Configuration problem

[mareban]

Hello,

Some problems, can someone help me please ?

config in elasticsearch.yml :

armor.actionrequestfilter.names: ["admin"] armor.actionrequestfilter.admin.allowed_actions: ["*"]

This was done before and is ok :

curl -XPUT 'http://localhost:9200/armor/ac/ac' -d '{ "acl": [ { "Comment": "By default no filters are executed and no filters a by-passed. In such a case an exception is thrown and access will be denied.", "filters_bypass": [], "filters_execute": [] }, { "Comment": "For role admin all filters are bypassed (so none will be executed). This means unrestricted access.", "roles": [ "admin" ], "filters_bypass": ["*"], "filters_execute": [] } ] }'

How can i disable this error on startup please ?

[2016-12-05 16:30:43,169][ERROR][com.petalmd.armor.service.ArmorConfigService] [Rancor] Try to refresh security configuration but it failed due to NoShardAvailableActionException[No shard available for [get [armor][ac][ac]: routing [null]]] NoShardAvailableActionException[No shard available for [get [armor][ac][ac]: routing [null]]]

Cannot create daily index :

Caused by: ElasticsearchException[Security configuration cannot be loaded for unknown reasons] at com.petalmd.armor.service.ArmorConfigService.getSecurityConfiguration(ArmorConfigService.java:72) at com.petalmd.armor.filter.ArmorActionFilter.apply0(ArmorActionFilter.java:186) at com.petalmd.armor.filter.ArmorActionFilter.apply(ArmorActionFilter.java:90)

[2016-12-05 00:59:43,069][ERROR][com.petalmd.armor.filter.ArmorActionFilter] Error while apply() due to java.lang.NullPointerException for action indices:data/write/bulk java.lang.NullPointerException [2016-12-05 00:59:43,069][WARN ][rest.suppressed ] path: /_bulk, params: {}

cannot access armor index too ?

curl -u user:pass "http://localhost:9200/armor/ac/ac" {"error":{"root_cause":[{"type":"forbidden_exception","reason":"Only allowed from localhost (loopback)"}],"type":"forbidden_exception","reason":"Only allowed from localhost (loopback)"},"status":403}[root@lnxadm1 elasticsearch]

Thanks for your help.

[ersushantsood]

Hi , Can you please let me know if armor index is created successfully in Elasticsearch .

From the Error it seems , armor index is not created in Elasticsearch . Please create an armor index first in elasticsearch and then enable the plugin or you can enable the below config and then try creating the armor index.

if you install armor plugin and configure above 2 configs Then you will not get below error while creating armor index. armor.allow_non_loopback_query_on_armor_index: true

{"error":{"root_cause":[{"type":"forbidden_exception","reason":"Only allowed from localhost (loopback)"}],"type":"forbidden_exception","reason":"Only allowed from localhost (loopback)"},"status":403}[root@lnxadm1 elasticsearch]

[mareban]

Hello,

Thanks for your reply !

The index armor is successfully created, but it's not available on elasticsearch startup (armor java exceptions ) !

Authentification and autorisations seems OK (but no clean error messages, only java exceptions), daily index are not created in ES :

[2016-12-14 03:41:58,345][ERROR][com.petalmd.armor.filter.ArmorActionFilter] Error while apply() due to ElasticsearchException[Security configuration cannot be loaded for unknown reasons] for action indices:data/write/bulk ElasticsearchException[Security configuration cannot be loaded for unknown reasons] at com.petalmd.armor.service.ArmorConfigService.getSecurityConfiguration(ArmorConfigService.java:72) at com.petalmd.armor.filter.ArmorActionFilter.apply0(ArmorActionFilter.java:186) at com.petalmd.armor.filter.ArmorActionFilter.apply(ArmorActionFilter.java:90) at org.elasticsearch.action.support.TransportAction$RequestFilterChain.proceed(TransportAction.java:170)

Is it possible to have clean message ("user not allowed ...") instead of java exceptions in Kibana ?

Discover: [runtime_exception] com.petalmd.armor.tokeneval.MalformedConfigurationException: no bypass or execute filters at all

Is it possible to avoid armor error messages on startup cause index is still not available ?

What can we do to allow daily index creation in ES please ?

Thanks for your help.

[mareban]

It's ok now thank you very much !