search

elkninja / elastic-stack-docker-part-one

Getting up and running with Elastic Stack on Docker-Compose
Apache License 2.0
152 stars 94 forks source link

security_exception #12

Closed mua closed 10 months ago

mua commented 10 months ago

Docker version 20.10.22, build 3a2c30b

Logs:

2023-08-24 11:37:56 elastic-stack-es01-1          | {"@timestamp":"2023-08-24T08:37:56.837Z", "log.level": "INFO", "message":"Authentication of [kibana_system] was terminated by realm [reserved] - failed to authenticate user [kibana_system]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[es01][transport_worker][T#31]","log.logger":"org.elasticsearch.xpack.security.authc.RealmsAuthenticator","trace.id":"20a7f7b926a8447a1f1fe8ff3a7585f7","elasticsearch.cluster.uuid":"pkl8MVp-SbyQ6JyphtwfHw","elasticsearch.node.id":"VQv0yDl2TsuA7fpoxy-VhA","elasticsearch.node.name":"es01","elasticsearch.cluster.name":"docker-cluster"}
2023-08-24 11:26:09 [2023-08-24T08:26:09.374+00:00][INFO ][node] Kibana process configured with roles: [background_tasks, ui]
2023-08-24 11:26:14 [2023-08-24T08:26:14.654+00:00][INFO ][plugins-service] Plugin "cloudChat" is disabled.
2023-08-24 11:26:14 [2023-08-24T08:26:14.655+00:00][INFO ][plugins-service] Plugin "cloudExperiments" is disabled.
2023-08-24 11:26:14 [2023-08-24T08:26:14.656+00:00][INFO ][plugins-service] Plugin "cloudFullStory" is disabled.
2023-08-24 11:26:14 [2023-08-24T08:26:14.656+00:00][INFO ][plugins-service] Plugin "cloudGainsight" is disabled.
2023-08-24 11:26:14 [2023-08-24T08:26:14.659+00:00][INFO ][plugins-service] Plugin "profiling" is disabled.
2023-08-24 11:26:14 [2023-08-24T08:26:14.706+00:00][INFO ][http.server.Preboot] http server running at http://0.0.0.0:5601
2023-08-24 11:26:14 [2023-08-24T08:26:14.727+00:00][INFO ][plugins-system.preboot] Setting up [1] plugins: [interactiveSetup]
2023-08-24 11:26:14 [2023-08-24T08:26:14.749+00:00][WARN ][config.deprecation] The default mechanism for Reporting privileges will work differently in future versions, which will affect the behavior of this cluster. Set "xpack.reporting.roles.enabled" to "false" to adopt the future behavior before upgrading.
2023-08-24 11:26:14 [2023-08-24T08:26:14.900+00:00][INFO ][plugins-system.standard] Setting up [132] plugins: [translations,monitoringCollection,licensing,globalSearch,globalSearchProviders,features,mapsEms,licenseApiGuard,customBranding,usageCollection,taskManager,cloud,guidedOnboarding,telemetryCollectionManager,telemetryCollectionXpack,kibanaUsageCollection,share,screenshotMode,banners,newsfeed,ftrApis,fieldFormats,expressions,screenshotting,dataViews,charts,esUiShared,customIntegrations,home,searchprofiler,painlessLab,grokdebugger,management,cloudDataMigration,advancedSettings,spaces,security,snapshotRestore,lists,encryptedSavedObjects,telemetry,licenseManagement,files,eventLog,actions,notifications,console,contentManagement,bfetch,data,watcher,fileUpload,ingestPipelines,ecsDataQualityDashboard,alerting,unifiedSearch,unifiedFieldList,savedSearch,savedObjects,graph,savedObjectsTagging,savedObjectsManagement,eventAnnotation,embeddable,reporting,uiActionsEnhanced,presentationUtil,expressionShape,expressionRevealImage,expressionRepeatImage,expressionMetric,expressionImage,controls,dataViewFieldEditor,triggersActionsUi,transform,stackConnectors,stackAlerts,ruleRegistry,visualizations,canvas,visTypeXy,visTypeVislib,visTypeVega,visTypeTimeseries,visTypeTimelion,visTypeTagcloud,visTypeTable,visTypeMetric,visTypeHeatmap,visTypeMarkdown,dashboard,dashboardEnhanced,expressionXY,expressionTagcloud,expressionPartitionVis,visTypePie,expressionMetricVis,expressionLegacyMetricVis,expressionHeatmap,expressionGauge,lens,maps,cases,timelines,sessionView,kubernetesSecurity,threatIntelligence,aiops,discover,observability,fleet,osquery,indexManagement,rollup,remoteClusters,crossClusterReplication,indexLifecycleManagement,cloudSecurityPosture,discoverEnhanced,dataVisualizer,ml,synthetics,securitySolution,infra,upgradeAssistant,monitoring,logstash,enterpriseSearch,apm,visTypeGauge,dataViewManagement]
2023-08-24 11:26:14 [2023-08-24T08:26:14.907+00:00][INFO ][custom-branding-service] CustomBrandingService registering plugin: customBranding
2023-08-24 11:26:14 [2023-08-24T08:26:14.909+00:00][INFO ][plugins.taskManager] TaskManager is identified by the Kibana UUID: 0909b472-d3d1-4ef9-85fb-a52f892b1b90
2023-08-24 11:26:14 [2023-08-24T08:26:14.952+00:00][WARN ][plugins.security.config] Session cookies will be transmitted over insecure connections. This is not recommended.
2023-08-24 11:26:14 [2023-08-24T08:26:14.964+00:00][WARN ][plugins.security.config] Session cookies will be transmitted over insecure connections. This is not recommended.
2023-08-24 11:26:14 [2023-08-24T08:26:14.969+00:00][INFO ][plugins.encryptedSavedObjects] Hashed 'xpack.encryptedSavedObjects.encryptionKey' for this instance: AzsZyxRIrXJpTS7qUJTSBc46aXvQHsPRSGXRyf7Cs7s=
2023-08-24 11:26:14 [2023-08-24T08:26:14.979+00:00][INFO ][plugins.notifications] Email Service Error: Email connector not specified.
2023-08-24 11:26:15 [2023-08-24T08:26:15.044+00:00][WARN ][plugins.reporting.config] Found 'server.host: "0.0.0.0"' in Kibana configuration. Reporting is not able to use this as the Kibana server hostname. To enable PNG/PDF Reporting to work, 'xpack.reporting.kibanaServer.hostname: localhost' is automatically set in the configuration. You can prevent this message by adding 'xpack.reporting.kibanaServer.hostname: localhost' in kibana.yml.
2023-08-24 11:26:15 [2023-08-24T08:26:15.057+00:00][INFO ][plugins.ruleRegistry] Installing common resources shared between all indices
2023-08-24 11:26:15 [2023-08-24T08:26:15.200+00:00][INFO ][plugins.cloudSecurityPosture] Registered task successfully [Task: cloud_security_posture-stats_task]
2023-08-24 11:26:15 [2023-08-24T08:26:15.366+00:00][INFO ][plugins.screenshotting.config] Chromium sandbox provides an additional layer of protection, and is supported for Linux Ubuntu 20.04 OS. Automatically enabling Chromium sandbox.
2023-08-24 11:26:15 [2023-08-24T08:26:15.397+00:00][ERROR][elasticsearch-service] Unable to retrieve version information from Elasticsearch nodes. security_exception
2023-08-24 11:26:15     Root causes:
2023-08-24 11:26:15             security_exception: unable to authenticate user [kibana_system] for REST request [/_nodes?filter_path=nodes.*.version%2Cnodes.*.http.publish_address%2Cnodes.*.ip]
2023-08-24 11:26:15 [2023-08-24T08:26:15.702+00:00][INFO ][plugins.screenshotting.chromium] Browser executable: /usr/share/kibana/x-pack/plugins/screenshotting/chromium/headless_shell-linux_x64/headless_shell
mua commented 10 months ago

my bad, password was shoter than 6 characters