Hi,
I turned the log level to debug mode however i can’t see any significant error message in the logs.
The logs as per following:
[2019-08-14T16:07:59,526][DEBUG][c.f.s.p.PrivilegesEvaluator] [DESKTOP-BN85TH6] Aliases for .kibana_1: [.kibana=>{
“.kibana” : { }
}]
[2019-08-14T16:07:59,526][DEBUG][c.f.s.p.PrivilegesEvaluator] [DESKTOP-BN85TH6] sgr: [SGS_ALL_ACCESS, SGS_OWN_INDEX]
[2019-08-14T16:07:59,526][DEBUG][c.f.s.p.PrivilegesEvaluator] [DESKTOP-BN85TH6] Aliases for .kibana_1: [.kibana=>{
“.kibana” : { }
}]
[2019-08-14T16:07:59,527][DEBUG][c.f.s.c.PrivilegesInterceptorImpl] [DESKTOP-BN85TH6] raw requestedTenant: ‘null’
[2019-08-14T16:07:59,526][DEBUG][c.f.s.p.PrivilegesEvaluator] [DESKTOP-BN85TH6] Aliases for .kibana_1: [.kibana=>{
“.kibana” : { }
}]
[2019-08-14T16:07:59,527][DEBUG][c.f.s.p.PrivilegesEvaluator] [DESKTOP-BN85TH6] sgr2: [SGS_ALL_ACCESS, SGS_OWN_INDEX]
[2019-08-14T16:07:59,527][DEBUG][c.f.s.p.PrivilegesEvaluator] [DESKTOP-BN85TH6] .kibana is not an alias or does not have a filter
[2019-08-14T16:07:59,527][DEBUG][c.f.s.p.PrivilegesEvaluator] [DESKTOP-BN85TH6] .kibana is not an alias or does not have a filter
[2019-08-14T16:07:59,534][DEBUG][c.f.s.p.PrivilegesEvaluator] [DESKTOP-BN85TH6] Allowed because we have all indices permissions for indices:data/read/get
[2019-08-14T16:07:59,531][DEBUG][c.f.s.p.PrivilegesEvaluator] [DESKTOP-BN85TH6] Aliases for .kibana_1: [.kibana=>{
“.kibana” : { }
}]
[2019-08-14T16:07:59,534][DEBUG][c.f.s.f.SearchGuardFilter] [DESKTOP-BN85TH6] PrivEvalResponse [allowed=true, missingPrivileges=[indices:data/read/get], allowedFlsFields=null, maskedFields=null, queries=null]
[2019-08-14T16:07:59,526][DEBUG][c.f.s.p.PrivilegesEvaluator] [DESKTOP-BN85TH6] sgr2: [SGS_ALL_ACCESS, SGS_OWN_INDEX]
[2019-08-14T16:07:59,538][DEBUG][c.f.s.p.PrivilegesEvaluator] [DESKTOP-BN85TH6] Aliases for .kibana_1: [.kibana=>{
“.kibana” : { }
}]
[2019-08-14T16:07:59,539][DEBUG][c.f.s.p.PrivilegesEvaluator] [DESKTOP-BN85TH6] .kibana is not an alias or does not have a filter
[2019-08-14T16:07:59,554][DEBUG][c.f.s.p.PrivilegesEvaluator] [DESKTOP-BN85TH6] Allowed because we have all indices permissions for indices:data/read/get
[2019-08-14T16:07:59,534][DEBUG][c.f.s.p.PrivilegesEvaluator] [DESKTOP-BN85TH6] Allowed because we have all indices permissions for indices:data/read/get
[2019-08-14T16:07:59,528][DEBUG][c.f.s.p.PrivilegesEvaluator] [DESKTOP-BN85TH6] .kibana is not an alias or does not have a filter
[2019-08-14T16:07:59,536][DEBUG][c.f.s.p.PrivilegesEvaluator] [DESKTOP-BN85TH6] .kibana is not an alias or does not have a filter
[2019-08-14T16:07:59,528][DEBUG][c.f.s.c.PrivilegesInterceptorImpl] [DESKTOP-BN85TH6] request class org.elasticsearch.action.search.SearchRequest
[2019-08-14T16:07:59,556][DEBUG][c.f.s.p.PrivilegesEvaluator] [DESKTOP-BN85TH6] Allowed because we have all indices permissions for indices:data/read/search
[2019-08-14T16:07:59,555][DEBUG][c.f.s.f.SearchGuardFilter] [DESKTOP-BN85TH6] PrivEvalResponse [allowed=true, missingPrivileges=[indices:data/read/get], allowedFlsFields=null, maskedFields=null, queries=null]
[2019-08-14T16:07:59,555][DEBUG][c.f.s.f.SearchGuardFilter] [DESKTOP-BN85TH6] PrivEvalResponse [allowed=true, missingPrivileges=[indices:data/read/get], allowedFlsFields=null, maskedFields=null, queries=null]
[2019-08-14T16:07:59,547][DEBUG][c.f.s.a.BackendRegistry ] [DESKTOP-BN85TH6] Check authdomain for rest internal/4 or 1 in total
[2019-08-14T16:07:59,577][DEBUG][c.f.s.a.BackendRegistry ] [DESKTOP-BN85TH6] Check authdomain for rest internal/4 or 1 in total
[2019-08-14T16:07:59,582][DEBUG][c.f.s.a.BackendRegistry ] [DESKTOP-BN85TH6] Rest user ‘User [name=admin, backend_roles=[admin], requestedTenant=null]’ is authenticated
[2019-08-14T16:07:59,559][DEBUG][c.f.s.f.SearchGuardFilter] [DESKTOP-BN85TH6] PrivEvalResponse [allowed=true, missingPrivileges=[indices:data/read/search], allowedFlsFields=null, maskedFields=null, queries=null]
[2019-08-14T16:07:59,557][DEBUG][c.f.s.p.PrivilegesEvaluator] [DESKTOP-BN85TH6] Allowed because we have all indices permissions for indices:data/read/get
[2019-08-14T16:07:59,592][DEBUG][c.f.s.f.SearchGuardFilter] [DESKTOP-BN85TH6] PrivEvalResponse [allowed=true, missingPrivileges=[indices:data/read/get], allowedFlsFields=null, maskedFields=null, queries=null]
[2019-08-14T16:07:59,558][DEBUG][c.f.s.p.PrivilegesEvaluator] [DESKTOP-BN85TH6] Result from privileges interceptor: null
[2019-08-14T16:07:59,587][DEBUG][c.f.s.a.BackendRegistry ] [DESKTOP-BN85TH6] sgtenant ‘null’
[2019-08-14T16:07:59,577][DEBUG][c.f.s.a.BackendRegistry ] [DESKTOP-BN85TH6] Rest user ‘User [name=admin, backend_roles=[admin], requestedTenant=null]’ is authenticated
[2019-08-14T16:07:59,602][DEBUG][c.f.s.p.PrivilegesEvaluator] [DESKTOP-BN85TH6] ### evaluate permissions for User [name=admin, backend_roles=[admin], requestedTenant=null] on DESKTOP-BN85TH6
[2019-08-14T16:07:59,584][DEBUG][c.f.s.a.BackendRegistry ] [DESKTOP-BN85TH6] Check authdomain for rest internal/4 or 1 in total
[2019-08-14T16:07:59,599][DEBUG][c.f.s.p.PrivilegesEvaluator] [DESKTOP-BN85TH6] sgr2: [SGS_ALL_ACCESS, SGS_OWN_INDEX]
[2019-08-14T16:07:59,603][DEBUG][c.f.s.p.PrivilegesEvaluator] [DESKTOP-BN85TH6] action: indices:data/read/get (GetRequest)
[2019-08-14T16:07:59,606][DEBUG][c.f.s.p.PrivilegesEvaluator] [DESKTOP-BN85TH6] Aliases for .kibana_1: [.kibana=>{
“.kibana” : { }
}]
[2019-08-14T16:07:59,599][DEBUG][c.f.s.a.BackendRegistry ] [DESKTOP-BN85TH6] Check authdomain for rest internal/4 or 1 in total
[2019-08-14T16:07:59,599][DEBUG][c.f.s.a.BackendRegistry ] [DESKTOP-BN85TH6] Check authdomain for rest internal/4 or 1 in total
[2019-08-14T16:07:59,605][DEBUG][c.f.s.a.BackendRegistry ] [DESKTOP-BN85TH6] Rest user ‘User [name=admin, backend_roles=[admin], requestedTenant=null]’ is authenticated
[2019-08-14T16:07:59,607][DEBUG][c.f.s.r.IndexResolverReplacer] [DESKTOP-BN85TH6] Resolve aliases, indices and types from GetRequest
[2019-08-14T16:07:59,609][DEBUG][c.f.s.p.PrivilegesEvaluator] [DESKTOP-BN85TH6] .kibana is not an alias or does not have a filter
[2019-08-14T16:07:59,609][DEBUG][c.f.s.a.BackendRegistry ] [DESKTOP-BN85TH6] Rest user ‘User [name=admin, backend_roles=[admin], requestedTenant=null]’ is authenticated
[2019-08-14T16:07:59,603][DEBUG][c.f.s.a.BackendRegistry ] [DESKTOP-BN85TH6] sgtenant ‘null’
[2019-08-14T16:07:59,614][DEBUG][c.f.s.a.BackendRegistry ] [DESKTOP-BN85TH6] sgtenant ‘null’