Elastic Stack doesn't work on prod server

[edkry]

Problem description

There are two issues I noticed. I am deploying Elastic stack to prod server. I am able to curl ip_address:9200 and receive the output from the local machine, but not receiving any output when I try to run the same command from my personal pc.

I am not able to reach Kibana in web browser ip_address:5601.

Extra information

Virtualization: microsoft Operating System: Ubuntu 20.04.3 LTS Kernel: Linux 5.13.0-1017-azure Architecture: x86-64

I tried to modify elasticsearch/config/elasticsearh.yml file following this thread.

For example, tried adding these lines into the config file:

network.host: 0.0.0.0
network.bind_host: 0.0.0.0
network.publish_host: 0.0.0.0
discovery.seed_hosts: ["0.0.0.0", "[::0]"]

or:

transport.host: localhost 
transport.tcp.port: 9300 
http.port: 9200
network.host: 0.0.0.0

Nothing helped, so I am trying to run it again by default settings.

Stack configuration

Everything is by default.

Docker setup

$ docker version

Client: Docker Engine - Community
 Version:           20.10.12
 API version:       1.41
 Go version:        go1.16.12
 Git commit:        e91ed57
 Built:             Mon Dec 13 11:45:33 2021
 OS/Arch:           linux/amd64
 Context:           default
 Experimental:      true

Server: Docker Engine - Community
 Engine:
  Version:          20.10.12
  API version:      1.41 (minimum version 1.12)
  Go version:       go1.16.12
  Git commit:       459d0df
  Built:            Mon Dec 13 11:43:42 2021
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.4.12
  GitCommit:        7b11cfaabd73bb80907dd23182b9347b4245eb5d
 runc:
  Version:          1.0.2
  GitCommit:        v1.0.2-0-g52b36a2
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

$ docker-compose version

docker-compose version 1.29.2, build 5becea4c
docker-py version: 5.0.0
CPython version: 3.7.10
OpenSSL version: OpenSSL 1.1.0l  10 Sep 2019

Container logs

[edkry]

$ docker-compose logs

Attaching to docker-elk_kibana_1, docker-elk_logstash_1, docker-elk_setup_1, docker-elk_elasticsearch_1
elasticsearch_1  | Created elasticsearch keystore in /usr/share/elasticsearch/config/elasticsearch.keystore
setup_1          | -------- Tue May 24 10:28:09 UTC 2022 --------
setup_1          | [+] Waiting for availability of Elasticsearch
logstash_1       | Using bundled JDK: /usr/share/logstash/jdk
logstash_1       | OpenJDK 64-Bit Server VM warning: Option UseConcMarkSweepGC was deprecated in version 9.0 and will likely be removed in a future release.
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:15.958Z", "log.level": "INFO", "message":"version[8.2.0], pid[7], build[default/docker/b174af62e8dd9f4ac4d25875e9381ffe2b9282c5/2022-04-20T10:35:10.180408517Z], OS[Linux/5.13.0-1017-azure/amd64], JVM[Eclipse Adoptium/OpenJDK 64-Bit Server VM/18/18+36]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.node.Node","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:15.962Z", "log.level": "INFO", "message":"JVM home [/usr/share/elasticsearch/jdk], using bundled JDK [true]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.node.Node","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:15.962Z", "log.level": "INFO", "message":"JVM arguments [-Xshare:auto, -Des.networkaddress.cache.ttl=60, -Des.networkaddress.cache.negative.ttl=10, -Djava.security.manager=allow, -XX:+AlwaysPreTouch, -Xss1m, -Djava.awt.headless=true, -Dfile.encoding=UTF-8, -Djna.nosys=true, -XX:-OmitStackTraceInFastThrow, -XX:+ShowCodeDetailsInExceptionMessages, -Dio.netty.noUnsafe=true, -Dio.netty.noKeySetOptimization=true, -Dio.netty.recycler.maxCapacityPerThread=0, -Dlog4j.shutdownHookEnabled=false, -Dlog4j2.disable.jmx=true, -Dlog4j2.formatMsgNoLookups=true, -Djava.locale.providers=SPI,COMPAT, --add-opens=java.base/java.io=ALL-UNNAMED, -XX:+UseG1GC, -Djava.io.tmpdir=/tmp/elasticsearch-6346039971980896846, -XX:+HeapDumpOnOutOfMemoryError, -XX:+ExitOnOutOfMemoryError, -XX:HeapDumpPath=data, -XX:ErrorFile=logs/hs_err_pid%p.log, -Xlog:gc*,gc+age=trace,safepoint:file=logs/gc.log:utctime,pid,tags:filecount=32,filesize=64m, -Des.cgroups.hierarchy.override=/, -Xms512m, -Xmx512m, -XX:MaxDirectMemorySize=268435456, -XX:G1HeapRegionSize=4m, -XX:InitiatingHeapOccupancyPercent=30, -XX:G1ReservePercent=15, -Des.path.home=/usr/share/elasticsearch, -Des.path.conf=/usr/share/elasticsearch/config, -Des.distribution.flavor=default, -Des.distribution.type=docker, -Des.bundled_jdk=true]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.node.Node","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.926Z", "log.level": "INFO", "message":"loaded module [aggs-matrix-stats]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.927Z", "log.level": "INFO", "message":"loaded module [analysis-common]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.927Z", "log.level": "INFO", "message":"loaded module [constant-keyword]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.927Z", "log.level": "INFO", "message":"loaded module [data-streams]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.927Z", "log.level": "INFO", "message":"loaded module [frozen-indices]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.927Z", "log.level": "INFO", "message":"loaded module [ingest-common]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.927Z", "log.level": "INFO", "message":"loaded module [ingest-geoip]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.928Z", "log.level": "INFO", "message":"loaded module [ingest-user-agent]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.928Z", "log.level": "INFO", "message":"loaded module [kibana]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.928Z", "log.level": "INFO", "message":"loaded module [lang-expression]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.928Z", "log.level": "INFO", "message":"loaded module [lang-mustache]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.928Z", "log.level": "INFO", "message":"loaded module [lang-painless]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.928Z", "log.level": "INFO", "message":"loaded module [legacy-geo]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.928Z", "log.level": "INFO", "message":"loaded module [mapper-extras]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.928Z", "log.level": "INFO", "message":"loaded module [mapper-version]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.929Z", "log.level": "INFO", "message":"loaded module [parent-join]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.929Z", "log.level": "INFO", "message":"loaded module [percolator]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.929Z", "log.level": "INFO", "message":"loaded module [rank-eval]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.929Z", "log.level": "INFO", "message":"loaded module [reindex]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.929Z", "log.level": "INFO", "message":"loaded module [repositories-metering-api]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.929Z", "log.level": "INFO", "message":"loaded module [repository-azure]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.929Z", "log.level": "INFO", "message":"loaded module [repository-encrypted]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.930Z", "log.level": "INFO", "message":"loaded module [repository-gcs]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.930Z", "log.level": "INFO", "message":"loaded module [repository-s3]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.930Z", "log.level": "INFO", "message":"loaded module [repository-url]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.930Z", "log.level": "INFO", "message":"loaded module [runtime-fields-common]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.930Z", "log.level": "INFO", "message":"loaded module [search-business-rules]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.930Z", "log.level": "INFO", "message":"loaded module [searchable-snapshots]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.930Z", "log.level": "INFO", "message":"loaded module [snapshot-based-recoveries]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.931Z", "log.level": "INFO", "message":"loaded module [snapshot-repo-test-kit]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.931Z", "log.level": "INFO", "message":"loaded module [spatial]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.931Z", "log.level": "INFO", "message":"loaded module [transform]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.931Z", "log.level": "INFO", "message":"loaded module [transport-netty4]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.931Z", "log.level": "INFO", "message":"loaded module [unsigned-long]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.931Z", "log.level": "INFO", "message":"loaded module [vector-tile]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.933Z", "log.level": "INFO", "message":"loaded module [vectors]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.933Z", "log.level": "INFO", "message":"loaded module [wildcard]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.933Z", "log.level": "INFO", "message":"loaded module [x-pack-aggregate-metric]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.933Z", "log.level": "INFO", "message":"loaded module [x-pack-analytics]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.933Z", "log.level": "INFO", "message":"loaded module [x-pack-async]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.933Z", "log.level": "INFO", "message":"loaded module [x-pack-async-search]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.933Z", "log.level": "INFO", "message":"loaded module [x-pack-autoscaling]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.933Z", "log.level": "INFO", "message":"loaded module [x-pack-ccr]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.933Z", "log.level": "INFO", "message":"loaded module [x-pack-core]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.934Z", "log.level": "INFO", "message":"loaded module [x-pack-deprecation]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.934Z", "log.level": "INFO", "message":"loaded module [x-pack-enrich]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.934Z", "log.level": "INFO", "message":"loaded module [x-pack-eql]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.934Z", "log.level": "INFO", "message":"loaded module [x-pack-fleet]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.934Z", "log.level": "INFO", "message":"loaded module [x-pack-graph]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.934Z", "log.level": "INFO", "message":"loaded module [x-pack-identity-provider]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.934Z", "log.level": "INFO", "message":"loaded module [x-pack-ilm]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.934Z", "log.level": "INFO", "message":"loaded module [x-pack-logstash]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.934Z", "log.level": "INFO", "message":"loaded module [x-pack-ml]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.934Z", "log.level": "INFO", "message":"loaded module [x-pack-monitoring]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.934Z", "log.level": "INFO", "message":"loaded module [x-pack-ql]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.934Z", "log.level": "INFO", "message":"loaded module [x-pack-rollup]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.935Z", "log.level": "INFO", "message":"loaded module [x-pack-security]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.935Z", "log.level": "INFO", "message":"loaded module [x-pack-shutdown]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.935Z", "log.level": "INFO", "message":"loaded module [x-pack-sql]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.935Z", "log.level": "INFO", "message":"loaded module [x-pack-stack]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.935Z", "log.level": "INFO", "message":"loaded module [x-pack-text-structure]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.935Z", "log.level": "INFO", "message":"loaded module [x-pack-voting-only-node]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.935Z", "log.level": "INFO", "message":"loaded module [x-pack-watcher]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.936Z", "log.level": "INFO", "message":"no plugins loaded", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.974Z", "log.level": "INFO", "message":"using [1] data paths, mounts [[/usr/share/elasticsearch/data (/dev/root)]], net usable_space [75.9gb], net total_space [123.8gb], types [ext4]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.env.NodeEnvironment","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:17.975Z", "log.level": "INFO", "message":"heap size [512mb], compressed ordinary object pointers [true]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.env.NodeEnvironment","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:18.120Z", "log.level": "INFO", "message":"node name [dbebd8caf886], node ID [u6zanYj_TFWIyZlbZIsf9w], cluster name [docker-cluster], roles [data_cold, ingest, data_frozen, ml, data_hot, transform, data_content, data_warm, master, remote_cluster_client, data]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.node.Node","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
kibana_1         | [2022-05-24T10:28:21.157+00:00][INFO ][plugins-service] Plugin "cloudSecurityPosture" is disabled.
kibana_1         | [2022-05-24T10:28:21.176+00:00][INFO ][plugins-service] Plugin "metricsEntities" is disabled.
kibana_1         | [2022-05-24T10:28:21.256+00:00][INFO ][http.server.Preboot] http server running at http://0.0.0.0:5601
kibana_1         | [2022-05-24T10:28:21.297+00:00][INFO ][plugins-system.preboot] Setting up [1] plugins: [interactiveSetup]
kibana_1         | [2022-05-24T10:28:21.329+00:00][WARN ][config.deprecation] The default mechanism for Reporting privileges will work differently in future versions, which will affect the behavior of this cluster. Set "xpack.reporting.roles.enabled" to "false" to adopt the future behavior before upgrading.
kibana_1         | [2022-05-24T10:28:21.520+00:00][INFO ][plugins-system.standard] Setting up [117] plugins: [translations,monitoringCollection,licensing,globalSearch,globalSearchProviders,features,mapsEms,licenseApiGuard,usageCollection,taskManager,telemetryCollectionManager,telemetryCollectionXpack,kibanaUsageCollection,share,embeddable,uiActionsEnhanced,screenshotMode,screenshotting,banners,newsfeed,fieldFormats,expressions,eventAnnotation,dataViews,charts,esUiShared,bfetch,data,savedObjects,presentationUtil,expressionShape,expressionRevealImage,expressionRepeatImage,expressionMetric,expressionImage,customIntegrations,home,searchprofiler,painlessLab,grokdebugger,management,watcher,advancedSettings,spaces,security,savedObjectsTagging,reporting,lists,fileUpload,ingestPipelines,encryptedSavedObjects,dataEnhanced,cloud,snapshotRestore,telemetry,licenseManagement,eventLog,actions,alerting,triggersActionsUi,transform,stackAlerts,ruleRegistry,savedObjectsManagement,console,controls,graph,fleet,indexManagement,remoteClusters,crossClusterReplication,indexLifecycleManagement,visualizations,canvas,visTypeXy,visTypeVislib,visTypeVega,visTypeTimeseries,rollup,visTypeTimelion,visTypeTagcloud,visTypeTable,visTypeMetric,visTypeHeatmap,visTypeMarkdown,dashboard,dashboardEnhanced,expressionXY,expressionTagcloud,expressionPartitionVis,visTypePie,expressionMetricVis,expressionHeatmap,expressionGauge,visTypeGauge,dataViewFieldEditor,sharedUX,discover,lens,osquery,maps,dataVisualizer,ml,cases,timelines,sessionView,securitySolution,observability,uptime,infra,upgradeAssistant,monitoring,logstash,enterpriseSearch,apm,discoverEnhanced,dataViewManagement]
kibana_1         | [2022-05-24T10:28:21.535+00:00][INFO ][plugins.taskManager] TaskManager is identified by the Kibana UUID: d2307f8f-77f6-4ee0-b235-f2330133c055
kibana_1         | [2022-05-24T10:28:21.658+00:00][WARN ][plugins.security.config] Generating a random key for xpack.security.encryptionKey. To prevent sessions from being invalidated on restart, please set xpack.security.encryptionKey in the kibana.yml or use the bin/kibana-encryption-keys command.
kibana_1         | [2022-05-24T10:28:21.659+00:00][WARN ][plugins.security.config] Session cookies will be transmitted over insecure connections. This is not recommended.
kibana_1         | [2022-05-24T10:28:21.678+00:00][WARN ][plugins.security.config] Generating a random key for xpack.security.encryptionKey. To prevent sessions from being invalidated on restart, please set xpack.security.encryptionKey in the kibana.yml or use the bin/kibana-encryption-keys command.
kibana_1         | [2022-05-24T10:28:21.679+00:00][WARN ][plugins.security.config] Session cookies will be transmitted over insecure connections. This is not recommended.
kibana_1         | [2022-05-24T10:28:21.696+00:00][WARN ][plugins.reporting.config] Generating a random key for xpack.reporting.encryptionKey. To prevent sessions from being invalidated on restart, please set xpack.reporting.encryptionKey in the kibana.yml or use the bin/kibana-encryption-keys command.
kibana_1         | [2022-05-24T10:28:21.697+00:00][WARN ][plugins.reporting.config] Found 'server.host: "0.0.0.0"' in Kibana configuration. Reporting is not able to use this as the Kibana server hostname. To enable PNG/PDF Reporting to work, 'xpack.reporting.kibanaServer.hostname: localhost' is automatically set in the configuration. You can prevent this message by adding 'xpack.reporting.kibanaServer.hostname: localhost' in kibana.yml.
kibana_1         | [2022-05-24T10:28:21.707+00:00][WARN ][plugins.encryptedSavedObjects] Saved objects encryption key is not set. This will severely limit Kibana functionality. Please set xpack.encryptedSavedObjects.encryptionKey in the kibana.yml or use the bin/kibana-encryption-keys command.
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:21.714Z", "log.level": "INFO", "message":"[controller/672] [Main.cc@123] controller (64 bit): Version 8.2.0 (Build a8c0a88ede0ff2) Copyright (c) 2022 Elasticsearch BV", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"ml-cpp-log-tail-thread","log.logger":"org.elasticsearch.xpack.ml.process.logging.CppLogMessageHandler","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
kibana_1         | [2022-05-24T10:28:21.729+00:00][WARN ][plugins.actions] APIs are disabled because the Encrypted Saved Objects plugin is missing encryption key. Please set xpack.encryptedSavedObjects.encryptionKey in the kibana.yml or use the bin/kibana-encryption-keys command.
kibana_1         | [2022-05-24T10:28:21.746+00:00][WARN ][plugins.alerting] APIs are disabled because the Encrypted Saved Objects plugin is missing encryption key. Please set xpack.encryptedSavedObjects.encryptionKey in the kibana.yml or use the bin/kibana-encryption-keys command.
kibana_1         | [2022-05-24T10:28:21.760+00:00][INFO ][plugins.ruleRegistry] Installing common resources shared between all indices
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:21.878Z", "log.level": "INFO", "message":"Security is enabled", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.xpack.security.Security","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:22.155Z", "log.level": "INFO", "message":"license mode is [trial], currently licensed security realms are [reserved/reserved,file/default_file,native/default_native]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.xpack.security.authc.Realms","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
logstash_1       | Sending Logstash logs to /usr/share/logstash/logs which is now configured via log4j2.properties
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:22.164Z", "log.level": "INFO", "message":"parsed [0] roles from file [/usr/share/elasticsearch/config/roles.yml]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.xpack.security.authz.store.FileRolesStore","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
logstash_1       | [2022-05-24T10:28:22,202][INFO ][logstash.runner          ] Log4j configuration path used is: /usr/share/logstash/config/log4j2.properties
logstash_1       | [2022-05-24T10:28:22,210][INFO ][logstash.runner          ] Starting Logstash {"logstash.version"=>"8.2.0", "jruby.version"=>"jruby 9.2.20.1 (2.5.8) 2021-11-30 2a2962fbd1 OpenJDK 64-Bit Server VM 11.0.14.1+1 on 11.0.14.1+1 +indy +jit [linux-x86_64]"}
logstash_1       | [2022-05-24T10:28:22,211][INFO ][logstash.runner          ] JVM bootstrap flags: [-Xms1g, -Xmx1g, -XX:+UseConcMarkSweepGC, -XX:CMSInitiatingOccupancyFraction=75, -XX:+UseCMSInitiatingOccupancyOnly, -Djava.awt.headless=true, -Dfile.encoding=UTF-8, -Djruby.compile.invokedynamic=true, -Djruby.jit.threshold=0, -XX:+HeapDumpOnOutOfMemoryError, -Djava.security.egd=file:/dev/urandom, -Dlog4j2.isThreadContextMapInheritable=true, -Dls.cgroup.cpuacct.path.override=/, -Dls.cgroup.cpu.path.override=/, -Xms256m, -Xmx256m, -Djruby.regexp.interruptible=true, --add-opens=java.base/java.security=ALL-UNNAMED, --add-opens=java.base/java.io=ALL-UNNAMED, --add-opens=java.base/java.nio.channels=ALL-UNNAMED, --add-opens=java.base/sun.nio.ch=ALL-UNNAMED, --add-opens=java.management/sun.management=ALL-UNNAMED]
logstash_1       | [2022-05-24T10:28:22,232][INFO ][logstash.settings        ] Creating directory {:setting=>"path.queue", :path=>"/usr/share/logstash/data/queue"}
logstash_1       | [2022-05-24T10:28:22,240][INFO ][logstash.settings        ] Creating directory {:setting=>"path.dead_letter_queue", :path=>"/usr/share/logstash/data/dead_letter_queue"}
kibana_1         | [2022-05-24T10:28:22.327+00:00][INFO ][plugins.screenshotting.config] Chromium sandbox provides an additional layer of protection, and is supported for Linux Ubuntu 20.04 OS. Automatically enabling Chromium sandbox.
kibana_1         | [2022-05-24T10:28:22.374+00:00][ERROR][elasticsearch-service] Unable to retrieve version information from Elasticsearch nodes. connect ECONNREFUSED 172.22.0.3:9200
logstash_1       | [2022-05-24T10:28:22,589][INFO ][logstash.agent           ] No persistent UUID file found. Generating new UUID {:uuid=>"920ae012-6e8d-4e0e-ab9e-cc40892bbfe5", :path=>"/usr/share/logstash/data/uuid"}
logstash_1       | TimerTask timeouts are now ignored as these were not able to be implemented correctly
logstash_1       | TimerTask timeouts are now ignored as these were not able to be implemented correctly
logstash_1       | TimerTask timeouts are now ignored as these were not able to be implemented correctly
logstash_1       | TimerTask timeouts are now ignored as these were not able to be implemented correctly
kibana_1         | [2022-05-24T10:28:22.810+00:00][INFO ][plugins.screenshotting.chromium] Browser executable: /usr/share/kibana/x-pack/plugins/screenshotting/chromium/headless_shell-linux_x64/headless_shell
logstash_1       | [2022-05-24T10:28:23,430][INFO ][logstash.agent           ] Successfully started Logstash API endpoint {:port=>9600, :ssl_enabled=>false}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:23.479Z", "log.level": "INFO", "message":"creating NettyAllocator with the following configs: [name=unpooled, suggested_max_allocation_size=1mb, factors={es.unsafe.use_unpooled_allocator=null, g1gc_enabled=true, g1gc_region_size=4mb, heap_size=512mb}]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.transport.netty4.NettyAllocator","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:23.508Z", "log.level": "INFO", "message":"using rate limit [40mb] with [default=40mb, read=0b, write=0b, max=0b]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.indices.recovery.RecoverySettings","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:23.540Z", "log.level": "INFO", "message":"using discovery type [single-node] and seed hosts providers [settings]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.discovery.DiscoveryModule","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
logstash_1       | [2022-05-24T10:28:23,868][INFO ][org.reflections.Reflections] Reflections took 52 ms to scan 1 urls, producing 120 keys and 419 values
logstash_1       | [2022-05-24T10:28:24,305][INFO ][logstash.javapipeline    ] Pipeline `main` is configured with `pipeline.ecs_compatibility: v8` setting. All plugins in this pipeline will default to `ecs_compatibility => v8` unless explicitly configured otherwise.
logstash_1       | [2022-05-24T10:28:24,341][INFO ][logstash.outputs.elasticsearch][main] New Elasticsearch output {:class=>"LogStash::Outputs::ElasticSearch", :hosts=>["//elasticsearch:9200"]}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:24.556Z", "log.level": "INFO", "message":"initialized", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.node.Node","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:24.557Z", "log.level": "INFO", "message":"starting ...", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.node.Node","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
logstash_1       | [2022-05-24T10:28:24,557][INFO ][logstash.outputs.elasticsearch][main] Elasticsearch pool URLs updated {:changes=>{:removed=>[], :added=>[http://logstash_internal:xxxxxx@elasticsearch:9200/]}}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:24.601Z", "log.level": "INFO", "message":"persistent cache index loaded", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.xpack.searchablesnapshots.cache.full.PersistentCache","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:24.602Z", "log.level": "INFO", "message":"deprecation component started", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.xpack.deprecation.logging.DeprecationIndexingComponent","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
logstash_1       | [2022-05-24T10:28:24,681][INFO ][logstash.outputs.elasticsearch][main] Failed to perform request {:message=>"Connect to elasticsearch:9200 [elasticsearch/172.22.0.3] failed: Connection refused (Connection refused)", :exception=>Manticore::SocketException, :cause=>org.apache.http.conn.HttpHostConnectException: Connect to elasticsearch:9200 [elasticsearch/172.22.0.3] failed: Connection refused (Connection refused)}
logstash_1       | [2022-05-24T10:28:24,684][WARN ][logstash.outputs.elasticsearch][main] Attempted to resurrect connection to dead ES instance, but got an error {:url=>"http://logstash_internal:xxxxxx@elasticsearch:9200/", :exception=>LogStash::Outputs::ElasticSearch::HttpClient::Pool::HostUnreachableError, :message=>"Elasticsearch Unreachable: [http://elasticsearch:9200/][Manticore::SocketException] Connect to elasticsearch:9200 [elasticsearch/172.22.0.3] failed: Connection refused (Connection refused)"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:24.701Z", "log.level": "INFO", "message":"publish_address {172.22.0.3:9300}, bound_addresses {0.0.0.0:9300}", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.transport.TransportService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
logstash_1       | [2022-05-24T10:28:24,708][INFO ][logstash.outputs.elasticsearch][main] Config is compliant with data streams. `data_stream => auto` resolved to `true`
logstash_1       | [2022-05-24T10:28:24,710][WARN ][logstash.outputs.elasticsearch][main] Elasticsearch Output configured with `ecs_compatibility => v8`, which resolved to an UNRELEASED preview of version 8.0.0 of the Elastic Common Schema. Once ECS v8 and an updated release of this plugin are publicly available, you will need to update this plugin to resolve this warning.
logstash_1       | [2022-05-24T10:28:24,749][INFO ][logstash.javapipeline    ][main] Starting pipeline {:pipeline_id=>"main", "pipeline.workers"=>32, "pipeline.batch.size"=>125, "pipeline.batch.delay"=>50, "pipeline.max_inflight"=>4000, "pipeline.sources"=>["/usr/share/logstash/pipeline/logstash.conf"], :thread=>"#<Thread:0x483dfa02 run>"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:24.955Z", "log.level": "WARN", "message":"max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.bootstrap.BootstrapChecks","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:24.955Z", "log.level": "WARN", "message":"Transport SSL must be enabled if security is enabled. Please set [xpack.security.transport.ssl.enabled] to [true] or disable security by setting [xpack.security.enabled] to [false]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.bootstrap.BootstrapChecks","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:24.963Z", "log.level": "INFO", "message":"setting initial configuration to VotingConfiguration{u6zanYj_TFWIyZlbZIsf9w}", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.cluster.coordination.Coordinator","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:25.090Z", "log.level": "INFO", "message":"elected-as-master ([1] nodes joined)[_FINISH_ELECTION_, {dbebd8caf886}{u6zanYj_TFWIyZlbZIsf9w}{yzfk1tz9TAOJJbQEO1TJZQ}{172.22.0.3}{172.22.0.3:9300}{cdfhilmrstw} completing election], term: 1, version: 1, delta: master node changed {previous [], current [{dbebd8caf886}{u6zanYj_TFWIyZlbZIsf9w}{yzfk1tz9TAOJJbQEO1TJZQ}{172.22.0.3}{172.22.0.3:9300}{cdfhilmrstw}]}", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.service.MasterService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:25.128Z", "log.level": "INFO", "message":"cluster UUID set to [LKX4_QZAQaGS789ib-go1A]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][cluster_coordination][T#1]","log.logger":"org.elasticsearch.cluster.coordination.CoordinationState","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:25.167Z", "log.level": "INFO", "message":"master node changed {previous [], current [{dbebd8caf886}{u6zanYj_TFWIyZlbZIsf9w}{yzfk1tz9TAOJJbQEO1TJZQ}{172.22.0.3}{172.22.0.3:9300}{cdfhilmrstw}]}, term: 1, version: 1, reason: Publication{term=1, version=1}", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][clusterApplierService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.service.ClusterApplierService","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:25.200Z", "log.level": "INFO", "message":"publish_address {172.22.0.3:9200}, bound_addresses {0.0.0.0:9200}", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.http.AbstractHttpServerTransport","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:25.200Z", "log.level": "INFO", "message":"started", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.node.Node","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:25.246Z", "log.level": "INFO", "message":"recovered [0] indices into cluster_state", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.gateway.GatewayService","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
logstash_1       | [2022-05-24T10:28:25,288][INFO ][logstash.javapipeline    ][main] Pipeline Java execution initialization time {"seconds"=>0.54}
logstash_1       | [2022-05-24T10:28:25,305][INFO ][logstash.inputs.beats    ][main] Starting input listener {:address=>"0.0.0.0:5044"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:25.401Z", "log.level": "INFO", "message":"adding index template [.monitoring-kibana-mb] for index patterns [.monitoring-kibana-8-*]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataIndexTemplateService","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
logstash_1       | [2022-05-24T10:28:25,466][INFO ][logstash.javapipeline    ][main] Pipeline started {"pipeline.id"=>"main"}
logstash_1       | [2022-05-24T10:28:25,470][INFO ][logstash.inputs.tcp      ][main][c15c0e9d24530a53e2530254c037deff8c49a2140c6b89c577cbcde717c01af0] Starting tcp input listener {:address=>"0.0.0.0:5000", :ssl_enable=>false}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:25.477Z", "log.level": "INFO", "message":"adding index template [.monitoring-es-mb] for index patterns [.monitoring-es-8-*]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataIndexTemplateService","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
logstash_1       | [2022-05-24T10:28:25,497][INFO ][org.logstash.beats.Server][main][27dfbb7f38dfc5bffbd7ce11deb78daf39a131fcbb4eceab2c6a1d7100069751] Starting server on port: 5044
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:25.535Z", "log.level": "INFO", "message":"adding index template [.monitoring-beats-mb] for index patterns [.monitoring-beats-8-*]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataIndexTemplateService","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
logstash_1       | [2022-05-24T10:28:25,538][INFO ][logstash.agent           ] Pipelines running {:count=>1, :running_pipelines=>[:main], :non_running_pipelines=>[]}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:25.584Z", "log.level": "INFO", "message":"adding index template [.monitoring-ent-search-mb] for index patterns [.monitoring-ent-search-8-*]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataIndexTemplateService","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:25.635Z", "log.level": "INFO", "message":"adding index template [.ml-notifications-000002] for index patterns [.ml-notifications-000002]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataIndexTemplateService","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:25.682Z", "log.level": "INFO", "message":"adding index template [.monitoring-logstash-mb] for index patterns [.monitoring-logstash-8-*]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataIndexTemplateService","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:25.724Z", "log.level": "INFO", "message":"adding index template [.ml-stats] for index patterns [.ml-stats-*]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataIndexTemplateService","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:25.774Z", "log.level": "INFO", "message":"adding index template [.ml-anomalies-] for index patterns [.ml-anomalies-*]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataIndexTemplateService","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:25.814Z", "log.level": "INFO", "message":"adding index template [.ml-state] for index patterns [.ml-state*]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataIndexTemplateService","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:25.856Z", "log.level": "INFO", "message":"adding template [.monitoring-beats] for index patterns [.monitoring-beats-7-*]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataIndexTemplateService","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:25.896Z", "log.level": "INFO", "message":"adding template [.monitoring-alerts-7] for index patterns [.monitoring-alerts-7]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataIndexTemplateService","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:25.938Z", "log.level": "INFO", "message":"adding template [.monitoring-logstash] for index patterns [.monitoring-logstash-7-*]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataIndexTemplateService","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:25.974Z", "log.level": "INFO", "message":"adding template [.monitoring-kibana] for index patterns [.monitoring-kibana-7-*]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataIndexTemplateService","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:26.013Z", "log.level": "INFO", "message":"adding template [.monitoring-es] for index patterns [.monitoring-es-7-*]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataIndexTemplateService","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:26.071Z", "log.level": "INFO", "message":"adding component template [metrics-mappings]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataIndexTemplateService","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:26.109Z", "log.level": "INFO", "message":"adding component template [logs-settings]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataIndexTemplateService","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:26.149Z", "log.level": "INFO", "message":"adding component template [logs-mappings]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataIndexTemplateService","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:26.190Z", "log.level": "INFO", "message":"adding component template [data-streams-mappings]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataIndexTemplateService","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:26.223Z", "log.level": "INFO", "message":"adding component template [metrics-settings]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataIndexTemplateService","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:26.257Z", "log.level": "INFO", "message":"adding component template [synthetics-settings]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataIndexTemplateService","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:26.294Z", "log.level": "INFO", "message":"adding component template [synthetics-mappings]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataIndexTemplateService","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:26.353Z", "log.level": "INFO", "message":"adding index template [.watch-history-16] for index patterns [.watcher-history-16*]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataIndexTemplateService","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:26.392Z", "log.level": "INFO", "message":"adding index template [ilm-history] for index patterns [ilm-history-5*]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataIndexTemplateService","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:26.429Z", "log.level": "INFO", "message":"adding component template [.deprecation-indexing-mappings]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataIndexTemplateService","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:26.467Z", "log.level": "INFO", "message":"adding index template [.slm-history] for index patterns [.slm-history-5*]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataIndexTemplateService","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:26.502Z", "log.level": "INFO", "message":"adding component template [.deprecation-indexing-settings]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataIndexTemplateService","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:26.540Z", "log.level": "INFO", "message":"adding index template [logs] for index patterns [logs-*-*]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataIndexTemplateService","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:26.577Z", "log.level": "INFO", "message":"adding index template [metrics] for index patterns [metrics-*-*]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataIndexTemplateService","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:26.616Z", "log.level": "INFO", "message":"adding index template [synthetics] for index patterns [synthetics-*-*]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataIndexTemplateService","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:26.651Z", "log.level": "INFO", "message":"adding index template [.deprecation-indexing-template] for index patterns [.logs-deprecation.*]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataIndexTemplateService","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:26.684Z", "log.level": "INFO", "message":"adding index lifecycle policy [logs]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.xpack.ilm.action.TransportPutLifecycleAction","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:26.728Z", "log.level": "INFO", "message":"adding index lifecycle policy [metrics]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.xpack.ilm.action.TransportPutLifecycleAction","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:26.760Z", "log.level": "INFO", "message":"adding index lifecycle policy [ml-size-based-ilm-policy]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.xpack.ilm.action.TransportPutLifecycleAction","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:26.795Z", "log.level": "INFO", "message":"adding index lifecycle policy [.monitoring-8-ilm-policy]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.xpack.ilm.action.TransportPutLifecycleAction","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:26.834Z", "log.level": "INFO", "message":"adding index lifecycle policy [synthetics]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.xpack.ilm.action.TransportPutLifecycleAction","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:26.867Z", "log.level": "INFO", "message":"adding index lifecycle policy [30-days-default]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.xpack.ilm.action.TransportPutLifecycleAction","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:26.907Z", "log.level": "INFO", "message":"adding index lifecycle policy [90-days-default]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.xpack.ilm.action.TransportPutLifecycleAction","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:26.941Z", "log.level": "INFO", "message":"adding index lifecycle policy [7-days-default]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.xpack.ilm.action.TransportPutLifecycleAction","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:26.970Z", "log.level": "INFO", "message":"adding index lifecycle policy [365-days-default]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.xpack.ilm.action.TransportPutLifecycleAction","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:27.000Z", "log.level": "INFO", "message":"adding index lifecycle policy [180-days-default]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.xpack.ilm.action.TransportPutLifecycleAction","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:27.035Z", "log.level": "INFO", "message":"adding index lifecycle policy [watch-history-ilm-policy-16]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.xpack.ilm.action.TransportPutLifecycleAction","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:27.082Z", "log.level": "INFO", "message":"adding index lifecycle policy [ilm-history-ilm-policy]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.xpack.ilm.action.TransportPutLifecycleAction","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:27.114Z", "log.level": "INFO", "message":"adding index lifecycle policy [slm-history-ilm-policy]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.xpack.ilm.action.TransportPutLifecycleAction","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:27.148Z", "log.level": "INFO", "message":"adding index lifecycle policy [.fleet-actions-results-ilm-policy]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.xpack.ilm.action.TransportPutLifecycleAction","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:27.181Z", "log.level": "INFO", "message":"adding index lifecycle policy [.deprecation-indexing-ilm-policy]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.xpack.ilm.action.TransportPutLifecycleAction","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:27.332Z", "log.level": "INFO", "message":"license [396053c2-491f-4d29-b6af-e3546b27e80d] mode [trial] - valid", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][clusterApplierService#updateTask][T#1]","log.logger":"org.elasticsearch.license.LicenseService","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:27.332Z", "log.level": "INFO", "message":"license mode is [trial], currently licensed security realms are [reserved/reserved,file/default_file,native/default_native]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][clusterApplierService#updateTask][T#1]","log.logger":"org.elasticsearch.xpack.security.authc.Realms","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:27.425Z", "log.level": "INFO", "message":"Authentication of [kibana_system] was terminated by realm [reserved] - failed to authenticate user [kibana_system]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][transport_worker][T#3]","log.logger":"org.elasticsearch.xpack.security.authc.RealmsAuthenticator","trace.id":"4dd5bc13497619f6db77f70d87853a49","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
kibana_1         | [2022-05-24T10:28:27.439+00:00][ERROR][elasticsearch-service] Unable to retrieve version information from Elasticsearch nodes. security_exception: [security_exception] Reason: unable to authenticate user [kibana_system] for REST request [/_nodes?filter_path=nodes.*.version%2Cnodes.*.http.publish_address%2Cnodes.*.ip]
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:28.336Z", "log.level": "INFO", "message":"[.geoip_databases] creating index, cause [auto(bulk api)], templates [], shards [1]/[0]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataCreateIndexService","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:28.549Z", "log.level": "INFO",  "current.health":"GREEN","message":"Cluster health status changed from [YELLOW] to [GREEN] (reason: [shards started [[.geoip_databases][0]]]).","previous.health":"YELLOW","reason":"shards started [[.geoip_databases][0]]" , "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.routing.allocation.AllocationService","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:29.010Z", "log.level": "INFO", "message":"retrieve geoip database [GeoLite2-ASN.mmdb] from [.geoip_databases] to [/tmp/elasticsearch-6346039971980896846/geoip-databases/u6zanYj_TFWIyZlbZIsf9w/GeoLite2-ASN.mmdb.tmp.gz]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][clusterApplierService#updateTask][T#1]","log.logger":"org.elasticsearch.ingest.geoip.DatabaseNodeService","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:29.012Z", "log.level": "INFO", "message":"successfully downloaded geoip database [GeoLite2-ASN.mmdb]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][generic][T#14]","log.logger":"org.elasticsearch.ingest.geoip.GeoIpDownloader","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:29.152Z", "log.level": "INFO", "message":"successfully loaded geoip database file [GeoLite2-ASN.mmdb]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][generic][T#1]","log.logger":"org.elasticsearch.ingest.geoip.DatabaseNodeService","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
setup_1          |    ⠿ Elasticsearch is running
setup_1          | [+] Role 'logstash_writer'
setup_1          |    ⠿ Creating/updating
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:29.365Z", "log.level": "INFO", "message":"security index does not exist, creating [.security-7] with alias [.security]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][transport_worker][T#5]","log.logger":"org.elasticsearch.xpack.security.support.SecurityIndexManager","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:29.408Z", "log.level": "INFO", "message":"[.security-7] creating index, cause [api], templates [], shards [1]/[0]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataCreateIndexService","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:29.564Z", "log.level": "INFO",  "current.health":"GREEN","message":"Cluster health status changed from [YELLOW] to [GREEN] (reason: [shards started [[.security-7][0]]]).","previous.health":"YELLOW","reason":"shards started [[.security-7][0]]" , "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.routing.allocation.AllocationService","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:29.635Z", "log.level": "INFO", "message":"added role [logstash_writer]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][generic][T#7]","log.logger":"org.elasticsearch.xpack.security.action.role.TransportPutRoleAction","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
setup_1          | [+] User 'kibana_system'
setup_1          |    ⠿ User exists, setting password
logstash_1       | [2022-05-24T10:28:29,765][WARN ][logstash.outputs.elasticsearch][main] Attempted to resurrect connection to dead ES instance, but got an error {:url=>"http://logstash_internal:xxxxxx@elasticsearch:9200/", :exception=>LogStash::Outputs::ElasticSearch::HttpClient::Pool::BadResponseCodeError, :message=>"Got response code '401' contacting Elasticsearch at URL 'http://elasticsearch:9200/'"}
setup_1          | [+] User 'logstash_internal'
setup_1          |    ⠿ User does not exist, creating
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:29.903Z", "log.level": "INFO", "message":"added user [logstash_internal]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][generic][T#17]","log.logger":"org.elasticsearch.xpack.security.action.user.TransportPutUserAction","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
kibana_1         | [2022-05-24T10:28:30.349+00:00][INFO ][savedobjects-service] Waiting until all Elasticsearch nodes are compatible with Kibana before starting saved objects migrations...
kibana_1         | [2022-05-24T10:28:30.349+00:00][INFO ][savedobjects-service] Starting saved objects migrations
kibana_1         | [2022-05-24T10:28:30.382+00:00][INFO ][savedobjects-service] [.kibana] INIT -> CREATE_NEW_TARGET. took: 17ms.
kibana_1         | [2022-05-24T10:28:30.385+00:00][INFO ][savedobjects-service] [.kibana_task_manager] INIT -> CREATE_NEW_TARGET. took: 17ms.
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:30.396Z", "log.level": "INFO", "message":"[.kibana_task_manager_8.2.0_001] creating index, cause [api], templates [], shards [1]/[1]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataCreateIndexService","trace.id":"773a5a9967065ee0c243c0c6d5c251dc","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:30.398Z", "log.level": "INFO", "message":"updating number_of_replicas to [0] for indices [.kibana_task_manager_8.2.0_001]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.routing.allocation.AllocationService","trace.id":"773a5a9967065ee0c243c0c6d5c251dc","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
docker-elk_setup_1 exited with code 0
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:30.539Z", "log.level": "INFO", "message":"[.kibana_8.2.0_001] creating index, cause [api], templates [], shards [1]/[1]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataCreateIndexService","trace.id":"773a5a9967065ee0c243c0c6d5c251dc","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:30.540Z", "log.level": "INFO", "message":"updating number_of_replicas to [0] for indices [.kibana_8.2.0_001]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.routing.allocation.AllocationService","trace.id":"773a5a9967065ee0c243c0c6d5c251dc","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
kibana_1         | [2022-05-24T10:28:30.694+00:00][INFO ][savedobjects-service] [.kibana_task_manager] CREATE_NEW_TARGET -> MARK_VERSION_INDEX_READY. took: 309ms.
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:30.777Z", "log.level": "INFO",  "current.health":"GREEN","message":"Cluster health status changed from [YELLOW] to [GREEN] (reason: [shards started [[.kibana_8.2.0_001][0]]]).","previous.health":"YELLOW","reason":"shards started [[.kibana_8.2.0_001][0]]" , "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.routing.allocation.AllocationService","trace.id":"773a5a9967065ee0c243c0c6d5c251dc","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
kibana_1         | [2022-05-24T10:28:30.778+00:00][INFO ][savedobjects-service] [.kibana_task_manager] MARK_VERSION_INDEX_READY -> DONE. took: 84ms.
kibana_1         | [2022-05-24T10:28:30.778+00:00][INFO ][savedobjects-service] [.kibana_task_manager] Migration completed after 410ms
kibana_1         | [2022-05-24T10:28:30.827+00:00][INFO ][savedobjects-service] [.kibana] CREATE_NEW_TARGET -> MARK_VERSION_INDEX_READY. took: 445ms.
kibana_1         | [2022-05-24T10:28:30.869+00:00][INFO ][savedobjects-service] [.kibana] MARK_VERSION_INDEX_READY -> DONE. took: 42ms.
kibana_1         | [2022-05-24T10:28:30.869+00:00][INFO ][savedobjects-service] [.kibana] Migration completed after 504ms
kibana_1         | [2022-05-24T10:28:30.875+00:00][INFO ][plugins-system.preboot] Stopping all plugins.
kibana_1         | [2022-05-24T10:28:30.875+00:00][INFO ][plugins-system.standard] Starting [117] plugins: [translations,monitoringCollection,licensing,globalSearch,globalSearchProviders,features,mapsEms,licenseApiGuard,usageCollection,taskManager,telemetryCollectionManager,telemetryCollectionXpack,kibanaUsageCollection,share,embeddable,uiActionsEnhanced,screenshotMode,screenshotting,banners,newsfeed,fieldFormats,expressions,eventAnnotation,dataViews,charts,esUiShared,bfetch,data,savedObjects,presentationUtil,expressionShape,expressionRevealImage,expressionRepeatImage,expressionMetric,expressionImage,customIntegrations,home,searchprofiler,painlessLab,grokdebugger,management,watcher,advancedSettings,spaces,security,savedObjectsTagging,reporting,lists,fileUpload,ingestPipelines,encryptedSavedObjects,dataEnhanced,cloud,snapshotRestore,telemetry,licenseManagement,eventLog,actions,alerting,triggersActionsUi,transform,stackAlerts,ruleRegistry,savedObjectsManagement,console,controls,graph,fleet,indexManagement,remoteClusters,crossClusterReplication,indexLifecycleManagement,visualizations,canvas,visTypeXy,visTypeVislib,visTypeVega,visTypeTimeseries,rollup,visTypeTimelion,visTypeTagcloud,visTypeTable,visTypeMetric,visTypeHeatmap,visTypeMarkdown,dashboard,dashboardEnhanced,expressionXY,expressionTagcloud,expressionPartitionVis,visTypePie,expressionMetricVis,expressionHeatmap,expressionGauge,visTypeGauge,dataViewFieldEditor,sharedUX,discover,lens,osquery,maps,dataVisualizer,ml,cases,timelines,sessionView,securitySolution,observability,uptime,infra,upgradeAssistant,monitoring,logstash,enterpriseSearch,apm,discoverEnhanced,dataViewManagement]
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:31.248Z", "log.level": "INFO", "message":"retrieve geoip database [GeoLite2-City.mmdb] from [.geoip_databases] to [/tmp/elasticsearch-6346039971980896846/geoip-databases/u6zanYj_TFWIyZlbZIsf9w/GeoLite2-City.mmdb.tmp.gz]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][clusterApplierService#updateTask][T#1]","log.logger":"org.elasticsearch.ingest.geoip.DatabaseNodeService","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:31.251Z", "log.level": "INFO", "message":"successfully downloaded geoip database [GeoLite2-City.mmdb]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][generic][T#14]","log.logger":"org.elasticsearch.ingest.geoip.GeoIpDownloader","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:31.688Z", "log.level": "INFO", "message":"retrieve geoip database [GeoLite2-Country.mmdb] from [.geoip_databases] to [/tmp/elasticsearch-6346039971980896846/geoip-databases/u6zanYj_TFWIyZlbZIsf9w/GeoLite2-Country.mmdb.tmp.gz]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][clusterApplierService#updateTask][T#1]","log.logger":"org.elasticsearch.ingest.geoip.DatabaseNodeService","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:31.691Z", "log.level": "INFO", "message":"successfully downloaded geoip database [GeoLite2-Country.mmdb]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][generic][T#14]","log.logger":"org.elasticsearch.ingest.geoip.GeoIpDownloader","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:31.752Z", "log.level": "INFO", "message":"successfully loaded geoip database file [GeoLite2-Country.mmdb]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][generic][T#12]","log.logger":"org.elasticsearch.ingest.geoip.DatabaseNodeService","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:31.965Z", "log.level": "INFO", "message":"successfully loaded geoip database file [GeoLite2-City.mmdb]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][generic][T#6]","log.logger":"org.elasticsearch.ingest.geoip.DatabaseNodeService","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
kibana_1         | [2022-05-24T10:28:31.971+00:00][INFO ][plugins.monitoring.monitoring] config sourced from: production cluster
kibana_1         | [2022-05-24T10:28:33.083+00:00][INFO ][http.server.Kibana] http server running at http://0.0.0.0:5601
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:33.116Z", "log.level": "INFO", "message":"[.apm-agent-configuration] creating index, cause [api], templates [], shards [1]/[1]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataCreateIndexService","trace.id":"773a5a9967065ee0c243c0c6d5c251dc","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:33.117Z", "log.level": "INFO", "message":"updating number_of_replicas to [0] for indices [.apm-agent-configuration]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.routing.allocation.AllocationService","trace.id":"773a5a9967065ee0c243c0c6d5c251dc","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:33.173Z", "log.level": "INFO", "message":"[.apm-custom-link] creating index, cause [api], templates [], shards [1]/[1]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataCreateIndexService","trace.id":"773a5a9967065ee0c243c0c6d5c251dc","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:33.174Z", "log.level": "INFO", "message":"updating number_of_replicas to [0] for indices [.apm-custom-link]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.routing.allocation.AllocationService","trace.id":"773a5a9967065ee0c243c0c6d5c251dc","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
kibana_1         | [2022-05-24T10:28:33.184+00:00][INFO ][plugins.monitoring.monitoring.kibana-monitoring] Starting monitoring stats collection
kibana_1         | [2022-05-24T10:28:33.185+00:00][INFO ][plugins.fleet] Beginning fleet setup
kibana_1         | [2022-05-24T10:28:33.239+00:00][INFO ][status] Kibana is now degraded
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:33.268Z", "log.level": "INFO", "message":"adding component template [.alerts-technical-mappings]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataIndexTemplateService","trace.id":"4dd5bc13497619f6db77f70d87853a49","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:33.346Z", "log.level": "INFO", "message":"adding component template [.alerts-ecs-mappings]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataIndexTemplateService","trace.id":"4dd5bc13497619f6db77f70d87853a49","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:33.390Z", "log.level": "INFO",  "current.health":"GREEN","message":"Cluster health status changed from [YELLOW] to [GREEN] (reason: [shards started [[.apm-agent-configuration][0], [.apm-custom-link][0]]]).","previous.health":"YELLOW","reason":"shards started [[.apm-agent-configuration][0], [.apm-custom-link][0]]" , "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.routing.allocation.AllocationService","trace.id":"773a5a9967065ee0c243c0c6d5c251dc","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:33.435Z", "log.level": "INFO", "message":"adding index template [.kibana_security_session_index_template_1] for index patterns [.kibana_security_session_1]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataIndexTemplateService","trace.id":"4dd5bc13497619f6db77f70d87853a49","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:33.501Z", "log.level": "INFO", "message":"[.kibana_task_manager_8.2.0_001/tmKJxyUOR56U9cXuh4kGyw] update_mapping [_doc]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataMappingService","trace.id":"773a5a9967065ee0c243c0c6d5c251dc","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:33.575Z", "log.level": "INFO", "message":"[.kibana_security_session_1] creating index, cause [api], templates [.kibana_security_session_index_template_1], shards [1]/[0]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataCreateIndexService","trace.id":"4dd5bc13497619f6db77f70d87853a49","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
kibana_1         | [2022-05-24T10:28:33.627+00:00][INFO ][plugins.ml] Task ML:saved-objects-sync-task: scheduled with interval 1h
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:33.703Z", "log.level": "INFO", "message":"[.kibana_8.2.0_001/DGabOg9zR4-ePlVomPh3_g] update_mapping [_doc]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataMappingService","trace.id":"773a5a9967065ee0c243c0c6d5c251dc","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:33.709Z", "log.level": "INFO", "message":"[.kibana_8.2.0_001/DGabOg9zR4-ePlVomPh3_g] update_mapping [_doc]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataMappingService","trace.id":"773a5a9967065ee0c243c0c6d5c251dc","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:33.791Z", "log.level": "INFO",  "current.health":"GREEN","message":"Cluster health status changed from [YELLOW] to [GREEN] (reason: [shards started [[.kibana_security_session_1][0]]]).","previous.health":"YELLOW","reason":"shards started [[.kibana_security_session_1][0]]" , "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.routing.allocation.AllocationService","trace.id":"4dd5bc13497619f6db77f70d87853a49","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:33.850Z", "log.level": "INFO", "message":"[.kibana_8.2.0_001/DGabOg9zR4-ePlVomPh3_g] update_mapping [_doc]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataMappingService","trace.id":"773a5a9967065ee0c243c0c6d5c251dc","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:33.933Z", "log.level": "INFO", "message":"adding index lifecycle policy [.alerts-ilm-policy]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.xpack.ilm.action.TransportPutLifecycleAction","trace.id":"4dd5bc13497619f6db77f70d87853a49","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:33.995Z", "log.level": "INFO", "message":"adding index lifecycle policy [kibana-event-log-policy]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.xpack.ilm.action.TransportPutLifecycleAction","trace.id":"773a5a9967065ee0c243c0c6d5c251dc","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
kibana_1         | [2022-05-24T10:28:33.996+00:00][INFO ][plugins.ruleRegistry] Installed common resources shared between all indices
kibana_1         | [2022-05-24T10:28:33.997+00:00][INFO ][plugins.ruleRegistry] Installing resources for index .alerts-security.alerts
kibana_1         | [2022-05-24T10:28:33.997+00:00][INFO ][plugins.ruleRegistry] Installing resources for index .preview.alerts-security.alerts
kibana_1         | [2022-05-24T10:28:33.997+00:00][INFO ][plugins.ruleRegistry] Installing resources for index .alerts-observability.uptime.alerts
kibana_1         | [2022-05-24T10:28:33.997+00:00][INFO ][plugins.ruleRegistry] Installing resources for index .alerts-observability.logs.alerts
kibana_1         | [2022-05-24T10:28:33.998+00:00][INFO ][plugins.ruleRegistry] Installing resources for index .alerts-observability.metrics.alerts
kibana_1         | [2022-05-24T10:28:33.998+00:00][INFO ][plugins.ruleRegistry] Installing resources for index .alerts-observability.apm.alerts
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:34.047Z", "log.level": "INFO", "message":"adding component template [.alerts-observability.apm.alerts-mappings]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataIndexTemplateService","trace.id":"4dd5bc13497619f6db77f70d87853a49","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
kibana_1         | [2022-05-24T10:28:34.094+00:00][INFO ][plugins.ruleRegistry] Installed resources for index .alerts-observability.apm.alerts
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:34.096Z", "log.level": "INFO", "message":"adding component template [.alerts-observability.uptime.alerts-mappings]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataIndexTemplateService","trace.id":"4dd5bc13497619f6db77f70d87853a49","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
kibana_1         | [2022-05-24T10:28:34.135+00:00][INFO ][plugins.ruleRegistry] Installed resources for index .alerts-observability.uptime.alerts
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:34.138Z", "log.level": "INFO", "message":"adding component template [.alerts-observability.logs.alerts-mappings]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataIndexTemplateService","trace.id":"4dd5bc13497619f6db77f70d87853a49","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
kibana_1         | [2022-05-24T10:28:34.176+00:00][INFO ][plugins.ruleRegistry] Installed resources for index .alerts-observability.logs.alerts
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:34.177Z", "log.level": "INFO", "message":"adding component template [.alerts-observability.metrics.alerts-mappings]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataIndexTemplateService","trace.id":"4dd5bc13497619f6db77f70d87853a49","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
kibana_1         | [2022-05-24T10:28:34.215+00:00][INFO ][plugins.ruleRegistry] Installed resources for index .alerts-observability.metrics.alerts
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:34.219Z", "log.level": "INFO", "message":"adding component template [.alerts-security.alerts-mappings]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataIndexTemplateService","trace.id":"4dd5bc13497619f6db77f70d87853a49","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
kibana_1         | [2022-05-24T10:28:34.255+00:00][INFO ][plugins.ruleRegistry] Installed resources for index .alerts-security.alerts
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:34.260Z", "log.level": "INFO", "message":"adding index template [.kibana-event-log-8.2.0-template] for index patterns [.kibana-event-log-8.2.0-*]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataIndexTemplateService","trace.id":"773a5a9967065ee0c243c0c6d5c251dc","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:34.301Z", "log.level": "INFO", "message":"adding index lifecycle policy [.preview.alerts-security.alerts-policy]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.xpack.ilm.action.TransportPutLifecycleAction","trace.id":"4dd5bc13497619f6db77f70d87853a49","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:34.345Z", "log.level": "INFO", "message":"[.kibana-event-log-8.2.0-000001] creating index, cause [api], templates [.kibana-event-log-8.2.0-template], shards [1]/[1]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataCreateIndexService","trace.id":"773a5a9967065ee0c243c0c6d5c251dc","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:34.346Z", "log.level": "INFO", "message":"updating number_of_replicas to [0] for indices [.kibana-event-log-8.2.0-000001]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.routing.allocation.AllocationService","trace.id":"773a5a9967065ee0c243c0c6d5c251dc","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:34.403Z", "log.level": "INFO", "message":"adding component template [.preview.alerts-security.alerts-mappings]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataIndexTemplateService","trace.id":"4dd5bc13497619f6db77f70d87853a49","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
kibana_1         | [2022-05-24T10:28:34.451+00:00][INFO ][plugins.ruleRegistry] Installed resources for index .preview.alerts-security.alerts
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:34.457Z", "log.level": "INFO", "message":"moving index [.kibana-event-log-8.2.0-000001] from [null] to [{\"phase\":\"new\",\"action\":\"complete\",\"name\":\"complete\"}] in policy [kibana-event-log-policy]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.xpack.ilm.IndexLifecycleTransition","trace.id":"773a5a9967065ee0c243c0c6d5c251dc","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:34.498Z", "log.level": "INFO",  "current.health":"GREEN","message":"Cluster health status changed from [YELLOW] to [GREEN] (reason: [shards started [[.kibana-event-log-8.2.0-000001][0]]]).","previous.health":"YELLOW","reason":"shards started [[.kibana-event-log-8.2.0-000001][0]]" , "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.routing.allocation.AllocationService","trace.id":"773a5a9967065ee0c243c0c6d5c251dc","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:34.529Z", "log.level": "INFO", "message":"moving index [.kibana-event-log-8.2.0-000001] from [{\"phase\":\"new\",\"action\":\"complete\",\"name\":\"complete\"}] to [{\"phase\":\"hot\",\"action\":\"unfollow\",\"name\":\"branch-check-unfollow-prerequisites\"}] in policy [kibana-event-log-policy]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.xpack.ilm.IndexLifecycleTransition","trace.id":"773a5a9967065ee0c243c0c6d5c251dc","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:34.577Z", "log.level": "INFO", "message":"moving index [.kibana-event-log-8.2.0-000001] from [{\"phase\":\"hot\",\"action\":\"unfollow\",\"name\":\"branch-check-unfollow-prerequisites\"}] to [{\"phase\":\"hot\",\"action\":\"rollover\",\"name\":\"check-rollover-ready\"}] in policy [kibana-event-log-policy]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.xpack.ilm.IndexLifecycleTransition","trace.id":"773a5a9967065ee0c243c0c6d5c251dc","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:34.662Z", "log.level": "INFO", "message":"[.kibana_8.2.0_001/DGabOg9zR4-ePlVomPh3_g] update_mapping [_doc]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataMappingService","trace.id":"773a5a9967065ee0c243c0c6d5c251dc","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
logstash_1       | [2022-05-24T10:28:34,855][WARN ][logstash.outputs.elasticsearch][main] Restored connection to ES instance {:url=>"http://logstash_internal:xxxxxx@elasticsearch:9200/"}
logstash_1       | [2022-05-24T10:28:34,987][INFO ][logstash.outputs.elasticsearch][main] Elasticsearch version determined (8.2.0) {:es_version=>8}
logstash_1       | [2022-05-24T10:28:34,990][WARN ][logstash.outputs.elasticsearch][main] Detected a 6.x and above cluster: the `type` event field won't be used to determine the document _type {:es_version=>8}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:35.643Z", "log.level": "INFO", "message":"adding component template [.fleet_globals-1]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataIndexTemplateService","trace.id":"773a5a9967065ee0c243c0c6d5c251dc","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:35.687Z", "log.level": "INFO", "message":"adding component template [.fleet_agent_id_verification-1]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataIndexTemplateService","trace.id":"773a5a9967065ee0c243c0c6d5c251dc","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
kibana_1         | [2022-05-24T10:28:35.914+00:00][INFO ][plugins.fleet] Fleet setup completed
kibana_1         | [2022-05-24T10:28:35.921+00:00][INFO ][plugins.securitySolution] Dependent plugin setup complete - Starting ManifestTask
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:37.876Z", "log.level": "INFO", "message":"[.ds-ilm-history-5-2022.05.24-000001] creating index, cause [initialize_data_stream], templates [ilm-history], shards [1]/[0]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataCreateIndexService","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:37.879Z", "log.level": "INFO", "message":"adding data stream [ilm-history-5] with write index [.ds-ilm-history-5-2022.05.24-000001], backing indices [], and aliases []", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataCreateDataStreamService","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:37.952Z", "log.level": "INFO", "message":"moving index [.ds-ilm-history-5-2022.05.24-000001] from [null] to [{\"phase\":\"new\",\"action\":\"complete\",\"name\":\"complete\"}] in policy [ilm-history-ilm-policy]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.xpack.ilm.IndexLifecycleTransition","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:38.010Z", "log.level": "INFO", "message":"moving index [.ds-ilm-history-5-2022.05.24-000001] from [{\"phase\":\"new\",\"action\":\"complete\",\"name\":\"complete\"}] to [{\"phase\":\"hot\",\"action\":\"unfollow\",\"name\":\"branch-check-unfollow-prerequisites\"}] in policy [ilm-history-ilm-policy]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.xpack.ilm.IndexLifecycleTransition","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:38.049Z", "log.level": "INFO",  "current.health":"GREEN","message":"Cluster health status changed from [YELLOW] to [GREEN] (reason: [shards started [[.ds-ilm-history-5-2022.05.24-000001][0]]]).","previous.health":"YELLOW","reason":"shards started [[.ds-ilm-history-5-2022.05.24-000001][0]]" , "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.routing.allocation.AllocationService","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:38.083Z", "log.level": "INFO", "message":"moving index [.ds-ilm-history-5-2022.05.24-000001] from [{\"phase\":\"hot\",\"action\":\"unfollow\",\"name\":\"branch-check-unfollow-prerequisites\"}] to [{\"phase\":\"hot\",\"action\":\"rollover\",\"name\":\"check-rollover-ready\"}] in policy [ilm-history-ilm-policy]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.xpack.ilm.IndexLifecycleTransition","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
logstash_1       | [2022-05-24T10:28:38,762][INFO ][logstash.outputs.elasticsearch][main] Using a default mapping template {:es_version=>8, :ecs_compatibility=>:v8}
logstash_1       | [2022-05-24T10:28:38,800][INFO ][logstash.outputs.elasticsearch][main] Installing Elasticsearch template {:name=>"ecs-logstash"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:38.852Z", "log.level": "INFO", "message":"adding index template [ecs-logstash] for index patterns [ecs-logstash-*]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataIndexTemplateService","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:39.332Z", "log.level": "WARN",  "data_stream.dataset":"deprecation.elasticsearch","data_stream.namespace":"default","data_stream.type":"logs","elasticsearch.elastic_product_origin":"kibana","elasticsearch.event.category":"api","elasticsearch.http.request.x_opaque_id":"unknownId;kibana:task%20manager:run%20security%3Atelemetry-prebuilt-rule-alerts:security%3Atelemetry-prebuilt-rule-alerts%3A1.0.0","event.code":"deprecated_field_exclude","message":"Deprecated field [exclude] used, expected [excludes] instead" , "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"deprecation.elasticsearch","process.thread.name":"elasticsearch[dbebd8caf886][transport_worker][T#3]","log.logger":"org.elasticsearch.deprecation.xcontent.ParseField","trace.id":"773a5a9967065ee0c243c0c6d5c251dc","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
kibana_1         | [2022-05-24T10:28:39.338+00:00][INFO ][plugins.securitySolution.endpoint:metadata-check-transforms-task:0.0.1] no endpoint installation found
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:39.339Z", "log.level": "INFO", "message":"[.kibana_8.2.0_001/DGabOg9zR4-ePlVomPh3_g] update_mapping [_doc]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataMappingService","trace.id":"773a5a9967065ee0c243c0c6d5c251dc","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:39.388Z", "log.level": "INFO", "message":"[.kibana_8.2.0_001/DGabOg9zR4-ePlVomPh3_g] update_mapping [_doc]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.metadata.MetadataMappingService","trace.id":"773a5a9967065ee0c243c0c6d5c251dc","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}
kibana_1         | [2022-05-24T10:28:39.643+00:00][INFO ][plugins.ml] Task ML:saved-objects-sync-task: 1 ML saved object synced
kibana_1         | [2022-05-24T10:28:40.827+00:00][INFO ][status] Kibana is now available (was degraded)
kibana_1         | [2022-05-24T10:28:40.841+00:00][INFO ][plugins.reporting.store] Creating ILM policy for managing reporting indices: kibana-reporting
elasticsearch_1  | {"@timestamp":"2022-05-24T10:28:40.843Z", "log.level": "INFO", "message":"adding index lifecycle policy [kibana-reporting]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[dbebd8caf886][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.xpack.ilm.action.TransportPutLifecycleAction","trace.id":"773a5a9967065ee0c243c0c6d5c251dc","elasticsearch.cluster.uuid":"LKX4_QZAQaGS789ib-go1A","elasticsearch.node.id":"u6zanYj_TFWIyZlbZIsf9w","elasticsearch.node.name":"dbebd8caf886","elasticsearch.cluster.name":"docker-cluster"}

$ sudo docker-compose ps

           Name                         Command               State                                                                     Ports
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
docker-elk_elasticsearch_1   /bin/tini -- /usr/local/bi ...   Up       0.0.0.0:9200->9200/tcp,:::9200->9200/tcp, 0.0.0.0:9300->9300/tcp,:::9300->9300/tcp
docker-elk_kibana_1          /bin/tini -- /usr/local/bi ...   Up       0.0.0.0:5601->5601/tcp,:::5601->5601/tcp
docker-elk_logstash_1        /usr/local/bin/docker-entr ...   Up       0.0.0.0:5000->5000/tcp,:::5000->5000/tcp, 0.0.0.0:5000->5000/udp,:::5000->5000/udp, 0.0.0.0:5044->5044/tcp,:::5044->5044/tcp,
                                                                       0.0.0.0:9600->9600/tcp,:::9600->9600/tcp
docker-elk_setup_1           /entrypoint.sh                   Exit 0
azureuser@frigg-devtest:~/docker-elk$

[antoineco]

That's because your host's firewall is blocking incoming connections (see sudo iptables -L). If you're running in a cloud provider, the firewall needs to be configured outside of the host instead of via iptables (e.g. via security groups in AWS).

By default, docker-elk already exposes ports 9200 and 5601 on the host's network interface, you don't have to change any configuration.

[edkry]

Alright, thanks! I was trying to enable ports through firewall-cmd. Okay, will do that.

[edkry]

That's because your host's firewall is blocking incoming connections (see sudo iptables -L). If you're running in a cloud provider, the firewall needs to be configured outside of the host instead of via iptables (e.g. via security groups in AWS).

By default, docker-elk already exposes ports 9200 and 5601 on the host's network interface, you don't have to change any configuration.

That solved the issue.

[antoineco]

Great news! Glad it helped 👍

Be careful while exposing the stack on the public internet. If possible, run the stack from the tls branch - which has communications between Kibana and Elasticsearch secured over TLS by default - and enable TLS for Kibana's web UI too (see Encrypt traffic between your browser and Kibana).