Skip to content

Searchguard and Sentinl #137

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
djtecha opened this issue Jun 2, 2017 · 18 comments
Closed

Searchguard and Sentinl #137

djtecha opened this issue Jun 2, 2017 · 18 comments
Labels
AUTH enhancement

Comments

@djtecha
Copy link

djtecha commented Jun 2, 2017

Looks like I can't get the index to be created on startup. This could be an issue with using authentication IE. searchguard This is my kibana start up log. Is sentinl supposed to be using the credentials found in the kibana.yml? mainly the elasticsearch.username and elasticsearch.password values? because it looks like it's trying without any authentication steps.

{"type":"log","@timestamp":"2017-05-31T23:04:14Z","tags":["status","info","Sentinl"],"pid":3547,"message":"Sentinl Initializing"}
{"type":"log","@timestamp":"2017-05-31T23:04:14Z","tags":["status","info","Sentinl"],"pid":3547,"message":"Core Index check..."}
{"type":"log","@timestamp":"2017-05-31T23:04:14Z","tags":["status","info","Sentinl"],"pid":3547,"message":"Alarm Index check..."}
{"type":"log","@timestamp":"2017-05-31T23:04:14Z","tags":["license","info","xpack"],"pid":3547,"message":"Imported license information from Elasticsearch for [data] cluster: mode: basic | status: active | expiry date: 2017-06-14T16:59:59-07:00"}
{"type":"log","@timestamp":"2017-05-31T00:00:00Z","tags":["status","error","Sentinl"],"pid":3547,"message":"Failed to check if core index exists"}
{"type":"log","@timestamp":"2017-05-31T00:00:00Z","tags":["status","error","Sentinl"],"pid":3547,"message":"Failed to check if core index exists"}
{"type":"log","@timestamp":"2017-05-31T23:04:14Z","tags":["status","info","Sentinl"],"pid":3547,"message":"No indices found, Initializing"}
{"type":"log","@timestamp":"2017-05-31T23:04:14Z","tags":["status","plugin:xpack_main@5.4.0","info"],"pid":3547,"state":"green","message":"Status changed from yellow to green - Ready","prevState":"yellow","prevMsg":"Waiting for Elasticsearch"}
{"type":"log","@timestamp":"2017-05-31T23:04:14Z","tags":["status","plugin:searchprofiler@5.4.0","info"],"pid":3547,"state":"green","message":"Status changed from yellow to green - Ready","prevState":"yellow","prevMsg":"Waiting for Elasticsearch"}
{"type":"log","@timestamp":"2017-05-31T23:04:14Z","tags":["status","plugin:ml@5.4.0","info"],"pid":3547,"state":"green","message":"Status changed from yellow to green - Ready","prevState":"yellow","prevMsg":"Waiting for Elasticsearch"}
{"type":"log","@timestamp":"2017-05-31T23:04:14Z","tags":["status","plugin:tilemap@5.4.0","info"],"pid":3547,"state":"green","message":"Status changed from uninitialized to green - Ready","prevState":"uninitialized","prevMsg":"uninitialized"}
{"type":"log","@timestamp":"2017-05-31T23:04:14Z","tags":["status","plugin:watcher@5.4.0","info"],"pid":3547,"state":"green","message":"Status changed from uninitialized to green - Ready","prevState":"uninitialized","prevMsg":"uninitialized"}
{"type":"log","@timestamp":"2017-05-31T23:04:14Z","tags":["license","info","xpack"],"pid":3547,"message":"Imported license information from Elasticsearch for [monitoring] cluster: mode: basic | status: active | expiry date: 2017-06-14T16:59:59-07:00"}
{"type":"log","@timestamp":"2017-05-31T23:04:14Z","tags":["status","plugin:monitoring@5.4.0","info"],"pid":3547,"state":"yellow","message":"Status changed from green to yellow - Waiting for Monitoring Health Check","prevState":"green","prevMsg":"Ready"}
{"type":"log","@timestamp":"2017-05-31T23:04:14Z","tags":["status","plugin:console@5.4.0","info"],"pid":3547,"state":"green","message":"Status changed from uninitialized to green - Ready","prevState":"uninitialized","prevMsg":"uninitialized"}
{"type":"log","@timestamp":"2017-05-31T23:04:26Z","tags":["status","info","Sentinl"],"pid":3547,"message":"No indices found, Initializing"}
{"type":"log","@timestamp":"2017-05-31T23:04:26Z","tags":["status","plugin:monitoring@5.4.0","error"],"pid":3547,"state":"red","message":"Status changed from yellow to red - Request Timeout after 3000ms","prevState":"yellow","prevMsg":"Waiting for Monitoring Health Check"}
{"type":"log","@timestamp":"2017-05-31T23:04:26Z","tags":["status","plugin:metrics@5.4.0","info"],"pid":3547,"state":"green","message":"Status changed from uninitialized to green - Ready","prevState":"uninitialized","prevMsg":"uninitialized"}
{"type":"log","@timestamp":"2017-05-31T23:04:27Z","tags":["status","plugin:timelion@5.4.0","info"],"pid":3547,"state":"green","message":"Status changed from uninitialized to green - Ready","prevState":"uninitialized","prevMsg":"uninitialized"}
{"type":"log","@timestamp":"2017-05-31T23:04:27Z","tags":["listening","info"],"pid":3547,"message":"Server running at http://localhost:5601"}
{"type":"log","@timestamp":"2017-05-31T23:04:27Z","tags":["status","ui settings","info"],"pid":3547,"state":"green","message":"Status changed from uninitialized to green - Ready","prevState":"uninitialized","prevMsg":"uninitialized"}
{"type":"log","@timestamp":"2017-05-31T23:04:28Z","tags":["status","plugin:monitoring@5.4.0","info"],"pid":3547,"state":"green","message":"Status changed from red to green - Ready","prevState":"red","prevMsg":"Request Timeout after 3000ms"}
{"type":"log","@timestamp":"2017-05-31T23:04:55Z","tags":["status","info","Sentinl"],"pid":3547,"message":"No indices found, Initializing"}

And my elasticsearch log:

[2017-05-31T16:04:51,708][INFO ][c.f.s.c.PrivilegesEvaluator] No permissions for {}
@lmangani
Copy link
Collaborator

lmangani commented Jun 2, 2017

SENTINL uses the Kibana authentication (if any is set) from which it inherits the query client.
Could you set Kibana logs to DEBUG and run again please? We shall see the query output there.

@djtecha
Copy link
Author

djtecha commented Jun 2, 2017 

{"type":"log","@timestamp":"2017-06-02T21:01:06Z","tags":["plugins","debug"],"pid":27334,"dir":"/usr/share/kibana/plugins","message":"Scanning `/usr/share/kibana/plugins` for plugins"}
{"type":"log","@timestamp":"2017-06-02T21:01:06Z","tags":["plugins","debug"],"pid":27334,"dir":"/usr/share/kibana/src/core_plugins","message":"Scanning `/usr/share/kibana/src/core_plugins` for plugins"}
{"type":"log","@timestamp":"2017-06-02T21:01:09Z","tags":["plugins","debug"],"pid":27334,"path":"/usr/share/kibana/plugins/searchguard/index.js","message":"Found plugin at /usr/share/kibana/plugins/searchguard/index.js"}
{"type":"log","@timestamp":"2017-06-02T21:01:10Z","tags":["plugins","debug"],"pid":27334,"path":"/usr/share/kibana/plugins/sentinl/index.js","message":"Found plugin at /usr/share/kibana/plugins/sentinl/index.js"}
{"type":"log","@timestamp":"2017-06-02T21:01:22Z","tags":["plugins","debug"],"pid":27334,"path":"/usr/share/kibana/plugins/x-pack/index.js","message":"Found plugin at /usr/share/kibana/plugins/x-pack/index.js"}
{"type":"log","@timestamp":"2017-06-02T21:01:23Z","tags":["plugins","debug"],"pid":27334,"path":"/usr/share/kibana/src/core_plugins/console/index.js","message":"Found plugin at /usr/share/kibana/src/core_plugins/console/index.js"}
{"type":"log","@timestamp":"2017-06-02T21:01:23Z","tags":["plugins","debug"],"pid":27334,"path":"/usr/share/kibana/src/core_plugins/elasticsearch/index.js","message":"Found plugin at /usr/share/kibana/src/core_plugins/elasticsearch/index.js"}
{"type":"log","@timestamp":"2017-06-02T21:01:23Z","tags":["plugins","debug"],"pid":27334,"path":"/usr/share/kibana/src/core_plugins/kbn_doc_views/index.js","message":"Found plugin at /usr/share/kibana/src/core_plugins/kbn_doc_views/index.js"}
{"type":"log","@timestamp":"2017-06-02T21:01:23Z","tags":["plugins","debug"],"pid":27334,"path":"/usr/share/kibana/src/core_plugins/kbn_vislib_vis_types/index.js","message":"Found plugin at /usr/share/kibana/src/core_plugins/kbn_vislib_vis_types/index.js"}
{"type":"log","@timestamp":"2017-06-02T21:01:24Z","tags":["plugins","debug"],"pid":27334,"path":"/usr/share/kibana/src/core_plugins/kibana/index.js","message":"Found plugin at /usr/share/kibana/src/core_plugins/kibana/index.js"}
{"type":"log","@timestamp":"2017-06-02T21:01:24Z","tags":["plugins","debug"],"pid":27334,"path":"/usr/share/kibana/src/core_plugins/markdown_vis/index.js","message":"Found plugin at /usr/share/kibana/src/core_plugins/markdown_vis/index.js"}
{"type":"log","@timestamp":"2017-06-02T21:01:24Z","tags":["plugins","debug"],"pid":27334,"path":"/usr/share/kibana/src/core_plugins/metric_vis/index.js","message":"Found plugin at /usr/share/kibana/src/core_plugins/metric_vis/index.js"}
{"type":"log","@timestamp":"2017-06-02T21:01:24Z","tags":["plugins","debug"],"pid":27334,"path":"/usr/share/kibana/src/core_plugins/metrics/index.js","message":"Found plugin at /usr/share/kibana/src/core_plugins/metrics/index.js"}
{"type":"log","@timestamp":"2017-06-02T21:01:24Z","tags":["plugins","debug"],"pid":27334,"path":"/usr/share/kibana/src/core_plugins/spy_modes/index.js","message":"Found plugin at /usr/share/kibana/src/core_plugins/spy_modes/index.js"}
{"type":"log","@timestamp":"2017-06-02T21:01:24Z","tags":["plugins","debug"],"pid":27334,"path":"/usr/share/kibana/src/core_plugins/status_page/index.js","message":"Found plugin at /usr/share/kibana/src/core_plugins/status_page/index.js"}
{"type":"log","@timestamp":"2017-06-02T21:01:25Z","tags":["plugins","debug"],"pid":27334,"path":"/usr/share/kibana/src/core_plugins/table_vis/index.js","message":"Found plugin at /usr/share/kibana/src/core_plugins/table_vis/index.js"}
{"type":"log","@timestamp":"2017-06-02T21:01:25Z","tags":["plugins","debug"],"pid":27334,"path":"/usr/share/kibana/src/core_plugins/tagcloud/index.js","message":"Found plugin at /usr/share/kibana/src/core_plugins/tagcloud/index.js"}
{"type":"log","@timestamp":"2017-06-02T21:01:25Z","tags":["plugins","debug"],"pid":27334,"path":"/usr/share/kibana/src/core_plugins/timelion/index.js","message":"Found plugin at /usr/share/kibana/src/core_plugins/timelion/index.js"}
{"type":"ops","@timestamp":"2017-06-02T21:01:28Z","tags":[],"pid":27334,"os":{"load":[10.5380859375,11.4912109375,11.76318359375],"mem":{"total":15972458496,"free":154951680},"uptime":2758857},"proc":{"uptime":36.724,"mem":{"rss":193339392,"heapTotal":175431680,"heapUsed":135954712,"external":291543},"delay":6.513227939605713},"load":{"requests":{},"concurrents":{"5601":0},"responseTimes":{},"sockets":{"http":{"total":0},"https":{"total":0}}},"message":"memory: 129.7MB uptime: 0:00:37 load: [10.54 11.49 11.76] delay: 6.513"}
{"type":"log","@timestamp":"2017-06-02T21:01:28Z","tags":["debug","optimize"],"pid":27334,"message":"All bundles are cached and ready to go!"}
{"type":"log","@timestamp":"2017-06-02T21:01:28Z","tags":["plugins","debug"],"pid":27334,"plugin":{"name":"kibana","version":"kibana"},"message":"Initializing plugin kibana@kibana"}
{"type":"log","@timestamp":"2017-06-02T21:01:28Z","tags":["status","plugin:kibana@5.4.0","info"],"pid":27334,"state":"green","message":"Status changed from uninitialized to green - Ready","prevState":"uninitialized","prevMsg":"uninitialized"}
{"type":"log","@timestamp":"2017-06-02T21:01:28Z","tags":["plugins","debug"],"pid":27334,"plugin":{"name":"elasticsearch","version":"kibana"},"message":"Initializing plugin elasticsearch@kibana"}
{"type":"log","@timestamp":"2017-06-02T21:01:29Z","tags":["status","plugin:elasticsearch@5.4.0","info"],"pid":27334,"state":"yellow","message":"Status changed from uninitialized to yellow - Waiting for Elasticsearch","prevState":"uninitialized","prevMsg":"uninitialized"}
{"type":"log","@timestamp":"2017-06-02T21:01:29Z","tags":["plugins","debug"],"pid":27334,"plugin":{"name":"searchguard","version":"5.4.0","description":"Search Guard features for kibana","main":"index.js","homepage":"https://floragunn.com","license":"Apache-2.0","repository":{"type":"git","url":"https://github.com/floragunncom/search-guard-kibana-plugin"},"dependencies":{"boom":"^3.2.2","hapi":"^16.0.1","hapi-async-handler":"^1.0.3","hapi-auth-cookie":"^3.1.0","hapi-authorization":"^3.0.2","joi":"^6.6.1","requirefrom":"^0.2.0"}},"message":"Initializing plugin searchguard@5.4.0"}
{"type":"log","@timestamp":"2017-06-02T21:01:31Z","tags":["status","plugin:searchguard@5.4.0","info"],"pid":27334,"state":"yellow","message":"Status changed from uninitialized to yellow - Search Guard HTTP Basic Authentication is disabled.","prevState":"uninitialized","prevMsg":"uninitialized"}
{"type":"log","@timestamp":"2017-06-02T21:01:31Z","tags":["status","plugin:searchguard@5.4.0","info"],"pid":27334,"state":"yellow","message":"Status changed from yellow to yellow - Search Guard multitenancy disabled","prevState":"yellow","prevMsg":"Search Guard HTTP Basic Authentication is disabled."}
{"type":"log","@timestamp":"2017-06-02T21:01:31Z","tags":["status","plugin:searchguard@5.4.0","info"],"pid":27334,"state":"green","message":"Status changed from yellow to green - Search Guard plugin initialised.","prevState":"yellow","prevMsg":"Search Guard multitenancy disabled"}
{"type":"log","@timestamp":"2017-06-02T21:01:31Z","tags":["server","uuid","uuid"],"pid":27334,"message":"Resuming persistent Kibana instance UUID: 7be7d7f2-7a04-452a-ad90-004ed8ba4d77"}
{"type":"log","@timestamp":"2017-06-02T21:01:31Z","tags":["plugins","debug"],"pid":27334,"plugin":{"author":"Lorenzo Mangani <lorenzo.mangani@gmail.com>","repository":{"type":"git","url":"http://github.com/sirensolutions/sentinl.git"},"name":"sentinl","version":"5.4.0-SNAPSHOT","kibana":{"version":"5.4.0"},"description":"Kibana Alert & Report App for Elasticsearch","main":"index.js","scripts":{"lint":"eslint","precommit":"gulp lint","sentinl-install":"/opt/kibana/bin/kibi plugin --install sentinl -u file://`pwd`/sentinl-latest.tar.gz","sentinl-remove":"/opt/kibana/bin/kibi plugin --remove sentinl","package":"gulp package","archive":"tar cfz ./sentinl-latest.tar.gz --exclude .git --exclude .gitignore --exclude .github --exclude gradle --exclude build --exclude target --exclude sentinl-latest.tar.gz ./* && ls -alF sentinl-latest*"},"dependencies":{"angular-ui-bootstrap":"^0.13.4","bluebird":"3.4.7","bootstrap":"^3.3.7","emailjs":"1.0.8","later":"1.2.0","mustache":"2.3.0","node-horseman":"3.2.0","node-slack":"0.0.7","phantomjs":"^2.1.7","sum-time":"1.0.0"},"devDependencies":{"babel-eslint":"6.1.2","eslint":"3.14.1","eslint-plugin-mocha":"4.8.0","gulp":"3.9.1","gulp-eslint":"1.1.1","gulp-util":"3.0.8","gulp-zip":"3.1.0","husky":"0.10.2","lodash":"3.10.1","minimist":"1.2.0","mkdirp":"0.5.1","rimraf":"2.5.4","rsync":"0.4.0"},"license":"Apache-2.0"},"message":"Initializing plugin sentinl@5.4.0-SNAPSHOT"}
{"type":"log","@timestamp":"2017-06-02T21:01:31Z","tags":["plugin","debug"],"pid":27334,"message":"Checking Elasticsearch version"}
{"type":"log","@timestamp":"2017-06-02T21:01:31Z","tags":["status","plugin:sentinl@5.4.0-SNAPSHOT","info"],"pid":27334,"state":"green","message":"Status changed from uninitialized to green - Ready","prevState":"uninitialized","prevMsg":"uninitialized"}
{"type":"log","@timestamp":"2017-06-02T21:01:31Z","tags":["plugins","debug"],"pid":27334,"plugin":{"name":"x-pack","version":"5.4.0","author":"Elastic","dependencies":{"@elastic/datemath":"2.3.0","@elastic/node-crypto":"0.1.2","@elastic/node-phantom-simple":"2.2.4","angular-paging":"2.2.1","angular-resource":"1.4.9","angular-sanitize":"1.4.9","angular-ui-ace":"0.2.3","angular-ui-bootstrap":"1.2.5","babel-core":"6.21.0","babel-preset-es2015":"6.22.0","babel-runtime":"5.8.38","bluebird":"3.1.1","boom":"3.1.1","clarinet":"0.11.0","concat-stream":"1.5.1","d3":"3.5.6","elasticsearch":"12.1.2","extract-zip":"1.5.0","flot-charts":"0.8.3","font-awesome":"4.4.0","get-port":"2.1.0","glob":"6.0.4","hapi-auth-basic":"4.2.0","hapi-auth-cookie":"6.1.1","joi":"6.10.1","lodash":"3.10.1","moment":"2.11.2","moment-timezone":"0.5.3","moment-duration-format":"1.3.0","node-uuid":"1.4.7","pdfmake":"0.1.18","pluralize":"3.1.0","pui-react-overlay-trigger":"7.0.0","pui-react-tooltip":"7.0.0","puid":"1.0.5","queue":"4.0.0","react":"15.3.2","react-dom":"15.3.2","rison-node":"0.3.1","semver":"5.1.0","tar-fs":"1.13.0","tinycolor2":"1.3.0","ui-select":"0.19.4","unbzip2-stream":"1.0.9","venn.js":"0.2.9"},"kibana":{"version":"5.4.0"},"build":{"git":{"count":"2430","sha":"d4fb672","date":"Thu, 27 Apr 2017 09:27:03 -0700"},"date":"Fri Apr 28 2017 18:04:28 GMT+0000 (UTC)"}},"message":"Initializing plugin xpack_main@5.4.0"}
{"type":"log","@timestamp":"2017-06-02T21:01:31Z","tags":["status","plugin:xpack_main@5.4.0","info"],"pid":27334,"state":"yellow","message":"Status changed from uninitialized to yellow - Waiting for Elasticsearch","prevState":"uninitialized","prevMsg":"uninitialized"}
{"type":"log","@timestamp":"2017-06-02T21:01:31Z","tags":["plugins","debug"],"pid":27334,"plugin":{"name":"x-pack","version":"5.4.0","author":"Elastic","dependencies":{"@elastic/datemath":"2.3.0","@elastic/node-crypto":"0.1.2","@elastic/node-phantom-simple":"2.2.4","angular-paging":"2.2.1","angular-resource":"1.4.9","angular-sanitize":"1.4.9","angular-ui-ace":"0.2.3","angular-ui-bootstrap":"1.2.5","babel-core":"6.21.0","babel-preset-es2015":"6.22.0","babel-runtime":"5.8.38","bluebird":"3.1.1","boom":"3.1.1","clarinet":"0.11.0","concat-stream":"1.5.1","d3":"3.5.6","elasticsearch":"12.1.2","extract-zip":"1.5.0","flot-charts":"0.8.3","font-awesome":"4.4.0","get-port":"2.1.0","glob":"6.0.4","hapi-auth-basic":"4.2.0","hapi-auth-cookie":"6.1.1","joi":"6.10.1","lodash":"3.10.1","moment":"2.11.2","moment-timezone":"0.5.3","moment-duration-format":"1.3.0","node-uuid":"1.4.7","pdfmake":"0.1.18","pluralize":"3.1.0","pui-react-overlay-trigger":"7.0.0","pui-react-tooltip":"7.0.0","puid":"1.0.5","queue":"4.0.0","react":"15.3.2","react-dom":"15.3.2","rison-node":"0.3.1","semver":"5.1.0","tar-fs":"1.13.0","tinycolor2":"1.3.0","ui-select":"0.19.4","unbzip2-stream":"1.0.9","venn.js":"0.2.9"},"kibana":{"version":"5.4.0"},"build":{"git":{"count":"2430","sha":"d4fb672","date":"Thu, 27 Apr 2017 09:27:03 -0700"},"date":"Fri Apr 28 2017 18:04:28 GMT+0000 (UTC)"}},"message":"Initializing plugin monitoring@5.4.0"}
{"type":"log","@timestamp":"2017-06-02T21:01:31Z","tags":["status","plugin:monitoring@5.4.0","info"],"pid":27334,"state":"green","message":"Status changed from uninitialized to green - Ready","prevState":"uninitialized","prevMsg":"uninitialized"}
{"type":"log","@timestamp":"2017-06-02T21:01:31Z","tags":["plugins","debug"],"pid":27334,"plugin":{"name":"x-pack","version":"5.4.0","author":"Elastic","dependencies":{"@elastic/datemath":"2.3.0","@elastic/node-crypto":"0.1.2","@elastic/node-phantom-simple":"2.2.4","angular-paging":"2.2.1","angular-resource":"1.4.9","angular-sanitize":"1.4.9","angular-ui-ace":"0.2.3","angular-ui-bootstrap":"1.2.5","babel-core":"6.21.0","babel-preset-es2015":"6.22.0","babel-runtime":"5.8.38","bluebird":"3.1.1","boom":"3.1.1","clarinet":"0.11.0","concat-stream":"1.5.1","d3":"3.5.6","elasticsearch":"12.1.2","extract-zip":"1.5.0","flot-charts":"0.8.3","font-awesome":"4.4.0","get-port":"2.1.0","glob":"6.0.4","hapi-auth-basic":"4.2.0","hapi-auth-cookie":"6.1.1","joi":"6.10.1","lodash":"3.10.1","moment":"2.11.2","moment-timezone":"0.5.3","moment-duration-format":"1.3.0","node-uuid":"1.4.7","pdfmake":"0.1.18","pluralize":"3.1.0","pui-react-overlay-trigger":"7.0.0","pui-react-tooltip":"7.0.0","puid":"1.0.5","queue":"4.0.0","react":"15.3.2","react-dom":"15.3.2","rison-node":"0.3.1","semver":"5.1.0","tar-fs":"1.13.0","tinycolor2":"1.3.0","ui-select":"0.19.4","unbzip2-stream":"1.0.9","venn.js":"0.2.9"},"kibana":{"version":"5.4.0"},"build":{"git":{"count":"2430","sha":"d4fb672","date":"Thu, 27 Apr 2017 09:27:03 -0700"},"date":"Fri Apr 28 2017 18:04:28 GMT+0000 (UTC)"}},"message":"Initializing plugin searchprofiler@5.4.0"}
{"type":"log","@timestamp":"2017-06-02T21:01:32Z","tags":["status","plugin:searchprofiler@5.4.0","info"],"pid":27334,"state":"yellow","message":"Status changed from uninitialized to yellow - Waiting for Elasticsearch","prevState":"uninitialized","prevMsg":"uninitialized"}
{"type":"log","@timestamp":"2017-06-02T21:01:32Z","tags":["plugins","debug"],"pid":27334,"plugin":{"name":"x-pack","version":"5.4.0","author":"Elastic","dependencies":{"@elastic/datemath":"2.3.0","@elastic/node-crypto":"0.1.2","@elastic/node-phantom-simple":"2.2.4","angular-paging":"2.2.1","angular-resource":"1.4.9","angular-sanitize":"1.4.9","angular-ui-ace":"0.2.3","angular-ui-bootstrap":"1.2.5","babel-core":"6.21.0","babel-preset-es2015":"6.22.0","babel-runtime":"5.8.38","bluebird":"3.1.1","boom":"3.1.1","clarinet":"0.11.0","concat-stream":"1.5.1","d3":"3.5.6","elasticsearch":"12.1.2","extract-zip":"1.5.0","flot-charts":"0.8.3","font-awesome":"4.4.0","get-port":"2.1.0","glob":"6.0.4","hapi-auth-basic":"4.2.0","hapi-auth-cookie":"6.1.1","joi":"6.10.1","lodash":"3.10.1","moment":"2.11.2","moment-timezone":"0.5.3","moment-duration-format":"1.3.0","node-uuid":"1.4.7","pdfmake":"0.1.18","pluralize":"3.1.0","pui-react-overlay-trigger":"7.0.0","pui-react-tooltip":"7.0.0","puid":"1.0.5","queue":"4.0.0","react":"15.3.2","react-dom":"15.3.2","rison-node":"0.3.1","semver":"5.1.0","tar-fs":"1.13.0","tinycolor2":"1.3.0","ui-select":"0.19.4","unbzip2-stream":"1.0.9","venn.js":"0.2.9"},"kibana":{"version":"5.4.0"},"build":{"git":{"count":"2430","sha":"d4fb672","date":"Thu, 27 Apr 2017 09:27:03 -0700"},"date":"Fri Apr 28 2017 18:04:28 GMT+0000 (UTC)"}},"message":"Initializing plugin ml@5.4.0"}
{"type":"log","@timestamp":"2017-06-02T21:01:32Z","tags":["status","plugin:ml@5.4.0","info"],"pid":27334,"state":"yellow","message":"Status changed from uninitialized to yellow - Waiting for Elasticsearch","prevState":"uninitialized","prevMsg":"uninitialized"}
{"type":"log","@timestamp":"2017-06-02T21:01:32Z","tags":["license","debug","xpack"],"pid":27334,"message":"Calling Elasticsearch _xpack API"}
{"type":"log","@timestamp":"2017-06-02T21:01:32Z","tags":["status","plugin:elasticsearch@5.4.0","info"],"pid":27334,"state":"green","message":"Status changed from yellow to green - Kibana index ready","prevState":"yellow","prevMsg":"Waiting for Elasticsearch"}
{"type":"log","@timestamp":"2017-06-02T21:01:32Z","tags":["status","info","Sentinl"],"pid":27334,"message":"Sentinl Initializing"}
{"type":"log","@timestamp":"2017-06-02T21:01:32Z","tags":["status","info","Sentinl"],"pid":27334,"message":"Core Index check..."}
{"type":"log","@timestamp":"2017-06-02T21:01:32Z","tags":["status","info","Sentinl"],"pid":27334,"message":"Alarm Index check..."}
{"type":"log","@timestamp":"2017-06-02T21:01:32Z","tags":["status","debug","Sentinl"],"pid":27334,"message":"Reloading Watchers..."}
{"type":"log","@timestamp":"2017-06-02T21:01:32Z","tags":["plugins","debug"],"pid":27334,"plugin":{"name":"kbn_vislib_vis_types","version":"kibana"},"message":"Initializing plugin kbn_vislib_vis_types@kibana"}
{"type":"log","@timestamp":"2017-06-02T21:01:32Z","tags":["license","info","xpack"],"pid":27334,"message":"Imported license information from Elasticsearch for [data] cluster: mode: basic | status: active | expiry date: 2017-06-14T16:59:59-07:00"}
{"type":"log","@timestamp":"2017-06-02T00:00:00Z","tags":["status","error","Sentinl"],"pid":27334,"message":"Failed to check if core index exists"}
{"type":"log","@timestamp":"2017-06-02T00:00:00Z","tags":["status","error","Sentinl"],"pid":27334,"message":"Failed to check if core index exists"}
{"type":"log","@timestamp":"2017-06-02T21:01:32Z","tags":["monitoring-ui","es-client"],"pid":27334,"message":"config sourced from: production cluster (http://localhost:9200)"}
{"type":"log","@timestamp":"2017-06-02T21:01:32Z","tags":["license","debug","xpack"],"pid":27334,"message":"Calling Elasticsearch _xpack API"}
{"type":"log","@timestamp":"2017-06-02T21:01:32Z","tags":["status","plugin:xpack_main@5.4.0","info"],"pid":27334,"state":"green","message":"Status changed from yellow to green - Ready","prevState":"yellow","prevMsg":"Waiting for Elasticsearch"}
{"type":"log","@timestamp":"2017-06-02T21:01:32Z","tags":["status","plugin:searchprofiler@5.4.0","info"],"pid":27334,"state":"green","message":"Status changed from yellow to green - Ready","prevState":"yellow","prevMsg":"Waiting for Elasticsearch"}
{"type":"log","@timestamp":"2017-06-02T21:01:32Z","tags":["status","plugin:ml@5.4.0","info"],"pid":27334,"state":"green","message":"Status changed from yellow to green - Ready","prevState":"yellow","prevMsg":"Waiting for Elasticsearch"}
{"type":"log","@timestamp":"2017-06-02T21:01:32Z","tags":["plugins","debug"],"pid":27334,"plugin":{"name":"x-pack","version":"5.4.0","author":"Elastic","dependencies":{"@elastic/datemath":"2.3.0","@elastic/node-crypto":"0.1.2","@elastic/node-phantom-simple":"2.2.4","angular-paging":"2.2.1","angular-resource":"1.4.9","angular-sanitize":"1.4.9","angular-ui-ace":"0.2.3","angular-ui-bootstrap":"1.2.5","babel-core":"6.21.0","babel-preset-es2015":"6.22.0","babel-runtime":"5.8.38","bluebird":"3.1.1","boom":"3.1.1","clarinet":"0.11.0","concat-stream":"1.5.1","d3":"3.5.6","elasticsearch":"12.1.2","extract-zip":"1.5.0","flot-charts":"0.8.3","font-awesome":"4.4.0","get-port":"2.1.0","glob":"6.0.4","hapi-auth-basic":"4.2.0","hapi-auth-cookie":"6.1.1","joi":"6.10.1","lodash":"3.10.1","moment":"2.11.2","moment-timezone":"0.5.3","moment-duration-format":"1.3.0","node-uuid":"1.4.7","pdfmake":"0.1.18","pluralize":"3.1.0","pui-react-overlay-trigger":"7.0.0","pui-react-tooltip":"7.0.0","puid":"1.0.5","queue":"4.0.0","react":"15.3.2","react-dom":"15.3.2","rison-node":"0.3.1","semver":"5.1.0","tar-fs":"1.13.0","tinycolor2":"1.3.0","ui-select":"0.19.4","unbzip2-stream":"1.0.9","venn.js":"0.2.9"},"kibana":{"version":"5.4.0"},"build":{"git":{"count":"2430","sha":"d4fb672","date":"Thu, 27 Apr 2017 09:27:03 -0700"},"date":"Fri Apr 28 2017 18:04:28 GMT+0000 (UTC)"}},"message":"Initializing plugin tilemap@5.4.0"}
{"type":"log","@timestamp":"2017-06-02T21:01:32Z","tags":["status","plugin:tilemap@5.4.0","info"],"pid":27334,"state":"green","message":"Status changed from uninitialized to green - Ready","prevState":"uninitialized","prevMsg":"uninitialized"}
{"type":"log","@timestamp":"2017-06-02T21:01:32Z","tags":["status","info","Sentinl"],"pid":27334,"message":"No indices found, Initializing"}
{"type":"log","@timestamp":"2017-06-02T21:01:32Z","tags":["plugins","debug"],"pid":27334,"plugin":{"name":"x-pack","version":"5.4.0","author":"Elastic","dependencies":{"@elastic/datemath":"2.3.0","@elastic/node-crypto":"0.1.2","@elastic/node-phantom-simple":"2.2.4","angular-paging":"2.2.1","angular-resource":"1.4.9","angular-sanitize":"1.4.9","angular-ui-ace":"0.2.3","angular-ui-bootstrap":"1.2.5","babel-core":"6.21.0","babel-preset-es2015":"6.22.0","babel-runtime":"5.8.38","bluebird":"3.1.1","boom":"3.1.1","clarinet":"0.11.0","concat-stream":"1.5.1","d3":"3.5.6","elasticsearch":"12.1.2","extract-zip":"1.5.0","flot-charts":"0.8.3","font-awesome":"4.4.0","get-port":"2.1.0","glob":"6.0.4","hapi-auth-basic":"4.2.0","hapi-auth-cookie":"6.1.1","joi":"6.10.1","lodash":"3.10.1","moment":"2.11.2","moment-timezone":"0.5.3","moment-duration-format":"1.3.0","node-uuid":"1.4.7","pdfmake":"0.1.18","pluralize":"3.1.0","pui-react-overlay-trigger":"7.0.0","pui-react-tooltip":"7.0.0","puid":"1.0.5","queue":"4.0.0","react":"15.3.2","react-dom":"15.3.2","rison-node":"0.3.1","semver":"5.1.0","tar-fs":"1.13.0","tinycolor2":"1.3.0","ui-select":"0.19.4","unbzip2-stream":"1.0.9","venn.js":"0.2.9"},"kibana":{"version":"5.4.0"},"build":{"git":{"count":"2430","sha":"d4fb672","date":"Thu, 27 Apr 2017 09:27:03 -0700"},"date":"Fri Apr 28 2017 18:04:28 GMT+0000 (UTC)"}},"message":"Initializing plugin watcher@5.4.0"}
{"type":"log","@timestamp":"2017-06-02T21:01:32Z","tags":["status","plugin:watcher@5.4.0","info"],"pid":27334,"state":"green","message":"Status changed from uninitialized to green - Ready","prevState":"uninitialized","prevMsg":"uninitialized"}
{"type":"log","@timestamp":"2017-06-02T21:01:32Z","tags":["license","info","xpack"],"pid":27334,"message":"Imported license information from Elasticsearch for [monitoring] cluster: mode: basic | status: active | expiry date: 2017-06-14T16:59:59-07:00"}
{"type":"log","@timestamp":"2017-06-02T21:01:32Z","tags":["status","plugin:monitoring@5.4.0","info"],"pid":27334,"state":"yellow","message":"Status changed from green to yellow - Waiting for Monitoring Health Check","prevState":"green","prevMsg":"Ready"}
{"type":"log","@timestamp":"2017-06-02T21:01:32Z","tags":["plugins","debug"],"pid":27334,"plugin":{"author":"Boaz Leskes <boaz@elastic.co>","contributors":["Spencer Alger <spencer.alger@elastic.co>"],"name":"console","version":"kibana"},"message":"Initializing plugin console@kibana"}
{"type":"log","@timestamp":"2017-06-02T21:01:32Z","tags":["plugin","debug"],"pid":27334,"message":"Checking Elasticsearch version"}
{"type":"log","@timestamp":"2017-06-02T21:01:32Z","tags":["status","plugin:console@5.4.0","info"],"pid":27334,"state":"green","message":"Status changed from uninitialized to green - Ready","prevState":"uninitialized","prevMsg":"uninitialized"}
{"type":"log","@timestamp":"2017-06-02T21:01:32Z","tags":["plugins","debug"],"pid":27334,"plugin":{"name":"kbn_doc_views","version":"kibana"},"message":"Initializing plugin kbn_doc_views@kibana"}
{"type":"log","@timestamp":"2017-06-02T21:01:32Z","tags":["plugins","debug"],"pid":27334,"plugin":{"name":"markdown_vis","version":"kibana"},"message":"Initializing plugin markdown_vis@kibana"}
{"type":"log","@timestamp":"2017-06-02T21:01:32Z","tags":["plugins","debug"],"pid":27334,"plugin":{"name":"metric_vis","version":"kibana"},"message":"Initializing plugin metric_vis@kibana"}
{"type":"log","@timestamp":"2017-06-02T21:01:32Z","tags":["status","plugin:monitoring@5.4.0","info"],"pid":27334,"state":"green","message":"Status changed from yellow to green - Ready","prevState":"yellow","prevMsg":"Waiting for Monitoring Health Check"}
{"type":"log","@timestamp":"2017-06-02T21:01:32Z","tags":["plugins","debug"],"pid":27334,"plugin":{"author":"Chris Cowan<chris@elastic.co>","name":"metrics","version":"kibana"},"message":"Initializing plugin metrics@kibana"}
{"type":"log","@timestamp":"2017-06-02T21:01:47Z","tags":["plugin","debug"],"pid":27334,"message":"Checking Elasticsearch version"}
{"type":"log","@timestamp":"2017-06-02T21:01:47Z","tags":["plugin","debug"],"pid":27334,"message":"Checking Elasticsearch version"}
{"type":"ops","@timestamp":"2017-06-02T21:01:47Z","tags":[],"pid":27334,"os":{"load":[12.03759765625,11.7900390625,11.85791015625],"mem":{"total":15972458496,"free":203751424},"uptime":2758876},"proc":{"uptime":56.246,"mem":{"rss":246509568,"heapTotal":218017792,"heapUsed":162489144,"external":79390},"delay":10.720033168792725},"load":{"requests":{},"concurrents":{"5601":0},"responseTimes":{},"sockets":{"http":{"total":0},"https":{"total":0}}},"message":"memory: 155.0MB uptime: 0:00:56 load: [12.04 11.79 11.86] delay: 10.720"}
{"type":"log","@timestamp":"2017-06-02T21:01:47Z","tags":["debug","monitoring-ui"],"pid":27334,"message":"Received Monitoring event data"}
{"type":"log","@timestamp":"2017-06-02T21:01:47Z","tags":["status","plugin:metrics@5.4.0","info"],"pid":27334,"state":"green","message":"Status changed from uninitialized to green - Ready","prevState":"uninitialized","prevMsg":"uninitialized"}
{"type":"log","@timestamp":"2017-06-02T21:01:47Z","tags":["plugins","debug"],"pid":27334,"plugin":{"name":"spy_modes","version":"kibana"},"message":"Initializing plugin spy_modes@kibana"}
{"type":"log","@timestamp":"2017-06-02T21:01:47Z","tags":["plugins","debug"],"pid":27334,"plugin":{"name":"status_page","version":"kibana"},"message":"Initializing plugin status_page@kibana"}
{"type":"log","@timestamp":"2017-06-02T21:01:47Z","tags":["plugins","debug"],"pid":27334,"plugin":{"name":"table_vis","version":"kibana"},"message":"Initializing plugin table_vis@kibana"}
{"type":"log","@timestamp":"2017-06-02T21:01:47Z","tags":["plugins","debug"],"pid":27334,"plugin":{"name":"tagcloud","version":"kibana"},"message":"Initializing plugin tagcloud@kibana"}
{"type":"log","@timestamp":"2017-06-02T21:01:47Z","tags":["plugins","debug"],"pid":27334,"plugin":{"author":"Rashid Khan <rashid@elastic.co>","name":"timelion","version":"kibana"},"message":"Initializing plugin timelion@kibana"}
{"type":"log","@timestamp":"2017-06-02T21:01:49Z","tags":["status","plugin:timelion@5.4.0","info"],"pid":27334,"state":"green","message":"Status changed from uninitialized to green - Ready","prevState":"uninitialized","prevMsg":"uninitialized"}
{"type":"log","@timestamp":"2017-06-02T21:01:49Z","tags":["listening","info"],"pid":27334,"message":"Server running at http://localhost:5601"}
{"type":"log","@timestamp":"2017-06-02T21:01:49Z","tags":["status","ui settings","info"],"pid":27334,"state":"green","message":"Status changed from uninitialized to green - Ready","prevState":"uninitialized","prevMsg":"uninitialized"}
{"type":"log","@timestamp":"2017-06-02T21:01:51Z","tags":["plugin","debug"],"pid":27334,"message":"Checking Elasticsearch version"}
{"type":"log","@timestamp":"2017-06-02T21:01:52Z","tags":["plugin","debug"],"pid":27334,"message":"Checking Elasticsearch version"}
{"type":"ops","@timestamp":"2017-06-02T21:01:52Z","tags":[],"pid":27334,"os":{"load":[11.63427734375,11.71044921875,11.83203125],"mem":{"total":15972458496,"free":212865024},"uptime":2758881},"proc":{"uptime":61.248,"mem":{"rss":247242752,"heapTotal":218017792,"heapUsed":163392400,"external":203542},"delay":1.0435028076171875},"load":{"requests":{},"concurrents":{"5601":0},"responseTimes":{},"sockets":{"http":{"total":0},"https":{"total":0}}},"message":"memory: 155.8MB uptime: 0:01:01 load: [11.63 11.71 11.83] delay: 1.044"}
{"type":"log","@timestamp":"2017-06-02T21:01:52Z","tags":["debug","monitoring-ui"],"pid":27334,"message":"Received Monitoring event data"}
{"type":"log","@timestamp":"2017-06-02T21:01:54Z","tags":["plugin","debug"],"pid":27334,"message":"Checking Elasticsearch version"}
{"type":"log","@timestamp":"2017-06-02T21:01:54Z","tags":["plugin","debug"],"pid":27334,"message":"Checking Elasticsearch version"}
{"type":"log","@timestamp":"2017-06-02T21:01:55Z","tags":["status","debug","Sentinl"],"pid":27334,"message":"Reloading Watchers..."}
{"type":"log","@timestamp":"2017-06-02T21:01:55Z","tags":["status","info","Sentinl"],"pid":27334,"message":"No indices found, Initializing"}
{"type":"log","@timestamp":"2017-06-02T21:01:57Z","tags":["plugin","debug"],"pid":27334,"message":"Checking Elasticsearch version"}
{"type":"log","@timestamp":"2017-06-02T21:01:57Z","tags":["plugin","debug"],"pid":27334,"message":"Checking Elasticsearch version"}
{"type":"ops","@timestamp":"2017-06-02T21:01:57Z","tags":[],"pid":27334,"os":{"load":[11.34326171875,11.64892578125,11.8115234375],"mem":{"total":15972458496,"free":164466688},"uptime":2758886},"proc":{"uptime":66.249,"mem":{"rss":247242752,"heapTotal":218017792,"heapUsed":164785528,"external":292602},"delay":0.6256933212280273},"load":{"requests":{},"concurrents":{"5601":0},"responseTimes":{},"sockets":{"http":{"total":0},"https":{"total":0}}},"message":"memory: 157.2MB uptime: 0:01:06 load: [11.34 11.65 11.81] delay: 0.626"}
{"type":"log","@timestamp":"2017-06-02T21:01:57Z","tags":["debug","monitoring-ui"],"pid":27334,"message":"Received Monitoring event data"}
{"type":"log","@timestamp":"2017-06-02T21:01:57Z","tags":["debug","monitoring-ui"],"pid":27334,"message":"Sending Monitoring payload to Elasticsearch"}
{"type":"log","@timestamp":"2017-06-02T21:01:59Z","tags":["plugin","debug"],"pid":27334,"message":"Checking Elasticsearch version"}
{"type":"log","@timestamp":"2017-06-02T21:02:00Z","tags":["plugin","debug"],"pid":27334,"message":"Checking Elasticsearch version"}
{"type":"log","@timestamp":"2017-06-02T21:02:02Z","tags":["plugin","debug"],"pid":27334,"message":"Checking Elasticsearch version"}
{"type":"log","@timestamp":"2017-06-02T21:02:02Z","tags":["license","debug","xpack"],"pid":27334,"message":"Calling Elasticsearch _xpack API"}
{"type":"log","@timestamp":"2017-06-02T21:02:02Z","tags":["license","debug","xpack"],"pid":27334,"message":"Calling Elasticsearch _xpack API"}
{"type":"ops","@timestamp":"2017-06-02T21:02:02Z","tags":[],"pid":27334,"os":{"load":[13.07763671875,12.00341796875,11.92529296875],"mem":{"total":15972458496,"free":192786432},"uptime":2758891},"proc":{"uptime":71.251,"mem":{"rss":247242752,"heapTotal":218017792,"heapUsed":165967376,"external":381145},"delay":1.0919761657714844},"load":{"requests":{},"concurrents":{"5601":0},"responseTimes":{},"sockets":{"http":{"total":0},"https":{"total":0}}},"message":"memory: 158.3MB uptime: 0:01:11 load: [13.08 12.00 11.93] delay: 1.092"}
{"type":"log","@timestamp":"2017-06-02T21:02:02Z","tags":["debug","monitoring-ui"],"pid":27334,"message":"Received Monitoring event data"}
{"type":"log","@timestamp":"2017-06-02T21:02:02Z","tags":["plugin","debug"],"pid":27334,"message":"Checking Elasticsearch version"}
{"type":"log","@timestamp":"2017-06-02T21:02:04Z","tags":["plugin","debug"],"pid":27334,"message":"Checking Elasticsearch version"}
{"type":"log","@timestamp":"2017-06-02T21:02:05Z","tags":["plugin","debug"],"pid":27334,"message":"Checking Elasticsearch version"}
{"type":"log","@timestamp":"2017-06-02T21:02:07Z","tags":["plugin","debug"],"pid":27334,"message":"Checking Elasticsearch version"}
{"type":"ops","@timestamp":"2017-06-02T21:02:07Z","tags":[],"pid":27334,"os":{"load":[13.3916015625,12.08642578125,11.95263671875],"mem":{"total":15972458496,"free":171757568},"uptime":2758896},"proc":{"uptime":76.251,"mem":{"rss":247242752,"heapTotal":218017792,"heapUsed":167079728,"external":470059},"delay":0.8303790092468262},"load":{"requests":{},"concurrents":{"5601":0},"responseTimes":{},"sockets":{"http":{"total":0},"https":{"total":0}}},"message":"memory: 159.3MB uptime: 0:01:16 load: [13.39 12.09 11.95] delay: 0.830"}
{"type":"log","@timestamp":"2017-06-02T21:02:07Z","tags":["debug","monitoring-ui"],"pid":27334,"message":"Received Monitoring event data"}
{"type":"log","@timestamp":"2017-06-02T21:02:07Z","tags":["debug","monitoring-ui"],"pid":27334,"message":"Sending Monitoring payload to Elasticsearch"}
{"type":"log","@timestamp":"2017-06-02T21:02:08Z","tags":["plugin","debug"],"pid":27334,"message":"Checking Elasticsearch version"}
{"type":"response","@timestamp":"2017-06-02T21:02:09Z","tags":[],"pid":27334,"method":"get","statusCode":200,"req":{"url":"/","method":"get","headers":{"host":"corp-logs.redfintest.com","x-real-ip":"10.0.7.254","x-scheme":"http","x-forwarded-for":"10.0.7.254","x-proxy-user":"daniel.kasen@redfin.com","connection":"close","upgrade-insecure-requests":"1","user-agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36","accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8","accept-encoding":"gzip, deflate, sdch","accept-language":"en-US,en;q=0.8"},"remoteAddress":"127.0.0.1","userAgent":"127.0.0.1"},"res":{"statusCode":200,"responseTime":193,"contentLength":9},"message":"GET / 200 193ms - 9.0B"}
{"type":"log","@timestamp":"2017-06-02T21:02:09Z","tags":["license","debug","xpack"],"pid":27334,"message":"Calling Elasticsearch _xpack API"}
{"type":"response","@timestamp":"2017-06-02T21:02:09Z","tags":[],"pid":27334,"method":"get","statusCode":404,"req":{"url":"/favicon.ico","method":"get","headers":
{"type":"log","@timestamp":"2017-06-02T21:02:09Z","tags":["plugin","debug"],"pid":27334,"message":"Checking Elasticsearch version"}
{"type":"response","@timestamp":"2017-06-02T21:02:09Z","tags":[],"pid":27334,"method":"get","statusCode":200,"req":{"url":"/app/kibana","method":"get","headers":
{"type":"response","@timestamp":"2017-06-02T21:02:10Z","tags":[],"pid":27334,"method":"post","statusCode":404,"req":

@shubhamverma27
Copy link

Hi, I am facing the similar problem , I am using it with readonlyRest Plugin for authentication!!

@shubhamverma27
Copy link

@djtecha @lmangani @fabiocorneti @andrewgdotcom @scampi Any Progress on this issue?

@lmangani
Copy link
Collaborator

@shubhamverma27 this is not straightforward as even readonlyRest offers this in PRO only AFAIK
Will look into it

@shubhamverma27
Copy link

shubhamverma27 commented Jun 13, 2017
edited
Loading

@lmangani But the same problem is there with searchguard too
"" No indices found, Initializing "" this error log specifically which means that its not authenticated to access he index.
So adding a field for es username and password should solve the issue

You can refer to logstash in which we enter es userid and password for authenticated elasticsearch!!

@fbaligand fbaligand mentioned this issue Jun 13, 2017
Closed
@andryzhu
Copy link

I am facing the similar problem , I am using it with searchguard Plugin for authentication.
I installed sentinl 5.3.2 and kibana 5.3.2.

@shubhamverma27
Copy link

@andryzhu make the exceptions as given in FAQ.
It ll work for the time being..

@andryzhu
Copy link

@shubhamverma27 I know, that exceptions of readonlyrest in FAQ.But i use searchguard Plugin for authentication.

@fbaligand
Copy link
Contributor

The idea is that you get inspiration from FAQ readonlyrest configuration to configure searchguard in the same way.
Once done, don't hesitate to post there the searchguard configuration so that it will be added to sentinl FAQ.

@matejzero
Copy link

How is your kibana server role set up?

This is what I have and Sentinl is working for me:

sg_kibana_server:
  cluster:
      - CLUSTER_MONITOR
      - CLUSTER_COMPOSITE_OPS
      - cluster:admin/xpack/monitoring/bulk
      - indices:admin/template/get
      - indices:admin/template/put
  indices:
    '?kibana':
      '*':
        - ALL
    'watcher*':
      '*':
        - ALL

I think sentinl needs access to watcher* indexes and admin/template/{put,get}. CLUSTER_MONITOR and CLUSTER_COMPOSITE_OPS are needed for normal kibana operations and I think they are now default.

CLUSTER_MONITOR:
  - cluster:monitor/*
CLUSTER_COMPOSITE_OPS:
  - "indices:data/write/bulk*"
  - "indices:admin/aliases*"
  - "indices:data/read/mget*"
  - "indices:data/read/msearch"
  - "indices:data/read/mtv*"
  - "indices:data/read/coordinate-msearch*"

@fbaligand
Copy link
Contributor

@lmangani It could be nice to add the searchguard configuration above in the FAQ wiki page, don't you think ?

@lmangani
Copy link
Collaborator

lmangani commented Jun 29, 2017
edited
Loading

@fbaligand absolutely! Temporary in the FAQ but we should make a page dedicated to Authentication soon... also could you confirm you have Editing on the Wiki too for corrections?

https://github.com/sirensolutions/sentinl/wiki/SENTINL-FAQ#q-how-can-i-use-sentinl-with-searchguard-authentication

@fbaligand
Copy link
Contributor

fbaligand commented Jun 29, 2017
edited
Loading

Thanks for the wiki update !

And I don't have "edit" rights on wiki.

@andryzhu
Copy link

andryzhu commented Jun 30, 2017
edited
Loading

I has been solved,I found the sentinl connected with es are no user password authentication, so must be enable the host authentication on searchguard.
I set is as follows:

1. edit sg_config.yml 
    host_auth_domain:  
         enabled: true
         order: 1
         http_authenticator:
             type: host #DEPRECATED, will be removed in a future version
             challenge: false
         authentication_backend:
             type: noop
2.create a role in sg_role.yml file
   sg_kibana_sentinl:
      cluster:
         - CLUSTER_MONITOR
         - CLUSTER_COMPOSITE_OPS
         - cluster:admin/xpack/monitoring/bulk* #I installed the X-pack for monitoring , if not installed - this should be no
      indices:
          '*':
            '*':
              - SEARCH
              - GET
              - READ
              - indices:data/write/bulk*
          'watcher*':
               '*':
                 - CRUD
                 - indices:admin/refresh*
3.map the role to host in sg_roles_mapping.yml file.
   sg_kibana_sentinl:
       hosts:
           - "192.168.1.2"
           - "192.168.1.3"
       users:
           '*'

@lmangani
Copy link
Collaborator

Thanks @andryzhu could you post with proper formatting/spaces using the code wrap?

@shubhamverma27
Copy link

shubhamverma27 commented Jun 30, 2017
edited
Loading

@andryzhu Wouldn't it give open access to every kibana user to all the indices via dev tools?

As host would be same

@lmangani
Copy link
Collaborator

Instructions are now in Wiki, please open a fresh issue in case of updates/challenges.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
AUTH enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@lmangani @djtecha @fbaligand @matejzero @andryzhu @shubhamverma27