved objects encryption key is not set. This will severely limit Kibana functionality. Please set xpack.encryptedSavedObjects.encryptionKey in the kibana.yml or use the bin/kibana-encryption-keys command."}
kibana_1         | {"type":"log","@timestamp":"2021-06-25T07:26:48+00:00","tags":["warning","plugins","actions","actions"],"pid":954,"message":"APIs are disabled because the Encrypted Saved Objects plugin is missing encryption key. Please set xpack.encryptedSavedObjects.encryptionKey in the kibana.yml or use the bin/kibana-encryption-keys command."}
kibana_1         | {"type":"log","@timestamp":"2021-06-25T07:26:48+00:00","tags":["warning","plugins","alerting","plugins","alerting"],"pid":954,"message":"APIs are disabled because the Encrypted Saved Objects plugin is missing encryption key. Please set xpack.encryptedSavedObjects.encryptionKey in the kibana.yml or use the bin/kibana-encryption-keys command."}
kibana_1         | {"type":"log","@timestamp":"2021-06-25T07:26:48+00:00","tags":["info","plugins","monitoring","monitoring"],"pid":954,"message":"config sourced from: production cluster"}
kibana_1         | {"type":"log","@timestamp":"2021-06-25T07:26:49+00:00","tags":["info","savedobjects-service"],"pid":954,"message":"Waiting until all Elasticsearch nodes are compatible with Kibana before starting saved objects migrations..."}
kibana_1         | {"type":"log","@timestamp":"2021-06-25T07:26:49+00:00","tags":["error","savedobjects-service"],"pid":954,"message":"Unable to retrieve version information from Elasticsearch nodes."}
kibana_1         | {"type":"log","@timestamp":"2021-06-25T07:27:13+00:00","tags":["info","savedobjects-service"],"pid":954,"message":"Starting saved objects migrations"}
kibana_1         | {"type":"log","@timestamp":"2021-06-25T07:27:13+00:00","tags":["info","savedobjects-service"],"pid":954,"message":"[.kibana] INIT -> CREATE_NEW_TARGET. took: 80ms."}
kibana_1         | {"type":"log","@timestamp":"2021-06-25T07:27:13+00:00","tags":["info","savedobjects-service"],"pid":954,"message":"[.kibana_task_manager] INIT -> CREATE_NEW_TARGET. took: 112ms."}
kibana_1         | {"type":"log","@timestamp":"2021-06-25T07:27:15+00:00","tags":["info","savedobjects-service"],"pid":954,"message":"[.kibana] CREATE_NEW_TARGET -> MARK_VERSION_INDEX_READY. took: 2315ms."}
kibana_1         | {"type":"log","@timestamp":"2021-06-25T07:27:15+00:00","tags":["info","savedobjects-service"],"pid":954,"message":"[.kibana_task_manager] CREATE_NEW_TARGET -> MARK_VERSION_INDEX_READY. took: 2289ms."}
kibana_1         | {"type":"log","@timestamp":"2021-06-25T07:27:15+00:00","tags":["info","savedobjects-service"],"pid":954,"message":"[.kibana] MARK_VERSION_INDEX_READY -> DONE. took: 253ms."}
kibana_1         | {"type":"log","@timestamp":"2021-06-25T07:27:15+00:00","tags":["info","savedobjects-service"],"pid":954,"message":"[.kibana] Migration completed after 2650ms"}
kibana_1         | {"type":"log","@timestamp":"2021-06-25T07:27:16+00:00","tags":["info","savedobjects-service"],"pid":954,"message":"[.kibana_task_manager] MARK_VERSION_INDEX_READY -> DONE. took: 337ms."}
kibana_1         | {"type":"log","@timestamp":"2021-06-25T07:27:16+00:00","tags":["info","savedobjects-service"],"pid":954,"message":"[.kibana_task_manager] Migration completed after 2739ms"}
kibana_1         | {"type":"log","@timestamp":"2021-06-25T07:27:16+00:00","tags":["info","plugins-system"],"pid":954,"message":"Starting [106] plugins: [taskManager,licensing,globalSearch,globalSearchProviders,banners,code,usageCollection,xpackLegacy,telemetryCollectionManager,telemetry,telemetryCollectionXpack,kibanaUsageCollection,securityOss,share,newsfeed,mapsEms,mapsLegacy,kibanaLegacy,translations,licenseApiGuard,legacyExport,embeddable,uiActionsEnhanced,esUiShared,expressions,charts,bfetch,data,home,apmOss,console,consoleExtensions,searchprofiler,painlessLab,grokdebugger,management,advancedSettings,savedObjects,visualizations,visTypeTimelion,features,licenseManagement,watcher,visTypeVislib,visTypeVega,visTypeTagcloud,visTypeTable,visTypeMetric,visTypeMarkdown,visTypeXy,tileMap,regionMap,presentationUtil,canvas,graph,timelion,dashboard,dashboardEnhanced,visualize,visTypeTimeseries,inputControlVis,indexPatternManagement,discover,discoverEnhanced,savedObjectsManagement,spaces,security,savedObjectsTagging,lens,reporting,lists,encryptedSavedObjects,dataEnhanced,dashboardMode,cloud,snapshotRestore,upgradeAssistant,fleet,indexManagement,rollup,remoteClusters,crossClusterReplication,indexLifecycleManagement,enterpriseSearch,beatsManagement,transform,ingestPipelines,fileUpload,maps,fileDataVisualizer,eventLog,actions,alerting,triggersActionsUi,stackAlerts,ruleRegistry,observability,osquery,ml,securitySolution,cases,infra,monitoring,logstash,apm,uptime]"}
kibana_1         | {"type":"log","@timestamp":"2021-06-25T07:27:22+00:00","tags":["info","http","server","Kibana"],"pid":954,"message":"http server running at http://0.0.0.0:5601"}
kibana_1         | {"type":"log","@timestamp":"2021-06-25T07:27:23+00:00","tags":["info","plugins","monitoring","monitoring","kibana-monitoring"],"pid":954,"message":"Starting monitoring stats collection"}
kibana_1         | {"type":"log","@timestamp":"2021-06-25T07:27:24+00:00","tags":["info","plugins","reporting"],"pid":954,"message":"Browser executable: /usr/share/kibana/x-pack/plugins/reporting/chromium/headless_shell-linux_x64/headless_shell"}
kibana_1         | {"type":"log","@timestamp":"2021-06-25T07:27:24+00:00","tags":["warning","plugins","reporting"],"pid":954,"message":"Enabling the Chromium sandbox provides an additional layer of protection."}
kibana_1         | {"type":"log","@timestamp":"2021-06-25T07:27:27+00:00","tags":["info","plugins","securitySolution"],"pid":954,"message":"Dependent plugin setup complete - Starting ManifestTask"}
elasticsearch_1  | Created elasticsearch keystore in /usr/share/elasticsearch/config/elasticsearch.keystore
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:41,762Z", "level": "INFO", "component": "o.e.n.Node", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "version[7.13.2], pid[8], build[default/docker/4d960a0733be83dd2543ca018aa4ddc42e956800/2021-06-10T21:01:55.251515791Z], OS[Linux/4.19.0-17-amd64/amd64], JVM[AdoptOpenJDK/OpenJDK 64-Bit Server VM/16/16+36]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:41,774Z", "level": "INFO", "component": "o.e.n.Node", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "JVM home [/usr/share/elasticsearch/jdk], using bundled JDK [true]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:41,776Z", "level": "INFO", "component": "o.e.n.Node", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "JVM arguments [-Xshare:auto, -Des.networkaddress.cache.ttl=60, -Des.networkaddress.cache.negative.ttl=10, -XX:+AlwaysPreTouch, -Xss1m, -Djava.awt.headless=true, -Dfile.encoding=UTF-8, -Djna.nosys=true, -XX:-OmitStackTraceInFastThrow, -XX:+ShowCodeDetailsInExceptionMessages, -Dio.netty.noUnsafe=true, -Dio.netty.noKeySetOptimization=true, -Dio.netty.recycler.maxCapacityPerThread=0, -Dio.netty.allocator.numDirectArenas=0, -Dlog4j.shutdownHookEnabled=false, -Dlog4j2.disable.jmx=true, -Djava.locale.providers=SPI,COMPAT, --add-opens=java.base/java.io=ALL-UNNAMED, -XX:+UseG1GC, -Djava.io.tmpdir=/tmp/elasticsearch-4219873275641245360, -XX:+HeapDumpOnOutOfMemoryError, -XX:HeapDumpPath=data, -XX:ErrorFile=logs/hs_err_pid%p.log, -Xlog:gc*,gc+age=trace,safepoint:file=logs/gc.log:utctime,pid,tags:filecount=32,filesize=64m, -Des.cgroups.hierarchy.override=/, -Xmx256m, -Xms256m, -XX:MaxDirectMemorySize=134217728, -XX:G1HeapRegionSize=4m, -XX:InitiatingHeapOccupancyPercent=30, -XX:G1ReservePercent=15, -Des.path.home=/usr/share/elasticsearch, -Des.path.conf=/usr/share/elasticsearch/config, -Des.distribution.flavor=default, -Des.distribution.type=docker, -Des.bundled_jdk=true]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,468Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [aggs-matrix-stats]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,469Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [analysis-common]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,474Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [constant-keyword]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,474Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [frozen-indices]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,475Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [ingest-common]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,477Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [ingest-geoip]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,477Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [ingest-user-agent]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,478Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [kibana]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,478Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [lang-expression]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,479Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [lang-mustache]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,480Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [lang-painless]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,480Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [mapper-extras]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,481Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [mapper-version]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,482Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [parent-join]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,483Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [percolator]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,490Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [rank-eval]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,491Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [reindex]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,491Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [repositories-metering-api]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,492Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [repository-encrypted]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,493Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [repository-url]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,495Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [runtime-fields-common]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,497Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [search-business-rules]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,499Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [searchable-snapshots]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,506Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [snapshot-repo-test-kit]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,507Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [spatial]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,508Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [transform]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,509Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [transport-netty4]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,509Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [unsigned-long]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,510Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [vectors]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,510Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [wildcard]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,511Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [x-pack-aggregate-metric]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,512Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [x-pack-analytics]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,514Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [x-pack-async]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,514Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [x-pack-async-search]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,515Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [x-pack-autoscaling]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,515Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [x-pack-ccr]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,515Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [x-pack-core]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,522Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [x-pack-data-streams]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,522Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [x-pack-deprecation]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,523Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [x-pack-enrich]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,523Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [x-pack-eql]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,523Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [x-pack-fleet]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,524Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [x-pack-graph]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,524Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [x-pack-identity-provider]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,524Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [x-pack-ilm]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,525Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [x-pack-logstash]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,525Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [x-pack-ml]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,525Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [x-pack-monitoring]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,526Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [x-pack-ql]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,526Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [x-pack-rollup]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,526Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [x-pack-security]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,527Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [x-pack-shutdown]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,528Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [x-pack-sql]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,528Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [x-pack-stack]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,530Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [x-pack-text-structure]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,531Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [x-pack-voting-only-node]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,532Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "loaded module [x-pack-watcher]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,533Z", "level": "INFO", "component": "o.e.p.PluginsService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "no plugins loaded" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,629Z", "level": "INFO", "component": "o.e.e.NodeEnvironment", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "using [1] data paths, mounts [[/usr/share/elasticsearch/data (/dev/vda1)]], net usable_space [12.2gb], net total_space [18.6gb], types [ext4]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,637Z", "level": "INFO", "component": "o.e.e.NodeEnvironment", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "heap size [256mb], compressed ordinary object pointers [true]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:26:51,699Z", "level": "INFO", "component": "o.e.n.Node", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "node name [61959b8f3a2c], node ID [oc51XpL7RZmt9qeiUxJivw], cluster name [docker-cluster], roles [transform, data_frozen, master, remote_cluster_client, data, ml, data_content, data_hot, data_warm, data_cold, ingest]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:02,883Z", "level": "INFO", "component": "o.e.x.m.p.l.CppLogMessageHandler", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "[controller/508] [Main.cc@117] controller (64 bit): Version 7.13.2 (Build 4d6c6f14d75f39) Copyright (c) 2021 Elasticsearch BV" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:04,022Z", "level": "INFO", "component": "o.e.x.s.a.s.FileRolesStore", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "parsed [0] roles from file [/usr/share/elasticsearch/config/roles.yml]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:05,595Z", "level": "INFO", "component": "o.e.i.g.LocalDatabases", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "initialized default databases [[GeoLite2-Country.mmdb, GeoLite2-City.mmdb, GeoLite2-ASN.mmdb]], config databases [[]] and watching [/usr/share/elasticsearch/config/ingest-geoip] for changes" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:05,599Z", "level": "INFO", "component": "o.e.i.g.DatabaseRegistry", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "initialized database registry, using geoip-databases directory [/tmp/elasticsearch-4219873275641245360/geoip-databases/oc51XpL7RZmt9qeiUxJivw]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:07,174Z", "level": "INFO", "component": "o.e.t.NettyAllocator", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "creating NettyAllocator with the following configs: [name=unpooled, suggested_max_allocation_size=1mb, factors={es.unsafe.use_unpooled_allocator=null, g1gc_enabled=true, g1gc_region_size=4mb, heap_size=256mb}]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:07,324Z", "level": "INFO", "component": "o.e.d.DiscoveryModule", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "using discovery type [single-node] and seed hosts providers [settings]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:08,552Z", "level": "INFO", "component": "o.e.g.DanglingIndicesState", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "gateway.auto_import_dangling_indices is disabled, dangling indices will not be automatically detected or imported and must be managed manually" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:09,726Z", "level": "INFO", "component": "o.e.n.Node", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "initialized" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:09,730Z", "level": "INFO", "component": "o.e.n.Node", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "starting ..." }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:09,762Z", "level": "INFO", "component": "o.e.x.s.c.f.PersistentCache", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "persistent cache index loaded" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:10,038Z", "level": "INFO", "component": "o.e.t.TransportService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "publish_address {172.18.0.2:9300}, bound_addresses {0.0.0.0:9300}" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:10,291Z", "level": "WARN", "component": "o.e.b.BootstrapChecks", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:10,310Z", "level": "INFO", "component": "o.e.c.c.Coordinator", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "setting initial configuration to VotingConfiguration{oc51XpL7RZmt9qeiUxJivw}" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:10,587Z", "level": "INFO", "component": "o.e.c.s.MasterService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "elected-as-master ([1] nodes joined)[{61959b8f3a2c}{oc51XpL7RZmt9qeiUxJivw}{UplBYLDoSx2cFQCcKAQWTQ}{172.18.0.2}{172.18.0.2:9300}{cdfhilmrstw} elect leader, _BECOME_MASTER_TASK_, _FINISH_ELECTION_], term: 1, version: 1, delta: master node changed {previous [], current [{61959b8f3a2c}{oc51XpL7RZmt9qeiUxJivw}{UplBYLDoSx2cFQCcKAQWTQ}{172.18.0.2}{172.18.0.2:9300}{cdfhilmrstw}]}" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:10,678Z", "level": "INFO", "component": "o.e.c.c.CoordinationState", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "cluster UUID set to [NgWjzUiJS9SS8VcrlCdNtA]" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:10,738Z", "level": "INFO", "component": "o.e.c.s.ClusterApplierService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "master node changed {previous [], current [{61959b8f3a2c}{oc51XpL7RZmt9qeiUxJivw}{UplBYLDoSx2cFQCcKAQWTQ}{172.18.0.2}{172.18.0.2:9300}{cdfhilmrstw}]}, term: 1, version: 1, reason: Publication{term=1, version=1}" }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:10,913Z", "level": "INFO", "component": "o.e.h.AbstractHttpServerTransport", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "publish_address {172.18.0.2:9200}, bound_addresses {0.0.0.0:9200}", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:10,914Z", "level": "INFO", "component": "o.e.n.Node", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "started", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:10,956Z", "level": "INFO", "component": "o.e.x.c.t.IndexTemplateRegistry", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "adding legacy template [.ml-anomalies-] for [ml], because it doesn't exist", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:10,957Z", "level": "INFO", "component": "o.e.x.c.t.IndexTemplateRegistry", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "adding legacy template [.ml-state] for [ml], because it doesn't exist", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:10,958Z", "level": "INFO", "component": "o.e.x.c.t.IndexTemplateRegistry", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "adding legacy template [.ml-notifications-000001] for [ml], because it doesn't exist", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:10,958Z", "level": "INFO", "component": "o.e.x.c.t.IndexTemplateRegistry", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "adding legacy template [.ml-stats] for [ml], because it doesn't exist", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:11,307Z", "level": "INFO", "component": "o.e.g.GatewayService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "recovered [0] indices into cluster_state", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:12,115Z", "level": "INFO", "component": "o.e.c.m.MetadataIndexTemplateService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "adding template [.ml-stats] for index patterns [.ml-stats-*]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:12,345Z", "level": "INFO", "component": "o.e.c.m.MetadataIndexTemplateService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "adding template [.ml-notifications-000001] for index patterns [.ml-notifications-000001]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:12,491Z", "level": "INFO", "component": "o.e.c.m.MetadataIndexTemplateService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "adding template [.ml-anomalies-] for index patterns [.ml-anomalies-*]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:12,635Z", "level": "INFO", "component": "o.e.c.m.MetadataIndexTemplateService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "adding template [.ml-state] for index patterns [.ml-state*]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:12,779Z", "level": "INFO", "component": "o.e.c.m.MetadataIndexTemplateService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "adding component template [logs-mappings]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:12,908Z", "level": "INFO", "component": "o.e.c.m.MetadataIndexTemplateService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "adding component template [metrics-settings]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:13,028Z", "level": "INFO", "component": "o.e.c.m.MetadataIndexTemplateService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "adding component template [synthetics-settings]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:13,125Z", "level": "INFO", "component": "o.e.c.m.MetadataIndexTemplateService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "adding component template [metrics-mappings]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:13,236Z", "level": "INFO", "component": "o.e.c.m.MetadataIndexTemplateService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "adding component template [synthetics-mappings]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:13,344Z", "level": "INFO", "component": "o.e.c.m.MetadataIndexTemplateService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "adding component template [logs-settings]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:13,524Z", "level": "INFO", "component": "o.e.c.m.MetadataIndexTemplateService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "adding index template [.slm-history] for index patterns [.slm-history-5*]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:13,623Z", "level": "INFO", "component": "o.e.c.m.MetadataIndexTemplateService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "adding index template [ilm-history] for index patterns [ilm-history-5*]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:13,727Z", "level": "INFO", "component": "o.e.c.m.MetadataIndexTemplateService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "adding index template [.watch-history-13] for index patterns [.watcher-history-13*]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:13,829Z", "level": "INFO", "component": "o.e.c.m.MetadataIndexTemplateService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "adding template [.monitoring-alerts-7] for index patterns [.monitoring-alerts-7]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:13,995Z", "level": "INFO", "component": "o.e.c.m.MetadataIndexTemplateService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "adding template [.monitoring-es] for index patterns [.monitoring-es-7-*]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:14,100Z", "level": "INFO", "component": "o.e.c.m.MetadataIndexTemplateService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "adding template [.monitoring-kibana] for index patterns [.monitoring-kibana-7-*]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:14,225Z", "level": "INFO", "component": "o.e.c.m.MetadataIndexTemplateService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "adding template [.monitoring-logstash] for index patterns [.monitoring-logstash-7-*]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:14,354Z", "level": "INFO", "component": "o.e.c.m.MetadataIndexTemplateService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "adding template [.monitoring-beats] for index patterns [.monitoring-beats-7-*]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:14,465Z", "level": "INFO", "component": "o.e.c.m.MetadataIndexTemplateService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "adding index template [metrics] for index patterns [metrics-*-*]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:14,621Z", "level": "INFO", "component": "o.e.c.m.MetadataIndexTemplateService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "adding index template [synthetics] for index patterns [synthetics-*-*]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:14,766Z", "level": "INFO", "component": "o.e.c.m.MetadataIndexTemplateService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "adding index template [logs] for index patterns [logs-*-*]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:14,972Z", "level": "INFO", "component": "o.e.c.m.MetadataCreateIndexService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "[.kibana_7.13.2_001] creating index, cause [api], templates [], shards [1]/[1]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:15,007Z", "level": "INFO", "component": "o.e.c.r.a.AllocationService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "updating number_of_replicas to [0] for indices [.kibana_7.13.2_001]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:15,309Z", "level": "INFO", "component": "o.e.c.m.MetadataCreateIndexService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "[.kibana_task_manager_7.13.2_001] creating index, cause [api], templates [], shards [1]/[1]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:15,311Z", "level": "INFO", "component": "o.e.c.r.a.AllocationService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "updating number_of_replicas to [0] for indices [.kibana_task_manager_7.13.2_001]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:15,450Z", "level": "INFO", "component": "o.e.x.i.a.TransportPutLifecycleAction", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "adding index lifecycle policy [ml-size-based-ilm-policy]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:15,613Z", "level": "INFO", "component": "o.e.c.r.a.AllocationService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "Cluster health status changed from [YELLOW] to [GREEN] (reason: [shards started [[.kibana_7.13.2_001][0], [.kibana_task_manager_7.13.2_001][0]]]).", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:15,743Z", "level": "INFO", "component": "o.e.x.i.a.TransportPutLifecycleAction", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "adding index lifecycle policy [metrics]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:16,081Z", "level": "INFO", "component": "o.e.x.i.a.TransportPutLifecycleAction", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "adding index lifecycle policy [synthetics]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:16,212Z", "level": "INFO", "component": "o.e.x.i.a.TransportPutLifecycleAction", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "adding index lifecycle policy [logs]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:16,336Z", "level": "INFO", "component": "o.e.x.i.a.TransportPutLifecycleAction", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "adding index lifecycle policy [watch-history-ilm-policy]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:16,439Z", "level": "INFO", "component": "o.e.x.i.a.TransportPutLifecycleAction", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "adding index lifecycle policy [ilm-history-ilm-policy]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:16,516Z", "level": "INFO", "component": "o.e.x.i.a.TransportPutLifecycleAction", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "adding index lifecycle policy [slm-history-ilm-policy]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:16,682Z", "level": "INFO", "component": "o.e.x.i.a.TransportPutLifecycleAction", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "adding index lifecycle policy [.fleet-actions-results-ilm-policy]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:17,116Z", "level": "INFO", "component": "o.e.l.LicenseService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "license [3cb088b1-af50-495a-9e91-7f3149ff479f] mode [trial] - valid", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:17,118Z", "level": "INFO", "component": "o.e.x.s.s.SecurityStatusChangeListener", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "Active license is now [TRIAL]; Security is enabled", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:21,258Z", "level": "INFO", "component": "o.e.c.m.MetadataCreateIndexService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "[.watches] creating index, cause [auto(bulk api)], templates [], shards [1]/[0]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:21,433Z", "level": "INFO", "component": "o.e.c.r.a.AllocationService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "Cluster health status changed from [YELLOW] to [GREEN] (reason: [shards started [[.watches][0]]]).", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:21,543Z", "level": "INFO", "component": "o.e.x.w.WatcherService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "reloading watcher, reason [new local watcher shard allocation ids], cancelled [0] queued tasks", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "deprecation.elasticsearch", "timestamp": "2021-06-25T07:27:21,554Z", "level": "DEPRECATION", "component": "o.e.d.r.RestController", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "Legacy index templates are deprecated in favor of composable templates.", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:21,717Z", "level": "INFO", "component": "o.e.c.m.MetadataIndexTemplateService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "adding template [logstash] for index patterns [logstash-*]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:21,940Z", "level": "INFO", "component": "o.e.c.m.MetadataMappingService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "[.watches/hwtyfHJgRqSK3zT5Sk79Xw] update_mapping [_doc]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:22,007Z", "level": "INFO", "component": "o.e.c.m.MetadataMappingService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "[.watches/hwtyfHJgRqSK3zT5Sk79Xw] update_mapping [_doc]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:22,205Z", "level": "INFO", "component": "o.e.c.m.MetadataCreateIndexService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "[logstash-2021.06.25-000001] creating index, cause [api], templates [logstash], shards [1]/[1]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "deprecation.elasticsearch", "timestamp": "2021-06-25T07:27:22,399Z", "level": "DEPRECATION", "component": "o.e.d.c.m.MetadataCreateIndexService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "index name [.monitoring-es-7-2021.06.25] starts with a dot '.', in the next major version, index names starting with a dot are reserved for hidden indices and system indices", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:22,478Z", "level": "INFO", "component": "o.e.c.m.MetadataCreateIndexService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "[.monitoring-es-7-2021.06.25] creating index, cause [auto(bulk api)], templates [.monitoring-es], shards [1]/[0]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:23,589Z", "level": "INFO", "component": "o.e.c.m.MetadataMappingService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "[.kibana_7.13.2_001/cs1O_RzzQvmj3LIuJf7hDA] update_mapping [_doc]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:23,612Z", "level": "INFO", "component": "o.e.c.m.MetadataMappingService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "[.kibana_task_manager_7.13.2_001/bc3wmH-UR4qR3v0o3jDBGQ] update_mapping [_doc]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:23,966Z", "level": "INFO", "component": "o.e.c.m.MetadataCreateIndexService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "[.apm-agent-configuration] creating index, cause [api], templates [], shards [1]/[1]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:23,969Z", "level": "INFO", "component": "o.e.c.r.a.AllocationService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "updating number_of_replicas to [0] for indices [.apm-agent-configuration]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:24,228Z", "level": "INFO", "component": "o.e.c.m.MetadataCreateIndexService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "[.apm-custom-link] creating index, cause [api], templates [], shards [1]/[1]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:24,263Z", "level": "INFO", "component": "o.e.c.r.a.AllocationService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "updating number_of_replicas to [0] for indices [.apm-custom-link]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:24,452Z", "level": "INFO", "component": "o.e.x.s.s.SecurityIndexManager", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "security index does not exist, creating [.security-7] with alias [.security]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:24,585Z", "level": "INFO", "component": "o.e.c.m.MetadataIndexTemplateService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "adding template [.management-beats] for index patterns [.management-beats]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:24,717Z", "level": "INFO", "component": "o.e.c.m.MetadataIndexTemplateService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "adding template [.kibana_security_session_index_template_1] for index patterns [.kibana_security_session_1]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:25,070Z", "level": "INFO", "component": "o.e.c.m.MetadataCreateIndexService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "[.security-7] creating index, cause [api], templates [], shards [1]/[0]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:25,257Z", "level": "INFO", "component": "o.e.c.m.MetadataCreateIndexService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "[.monitoring-kibana-7-2021.06.25] creating index, cause [auto(bulk api)], templates [.monitoring-kibana], shards [1]/[0]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:25,366Z", "level": "INFO", "component": "o.e.c.m.MetadataCreateIndexService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "[.kibana_security_session_1] creating index, cause [api], templates [.kibana_security_session_index_template_1], shards [1]/[0]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:25,817Z", "level": "INFO", "component": "o.e.c.m.MetadataMappingService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "[.kibana_7.13.2_001/cs1O_RzzQvmj3LIuJf7hDA] update_mapping [_doc]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:25,830Z", "level": "INFO", "component": "o.e.c.m.MetadataMappingService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "[.kibana_7.13.2_001/cs1O_RzzQvmj3LIuJf7hDA] update_mapping [_doc]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:25,996Z", "level": "INFO", "component": "o.e.x.i.a.TransportPutLifecycleAction", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "adding index lifecycle policy [kibana-event-log-policy]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:26,079Z", "level": "INFO", "component": "o.e.x.i.a.TransportPutLifecycleAction", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "adding index lifecycle policy [logstash-policy]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:26,183Z", "level": "INFO", "component": "o.e.c.m.MetadataIndexTemplateService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "adding template [.kibana-event-log-7.13.2-template] for index patterns [.kibana-event-log-7.13.2-*]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:26,263Z", "level": "INFO", "component": "o.e.x.i.IndexLifecycleTransition", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "moving index [logstash-2021.06.25-000001] from [null] to [{\"phase\":\"new\",\"action\":\"complete\",\"name\":\"complete\"}] in policy [logstash-policy]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:26,391Z", "level": "INFO", "component": "o.e.c.m.MetadataCreateIndexService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "[.kibana-event-log-7.13.2-000001] creating index, cause [api], templates [.kibana-event-log-7.13.2-template], shards [1]/[1]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:26,393Z", "level": "INFO", "component": "o.e.c.r.a.AllocationService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "updating number_of_replicas to [0] for indices [.kibana-event-log-7.13.2-000001]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:26,479Z", "level": "INFO", "component": "o.e.x.i.IndexLifecycleTransition", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "moving index [logstash-2021.06.25-000001] from [{\"phase\":\"new\",\"action\":\"complete\",\"name\":\"complete\"}] to [{\"phase\":\"hot\",\"action\":\"unfollow\",\"name\":\"branch-check-unfollow-prerequisites\"}] in policy [logstash-policy]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:26,636Z", "level": "INFO", "component": "o.e.x.i.IndexLifecycleTransition", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "moving index [.kibana-event-log-7.13.2-000001] from [null] to [{\"phase\":\"new\",\"action\":\"complete\",\"name\":\"complete\"}] in policy [kibana-event-log-policy]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:26,710Z", "level": "INFO", "component": "o.e.x.i.IndexLifecycleTransition", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "moving index [logstash-2021.06.25-000001] from [{\"phase\":\"hot\",\"action\":\"unfollow\",\"name\":\"branch-check-unfollow-prerequisites\"}] to [{\"phase\":\"hot\",\"action\":\"rollover\",\"name\":\"check-rollover-ready\"}] in policy [logstash-policy]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:26,824Z", "level": "INFO", "component": "o.e.x.i.IndexLifecycleTransition", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "moving index [.kibana-event-log-7.13.2-000001] from [{\"phase\":\"new\",\"action\":\"complete\",\"name\":\"complete\"}] to [{\"phase\":\"hot\",\"action\":\"unfollow\",\"name\":\"branch-check-unfollow-prerequisites\"}] in policy [kibana-event-log-policy]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:26,917Z", "level": "INFO", "component": "o.e.x.i.IndexLifecycleTransition", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "moving index [.kibana-event-log-7.13.2-000001] from [{\"phase\":\"hot\",\"action\":\"unfollow\",\"name\":\"branch-check-unfollow-prerequisites\"}] to [{\"phase\":\"hot\",\"action\":\"rollover\",\"name\":\"check-rollover-ready\"}] in policy [kibana-event-log-policy]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "deprecation.elasticsearch", "timestamp": "2021-06-25T07:27:29,132Z", "level": "DEPRECATION", "component": "o.e.d.c.m.IndexNameExpressionResolver", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "this request accesses system indices: [.security-7, .watches], but in a future major version, direct access to system indices will be prevented by default", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:30,580Z", "level": "INFO", "component": "o.e.c.m.MetadataCreateIndexService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "[.ds-ilm-history-5-2021.06.25-000001] creating index, cause [initialize_data_stream], templates [ilm-history], shards [1]/[0]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:30,590Z", "level": "INFO", "component": "o.e.c.m.MetadataCreateDataStreamService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "adding data stream [ilm-history-5] with write index [.ds-ilm-history-5-2021.06.25-000001] and backing indices []", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:30,666Z", "level": "INFO", "component": "o.e.x.i.IndexLifecycleTransition", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "moving index [.ds-ilm-history-5-2021.06.25-000001] from [null] to [{\"phase\":\"new\",\"action\":\"complete\",\"name\":\"complete\"}] in policy [ilm-history-ilm-policy]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:30,784Z", "level": "INFO", "component": "o.e.x.i.IndexLifecycleTransition", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "moving index [.ds-ilm-history-5-2021.06.25-000001] from [{\"phase\":\"new\",\"action\":\"complete\",\"name\":\"complete\"}] to [{\"phase\":\"hot\",\"action\":\"unfollow\",\"name\":\"branch-check-unfollow-prerequisites\"}] in policy [ilm-history-ilm-policy]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:30,832Z", "level": "INFO", "component": "o.e.x.i.IndexLifecycleTransition", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "moving index [.ds-ilm-history-5-2021.06.25-000001] from [{\"phase\":\"hot\",\"action\":\"unfollow\",\"name\":\"branch-check-unfollow-prerequisites\"}] to [{\"phase\":\"hot\",\"action\":\"rollover\",\"name\":\"check-rollover-ready\"}] in policy [ilm-history-ilm-policy]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:27:57,560Z", "level": "INFO", "component": "o.e.c.m.MetadataCreateIndexService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "[.monitoring-logstash-7-2021.06.25] creating index, cause [auto(bulk api)], templates [.monitoring-logstash], shards [1]/[0]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:28:22,706Z", "level": "INFO", "component": "o.e.c.m.MetadataCreateIndexService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "[.triggered_watches] creating index, cause [auto(bulk api)], templates [], shards [1]/[1]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:28:22,714Z", "level": "INFO", "component": "o.e.c.r.a.AllocationService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "updating number_of_replicas to [0] for indices [.triggered_watches]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:28:23,436Z", "level": "INFO", "component": "o.e.c.m.MetadataCreateIndexService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "[.monitoring-alerts-7] creating index, cause [auto(bulk api)], templates [.monitoring-alerts-7], shards [1]/[0]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:28:23,497Z", "level": "INFO", "component": "o.e.c.m.MetadataCreateIndexService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "[.watcher-history-13-2021.06.25] creating index, cause [auto(bulk api)], templates [.watch-history-13], shards [1]/[0]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:28:23,648Z", "level": "INFO", "component": "o.e.x.i.IndexLifecycleTransition", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "moving index [.watcher-history-13-2021.06.25] from [null] to [{\"phase\":\"new\",\"action\":\"complete\",\"name\":\"complete\"}] in policy [watch-history-ilm-policy]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:28:23,690Z", "level": "INFO", "component": "o.e.c.m.MetadataMappingService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "[.watcher-history-13-2021.06.25/ebZpB6Z0Q922Hupe6mgokg] update_mapping [_doc]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:28:23,769Z", "level": "INFO", "component": "o.e.c.m.MetadataMappingService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "[.watcher-history-13-2021.06.25/ebZpB6Z0Q922Hupe6mgokg] update_mapping [_doc]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
elasticsearch_1  | {"type": "server", "timestamp": "2021-06-25T07:28:24,301Z", "level": "INFO", "component": "o.e.c.m.MetadataMappingService", "cluster.name": "docker-cluster", "node.name": "61959b8f3a2c", "message": "[.watcher-history-13-2021.06.25/ebZpB6Z0Q922Hupe6mgokg] update_mapping [_doc]", "cluster.uuid": "NgWjzUiJS9SS8VcrlCdNtA", "node.id": "oc51XpL7RZmt9qeiUxJivw"  }
logstash_1       | Using bundled JDK: /usr/share/logstash/jdk
logstash_1       | OpenJDK 64-Bit Server VM warning: Option UseConcMarkSweepGC was deprecated in version 9.0 and will likely be removed in a future release.
logstash_1       | Sending Logstash logs to /usr/share/logstash/logs which is now configured via log4j2.properties
logstash_1       | [2021-06-25T07:27:10,598][INFO ][logstash.runner          ] Log4j configuration path used is: /usr/share/logstash/config/log4j2.properties
logstash_1       | [2021-06-25T07:27:10,638][INFO ][logstash.runner          ] Starting Logstash {"logstash.version"=>"7.13.2", "jruby.version"=>"jruby 9.2.16.0 (2.5.7) 2021-03-03 f82228dc32 OpenJDK 64-Bit Server VM 11.0.11+9 on 11.0.11+9 +indy +jit [linux-x86_64]"}
logstash_1       | [2021-06-25T07:27:10,710][INFO ][logstash.setting.writabledirectory] Creating directory {:setting=>"path.queue", :path=>"/usr/share/logstash/data/queue"}
logstash_1       | [2021-06-25T07:27:10,762][INFO ][logstash.setting.writabledirectory] Creating directory {:setting=>"path.dead_letter_queue", :path=>"/usr/share/logstash/data/dead_letter_queue"}
logstash_1       | [2021-06-25T07:27:11,661][INFO ][logstash.agent           ] No persistent UUID file found. Generating new UUID {:uuid=>"54130651-c5e3-4218-a8c0-fbb1030ec72b", :path=>"/usr/share/logstash/data/uuid"}
logstash_1       | [2021-06-25T07:27:12,710][WARN ][deprecation.logstash.monitoringextension.pipelineregisterhook] Internal collectors option for Logstash monitoring is deprecated and targeted for removal in the next major version.
logstash_1       | Please configure Metricbeat to monitor Logstash. Documentation can be found at: 
logstash_1       | https://www.elastic.co/guide/en/logstash/current/monitoring-with-metricbeat.html
logstash_1       | [2021-06-25T07:27:13,785][WARN ][deprecation.logstash.outputs.elasticsearch] Relying on default value of `pipeline.ecs_compatibility`, which may change in a future major release of Logstash. To avoid unexpected changes when upgrading Logstash, please explicitly declare your desired ECS Compatibility mode.
logstash_1       | [2021-06-25T07:27:14,949][INFO ][logstash.licensechecker.licensereader] Elasticsearch pool URLs updated {:changes=>{:removed=>[], :added=>[https://elastic:xxxxxx@elasticsearch:9200/]}}
logstash_1       | [2021-06-25T07:27:15,811][WARN ][logstash.licensechecker.licensereader] Restored connection to ES instance {:url=>"https://elastic:xxxxxx@elasticsearch:9200/"}
logstash_1       | [2021-06-25T07:27:15,933][INFO ][logstash.licensechecker.licensereader] Elasticsearch version determined (7.13.2) {:es_version=>7}
logstash_1       | [2021-06-25T07:27:15,938][WARN ][logstash.licensechecker.licensereader] Detected a 6.x and above cluster: the `type` event field won't be used to determine the document _type {:es_version=>7}
logstash_1       | [2021-06-25T07:27:16,075][WARN ][logstash.licensechecker.xpackinfo] Nil response from License Server
logstash_1       | [2021-06-25T07:27:16,284][ERROR][logstash.monitoring.internalpipelinesource] Monitoring is not available: License information is currently unavailable. Please make sure you have added your production elasticsearch connection info in the xpack.monitoring.elasticsearch settings.
logstash_1       | [2021-06-25T07:27:17,545][INFO ][logstash.agent           ] Successfully started Logstash API endpoint {:port=>9600}
logstash_1       | [2021-06-25T07:27:18,578][INFO ][org.reflections.Reflections] Reflections took 76 ms to scan 1 urls, producing 24 keys and 48 values 
logstash_1       | [2021-06-25T07:27:19,445][WARN ][deprecation.logstash.inputs.beats] Relying on default value of `pipeline.ecs_compatibility`, which may change in a future major release of Logstash. To avoid unexpected changes when upgrading Logstash, please explicitly declare your desired ECS Compatibility mode.
logstash_1       | [2021-06-25T07:27:20,058][INFO ][logstash.outputs.elasticsearch][main] New Elasticsearch output {:class=>"LogStash::Outputs::ElasticSearch", :hosts=>["//elasticsearch:9200"]}
logstash_1       | [2021-06-25T07:27:20,204][INFO ][logstash.outputs.elasticsearch][main] Elasticsearch pool URLs updated {:changes=>{:removed=>[], :added=>[https://elastic:xxxxxx@elasticsearch:9200/]}}
logstash_1       | [2021-06-25T07:27:20,409][WARN ][logstash.outputs.elasticsearch][main] Restored connection to ES instance {:url=>"https://elastic:xxxxxx@elasticsearch:9200/"}
logstash_1       | [2021-06-25T07:27:20,438][INFO ][logstash.outputs.elasticsearch][main] Elasticsearch version determined (7.13.2) {:es_version=>7}
logstash_1       | [2021-06-25T07:27:20,454][WARN ][logstash.outputs.elasticsearch][main] Detected a 6.x and above cluster: the `type` event field won't be used to determine the document _type {:es_version=>7}
logstash_1       | [2021-06-25T07:27:20,703][WARN ][logstash.outputs.elasticsearch][main] Configuration is data stream compliant but due backwards compatibility Logstash 7.x will not assume writing to a data-stream, default behavior will change on Logstash 8.0 (set `data_stream => true/false` to disable this warning)
logstash_1       | [2021-06-25T07:27:20,708][WARN ][logstash.outputs.elasticsearch][main] Configuration is data stream compliant but due backwards compatibility Logstash 7.x will not assume writing to a data-stream, default behavior will change on Logstash 8.0 (set `data_stream => true/false` to disable this warning)
logstash_1       | [2021-06-25T07:27:20,926][INFO ][logstash.outputs.elasticsearch][main] Using a default mapping template {:es_version=>7, :ecs_compatibility=>:disabled}
logstash_1       | [2021-06-25T07:27:21,141][INFO ][logstash.javapipeline    ][main] Starting pipeline {:pipeline_id=>"main", "pipeline.workers"=>4, "pipeline.batch.size"=>125, "pipeline.batch.delay"=>50, "pipeline.max_inflight"=>500, "pipeline.sources"=>["/usr/share/logstash/pipeline/logstash.conf"], :thread=>"#<Thread:0x7cc0046e run>"}
logstash_1       | [2021-06-25T07:27:21,304][INFO ][logstash.outputs.elasticsearch][main] Installing Elasticsearch template {:name=>"logstash"}
logstash_1       | [2021-06-25T07:27:23,272][INFO ][logstash.outputs.elasticsearch][main] Created rollover alias {:name=>"<logstash-{now/d}-000001>"}
logstash_1       | [2021-06-25T07:27:23,891][INFO ][logstash.outputs.elasticsearch][main] Installing ILM policy {"policy"=>{"phases"=>{"hot"=>{"actions"=>{"rollover"=>{"max_size"=>"50gb", "max_age"=>"30d"}}}}}} {:name=>"logstash-policy"}
logstash_1       | [2021-06-25T07:27:24,092][INFO ][logstash.javapipeline    ][main] Pipeline Java execution initialization time {"seconds"=>2.93}
logstash_1       | [2021-06-25T07:27:24,214][INFO ][logstash.inputs.beats    ][main] Starting input listener {:address=>"0.0.0.0:5044"}
logstash_1       | [2021-06-25T07:27:24,721][INFO ][logstash.javapipeline    ][main] Pipeline started {"pipeline.id"=>"main"}
logstash_1       | [2021-06-25T07:27:24,760][INFO ][logstash.inputs.tcp      ][main][eaf052bc3ee78e9707b3c41218676ec87dcf647cbd8646507b2ef3dd648f7ba8] Starting tcp input listener {:address=>"0.0.0.0:5000", :ssl_enable=>false}
logstash_1       | [2021-06-25T07:27:24,825][INFO ][org.logstash.beats.Server][main][b028f07ab8a1cce691a7c34c092f9fde51d00da84ac6a4663ee10241cbab6a81] Starting server on port: 5044
logstash_1       | [2021-06-25T07:27:24,963][INFO ][logstash.agent           ] Pipelines running {:count=>1, :running_pipelines=>[:main], :non_running_pipelines=>[]}
logstash_1       | [2021-06-25T07:27:46,230][INFO ][logstash.monitoring.internalpipelinesource] Monitoring License OK
logstash_1       | [2021-06-25T07:27:46,231][INFO ][logstash.monitoring.internalpipelinesource] Validated license for monitoring. Enabling monitoring pipeline.
logstash_1       | [2021-06-25T07:27:47,065][WARN ][deprecation.logstash.outputs.elasticsearchmonitoring] Relying on default value of `pipeline.ecs_compatibility`, which may change in a future major release of Logstash. To avoid unexpected changes when upgrading Logstash, please explicitly declare your desired ECS Compatibility mode.
logstash_1       | [2021-06-25T07:27:47,078][INFO ][logstash.outputs.elasticsearchmonitoring][.monitoring-logstash] New Elasticsearch output {:class=>"LogStash::Outputs::ElasticSearchMonitoring", :hosts=>["https://elasticsearch:9200"]}
logstash_1       | [2021-06-25T07:27:47,097][INFO ][logstash.outputs.elasticsearchmonitoring][.monitoring-logstash] Elasticsearch pool URLs updated {:changes=>{:removed=>[], :added=>[https://elastic:xxxxxx@elasticsearch:9200/]}}
logstash_1       | [2021-06-25T07:27:47,152][WARN ][logstash.outputs.elasticsearchmonitoring][.monitoring-logstash] Restored connection to ES instance {:url=>"https://elastic:xxxxxx@elasticsearch:9200/"}
logstash_1       | [2021-06-25T07:27:47,159][INFO ][logstash.outputs.elasticsearchmonitoring][.monitoring-logstash] Elasticsearch version determined (7.13.2) {:es_version=>7}
logstash_1       | [2021-06-25T07:27:47,160][WARN ][logstash.outputs.elasticsearchmonitoring][.monitoring-logstash] Detected a 6.x and above cluster: the `type` event field won't be used to determine the document _type {:es_version=>7}
logstash_1       | [2021-06-25T07:27:47,209][WARN ][logstash.outputs.elasticsearchmonitoring][.monitoring-logstash] Configuration is data stream compliant but due backwards compatibility Logstash 7.x will not assume writing to a data-stream, default behavior will change on Logstash 8.0 (set `data_stream => true/false` to disable this warning)
logstash_1       | [2021-06-25T07:27:47,211][WARN ][logstash.javapipeline    ][.monitoring-logstash] 'pipeline.ordered' is enabled and is likely less efficient, consider disabling if preserving event order is not necessary
logstash_1       | [2021-06-25T07:27:47,216][INFO ][logstash.javapipeline    ][.monitoring-logstash] Starting pipeline {:pipeline_id=>".monitoring-logstash", "pipeline.workers"=>1, "pipeline.batch.size"=>2, "pipeline.batch.delay"=>50, "pipeline.max_inflight"=>2, "pipeline.sources"=>["monitoring pipeline"], :thread=>"#<Thread:0x7fc7fc04 run>"}
logstash_1       | [2021-06-25T07:27:47,258][INFO ][logstash.javapipeline    ][.monitoring-logstash] Pipeline Java execution initialization time {"seconds"=>0.04}
logstash_1       | [2021-06-25T07:27:47,290][INFO ][logstash.javapipeline    ][.monitoring-logstash] Pipeline started {"pipeline.id"=>".monitoring-logstash"}
logstash_1       | [2021-06-25T07:27:47,307][INFO ][logstash.agent           ] Pipelines running {:count=>2, :running_pipelines=>[:main, :".monitoring-logstash"], :non_running_pipelines=>[]}

[antoineco]

Interesting, thanks for the detailed report!

The script seems to be picking the IP address of the container instead of simply using localhost. Because this IP is not declared in the certificate, the operation fails.

Could you try passing the URL explicitly and report whether it helps?

bin/elasticsearch-setup-passwords auto --batch -u https://localhost:9200

If that solves the problem, I'll add these instructions to the README.

[Jordanlelay]

Yes it worked! Thanks for the help :slightly_smiling_face: