gaiksaya
commented
2 months ago Transferring this issue to core dashboards repo.
Closed atalakey4work closed 1 month ago
gaiksaya
commented
2 months ago Transferring this issue to core dashboards repo.
ashwin-pc
commented
2 months ago Looks like an authentication issue. Do you have any additinal details on why you werent able to save the search? Also @opensearch-project/admin can you transfer this to the dashboards security repo since this seems to be an auth related issue.
cwperks
commented
2 months ago @atalakey4work What version are you upgrading from? Was this working prior to upgrade? Are you searching on any index pattern in particular?
atalakey4work
commented
2 months ago @cwperks from version 2.16.0 to version 2.17.0.
Note that I’m using the helm chart.
cwperks
commented
2 months ago What is the index pattern that the search is pertaining to and what plugins are installed on the cluster?
atalakey4work
commented
1 month ago There are no plugins, other than the out of the box plugins if any, installed on the cluster.
The issue occurs with any index pattern.
cwperks
commented
1 month ago [Triage] @atalakey4work Can you provide a little more information about the setup? I am not able to reproduce the issue as described.
atalakey4work
commented
1 month ago @cwperks the issue started after upgrading OpenSearch and OpenSearch Dashboards to version 2.17.0. After the upgrade, I am no longer able to save new searches nor open searches previously saved. I had to downgrade OpenSearch Dashboards to version 2.16.0 to get the saved searches to work but I am still unable to save new searches. I was not able to downgrade OpenSearch as it would not allow me. I suspect it had something to do with the security plugin config so I took the latest copy from the below repo:
https://github.com/opensearch-project/security/tree/main/config
cwperks
commented
1 month ago What index patterns are the saved searches on? I have a suspicion that there's a saved search that includes searching on system indices (system indices always start with a dot .). I will try to replicate the 2.16 to 2.17 upgrade and see what steps would be needed for mitigation. In general, if you have a saved search on a broad index pattern (like *), then it should be narrowed to a more specific index pattern.
atalakey4work
commented
1 month ago @cwperks I was able to resolve the error by updating the below in my opensearch_dashboarfs.yml
Before: opensearch.requestHeadersAllowlist: ["Authorization", "securitytenant"]
After: opensearch.requestHeadersAllowlist: ["Authorization"]
Now save works but whenever I open a saved search the saerch filters are not populated:
Here is a copy of the kibanaSavedObjectMeta.searchSourceJSON
{
"query": {
"query": "",
"language": "kuery"
},
"highlightAll": true,
"version": true,
"aggs": {
"2": {
"date_histogram": {
"field": "@timestamp",
"fixed_interval": "30s",
"time_zone": "",
"min_doc_count": 1
}
}
},
"filter": [
{
"meta": {
"alias": null,
"negate": false,
"disabled": false,
"type": "phrase",
"key": "kubernetes.namespace_name",
"params": {
"query": "nginx-ingress"
},
"indexRefName": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index"
},
"query": {
"match_phrase": {
"kubernetes.namespace_name": "nginx-ingress"
}
},
"$state": {
"store": "appState"
}
}
],
"indexRefName": "kibanaSavedObjectMeta.searchSourceJSON.index"
}
Describe the bug
After upgrading to OpenSearch and OpenSearch Dashboards version 2.16.0, we get error when we try to save a Discover search.
To reproduce
Expected behavior
Discover search is saved with no errors
Screenshots
Host / Environment
OpenSearch and OpenSearch Dashboards version 2.16.0
Additional context
No response
Relevant log output