Spectacularly Annoying: Warning: 299 Elasticsearch-7.15.0-79d65f6e357953a5b3cbcc5e2c7c21073d89aa29

[NetwarSystem]

Having recently run apt upgrade on an Ubuntu 20.04 box I see that I've now got Elasticsearch 7.15.0 and it comes with a spectacular misfeature - an endless cascade of Warning: 299 regarding network security settings when accessing Kibana.

"Warning: 299 Elasticsearch-7.15.0-79d65f6e357953a5b3cbcc5e2c7c21073d89aa29"

The URL, which can not simply be selected and accessed from the warning, is this:

https://www.elastic.co/guide/en/elasticsearch/reference/7.15/security-minimal-setup.html

I get that Elasticsearch is just trying to head off trouble for people who might install an unprotected system on an internet accessible machine. My system is very well protected by an outer layer access control and I have zero interest in having to jump through hoops like this. It's the middle of the night, and now I have to do this meaningless stuff, then reach out to a dozen users and explain to them that they're going to have to enter a username and password after they get through Cloudflare Access.

This really needs a configuration option like this:

xpack.security.stfu: immediately

[DaveCTurner]

It's unclear what warning you are talking about: every deprecation warning emitted by Elasticsearch v7.15.0 starts with Warning: 299 Elasticsearch-7.15.0-79d65f6e357953a5b3cbcc5e2c7c21073d89aa29. I'm going to guess you mean the message with content Elasticsearch built-in security features are not enabled. Without authentication, your cluster could be accessible to anyone. See https://www.elastic.co/guide/en/elasticsearch/reference/7.15/security-minimal-setup.html to enable security. If so you can suppress this warning by configuring security as per the linked docs, or by explicitly indicating to Elasticsearch that you do not want to use the built-in security features by setting xpack.security.enabled: false.

[elasticmachine]

Pinging @elastic/es-security (Team:Security)

[DaveCTurner]

IMO there's some kind of a docs bug here, this new warning is pretty chatty but doesn't get a mention in the release notes and I don't see anything obvious which suggests that setting xpack.security.enabled: false will help users that prefer to implement their own security protections around Elasticsearch rather than using the built-in features.

[elasticmachine]

Pinging @elastic/es-docs (Team:Docs)

[turnUpTheChill]

I hit this as well, with a fresh local install via brew, and it does make doing anything quite annoying as the messages flood the screen and clicking each one individually is the only way to get rid of them

[lockewritesdocs]

The same message also appears at the top of every response in Console. There's no way to dismiss this message unless you explicitly enable security. It's a very good thing to enable security, but not having the ability to dismiss the toast notifications or suppress the warning in responses is not ideal and creates a frustrating UX.

cc: @thomheymann and @bytebilly

[lockewritesdocs]

This message was added to Elasticsearch in 7.13 through the changes in #70114. Oddly, the notification issues don't seem to occur in Kibana until 7.15.

[bytebilly]

Thanks for raising this issue. The warning is intentional, the annoying UX clearly is not, and may be due to a mix of changes.

You can disable all security warnings by setting xpack.security.enabled: false in the Elasticsearch configuration file, if this is really what you want to do and deployment is properly protected at some other layer.

We are discussing possible ways to improve the experience, even if the problem will not be there in 8.x where security will be enabled by default for all tiers.

[renzedj]

You can disable all security warnings by setting xpack.security.enabled: false in the Elasticsearch configuration file, if this is really what you want to do and deployment is properly protected at some other layer.

I've got xpack.security.enabled: false set, and I'm still getting a similar warning in Kibana in 7.15.0:

...this is when I'm trying to view the filebeat-* index pattern in Kibana.

[bytebilly]

Hi @drenze-athene, thanks for reporting that. What you see is not a security-related warning, so it's not disabled by that setting.

Where in Kibana are you getting this message? Is this flooding the UI, or is it just a single instance? Thanks.

[renzedj]

This is flooding the UI, every time I attempt to view something in Discover or Dashboard. If there's a way to suppress this for now, I'd be obliged...

[bytebilly]

I'm not sure why accessing filebeat-* imply access to .tasks. They seem two unrelated events. Is that happening with other patterns too?

[renzedj]

Yes.

Douglas J. Renze INFRASTRUCTURE ENGINEER III

From: Fabio Busatto @.> Date: Tuesday, November 16, 2021 at 4:15 AM To: elastic/elasticsearch @.> Cc: Douglas Renze @.>, Mention @.> Subject: Re: [elastic/elasticsearch] Spectacularly Annoying: Warning: 299 Elasticsearch-7.15.0-79d65f6e357953a5b3cbcc5e2c7c21073d89aa29 (#78500)

ATTENTION: External Email - Be Suspicious of Attachments, Links and Requests for Login Information.

I'm not sure why accessing filebeat-* imply access to .tasks. They seem two unrelated events. Is that happening with other patterns too?

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHubhttps://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Felastic%2Felasticsearch%2Fissues%2F78500%23issuecomment-970121650&data=04%7C01%7Cdrenze%40athene.com%7Cf61c10d93fe441d819aa08d9a8ea0758%7C70559d03915449e19e59be933c7f8440%7C0%7C0%7C637726545381023837%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=nZ6tWkSOCbs7GY7fQWDyOQEjUHTU3%2F2eqet026b4bfk%3D&reserved=0, or unsubscribehttps://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FATNKTFGS6GYDSCV7FSNHDKDUMIVMNANCNFSM5FBUD65A&data=04%7C01%7Cdrenze%40athene.com%7Cf61c10d93fe441d819aa08d9a8ea0758%7C70559d03915449e19e59be933c7f8440%7C0%7C0%7C637726545381033790%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=mGbT1kxMMPybWyRZs9UPDyRJ1NSHmEPj%2Fgja93LmrQ0%3D&reserved=0. Triage notifications on the go with GitHub Mobile for iOShttps://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fapps.apple.com%2Fapp%2Fapple-store%2Fid1477376905%3Fct%3Dnotification-email%26mt%3D8%26pt%3D524675&data=04%7C01%7Cdrenze%40athene.com%7Cf61c10d93fe441d819aa08d9a8ea0758%7C70559d03915449e19e59be933c7f8440%7C0%7C0%7C637726545381043749%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=u%2ByJJ6hLSfLgQBahcCTFLw3%2FQqaHhZm3AFTSm3RJc1E%3D&reserved=0 or Androidhttps://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fplay.google.com%2Fstore%2Fapps%2Fdetails%3Fid%3Dcom.github.android%26referrer%3Dutm_campaign%253Dnotification-email%2526utm_medium%253Demail%2526utm_source%253Dgithub&data=04%7C01%7Cdrenze%40athene.com%7Cf61c10d93fe441d819aa08d9a8ea0758%7C70559d03915449e19e59be933c7f8440%7C0%7C0%7C637726545381043749%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=HLHfyOkEMTd5sISc69gUnXklGiusHtfJp78HZQLU7ig%3D&reserved=0.

Electronic communication sent through the internet is not secure and its delivery is not guaranteed. This e-mail communication and any attachments may contain confidential and privileged information for the use of the designated recipients named above. If you are not the intended recipient, you are hereby notified that you have received this communication in error and that any review, disclosure, dissemination, distribution or copying of it or its contents is prohibited. If you have received this communication in error, please notify me immediately by replying to this message and deleting it from your computer. All annuity products and services are offered through Athene Annuity & Life Assurance Company and Athene Annuity and Life Company, in all states except New York, and in New York through Athene Annuity & Life Assurance Company of New York and Athene Life Insurance Company of New York. All investment advisory services are rendered solely through Apollo Insurance Solutions Group LLC. None of the information contained herein should be construed as an offer or sale of any security, product, or service of Apollo Insurance Solutions Group LLC. Past performance is not indicative of future success.

[NetwarSystem]

I jumped through the hoops in order to stop this and I see it was a more general problem, looks like it's been properly addressed. Am I supposed to close this?