Here are the logs
elastic node:
[2021-07-22T10:16:10,354][WARN ][c.f.s.a.RestAuthenticationProcessor] [elastic01.node.com] Authentication finally failed for null from 1.1.1.1
[2021-07-22T10:16:10,354][WARN ][c.f.s.a.RestAuthenticationProcessor] [elastic01.node.com] Authentication finally failed for null from 1.1.1.1
[2021-07-22T10:16:49,369][WARN ][c.f.s.a.RestAuthenticationProcessor] [elastic01.node.com] Authentication finally failed for null from 1.1.1.1
[2021-07-22T10:16:49,369][WARN ][c.f.s.a.RestAuthenticationProcessor] [elastic01.node.com] Authentication finally failed for null from 1.1.1.1
[2021-07-22T10:17:10,355][WARN ][c.f.s.a.RestAuthenticationProcessor] [elastic01.node.com] Authentication finally failed for null from 1.1.1.1
[2021-07-22T10:17:10,355][WARN ][c.f.s.a.RestAuthenticationProcessor] [elastic01.node.com] Authentication finally failed for null from 1.1.1.1
[2021-07-22T10:17:10,356][WARN ][c.f.s.a.RestAuthenticationProcessor] [elastic01.node.com] Authentication finally failed for null from 1.1.1.1
[2021-07-22T10:17:10,358][WARN ][c.f.s.a.RestAuthenticationProcessor] [elastic01.node.com] Authentication finally failed for null from 1.1.1.1
[2021-07-22T10:17:10,359][WARN ][c.f.s.a.RestAuthenticationProcessor] [elastic01.node.com] Authentication finally failed for null from 1.1.1.1
[2021-07-22T10:17:10,359][WARN ][c.f.s.a.RestAuthenticationProcessor] [elastic01.node.com] Authentication finally failed for null from 1.1.1.1
[2021-07-22T10:17:10,360][WARN ][c.f.s.a.RestAuthenticationProcessor] [elastic01.node.com] Authentication finally failed for null from 1.1.1.1
[2021-07-22T10:17:10,360][WARN ][c.f.s.a.RestAuthenticationProcessor] [elastic01.node.com] Authentication finally failed for null from 1.1.1.1
[2021-07-22T10:17:10,361][WARN ][c.f.s.a.RestAuthenticationProcessor] [elastic01.node.com] Authentication finally failed for null from 1.1.1.1
[2021-07-22T10:17:10,362][WARN ][c.f.s.a.RestAuthenticationProcessor] [elastic01.node.com] Authentication finally failed for null from 1.1.1.1
[2021-07-22T10:17:10,364][WARN ][c.f.s.a.RestAuthenticationProcessor] [elastic01.node.com] Authentication finally failed for null from 1.1.1.1
[2021-07-22T10:17:10,364][WARN ][c.f.s.a.RestAuthenticationProcessor] [elastic01.node.com] Authentication finally failed for null from 1.1.1.1
[2021-07-22T10:17:10,364][WARN ][c.f.s.a.RestAuthenticationProcessor] [elastic01.node.com] Authentication finally failed for null from 1.1.1.1
[2021-07-22T10:17:10,365][WARN ][c.f.s.a.RestAuthenticationProcessor] [elastic01.node.com] Authentication finally failed for null from 1.1.1.1
[2021-07-22T10:17:10,365][WARN ][c.f.s.a.RestAuthenticationProcessor] [elastic01.node.com] Authentication finally failed for null from 1.1.1.1
[2021-07-22T10:17:10,369][WARN ][c.f.s.a.RestAuthenticationProcessor] [elastic01.node.com] Authentication finally failed for null from 1.1.1.1
Around same time there are these logs in kibana visible. Those consists of:
- lifeness checks of the deployment (kibana is running on openshift)
- and some weird errors of the alert plugin which I do not know where it comes from yet
{"type":"log","@timestamp":"2021-07-22T08:15:07+00:00","tags":["error","plugins","alerting","plugins","alerting"],"pid":19,"message":"Executing Alert \"cb7f3650-d9b2-11eb-b74d-b5a9d9fe47d1\" has resulted in Error: Response Error"}
{"type":"log","@timestamp":"2021-07-22T08:15:07+00:00","tags":["error","plugins","alerting","plugins","alerting"],"pid":19,"message":"Executing Alert \"cb80e400-d9b2-11eb-b74d-b5a9d9fe47d1\" has resulted in Error: Response Error"}
{"type":"log","@timestamp":"2021-07-22T08:15:07+00:00","tags":["error","plugins","alerting","plugins","alerting"],"pid":19,"message":"Executing Alert \"cb6daa20-d9b2-11eb-b74d-b5a9d9fe47d1\" has resulted in Error: Response Error"}
{"type":"log","@timestamp":"2021-07-22T08:15:07+00:00","tags":["error","plugins","alerting","plugins","alerting"],"pid":19,"message":"Executing Alert \"cb7fd290-d9b2-11eb-b74d-b5a9d9fe47d1\" has resulted in Error: Response Error"}
{"type":"log","@timestamp":"2021-07-22T08:15:07+00:00","tags":["error","plugins","alerting","plugins","alerting"],"pid":19,"message":"Executing Alert \"cb6ce6d0-d9b2-11eb-b74d-b5a9d9fe47d1\" has resulted in Error: Response Error"}
{"type":"log","@timestamp":"2021-07-22T08:15:07+00:00","tags":["error","plugins","alerting","plugins","alerting"],"pid":19,"message":"Executing Alert \"cb813220-d9b2-11eb-b74d-b5a9d9fe47d1\" has resulted in Error: Response Error"}
{"type":"log","@timestamp":"2021-07-22T08:15:07+00:00","tags":["error","plugins","alerting","plugins","alerting"],"pid":19,"message":"Executing Alert \"cb706940-d9b2-11eb-b74d-b5a9d9fe47d1\" has resulted in Error: Response Error"}
{"type":"log","@timestamp":"2021-07-22T08:15:07+00:00","tags":["error","plugins","alerting","plugins","alerting"],"pid":19,"message":"Executing Alert \"cb783170-d9b2-11eb-b74d-b5a9d9fe47d1\" has resulted in Error: Response Error"}
{"type":"response","@timestamp":"2021-07-22T08:15:11+00:00","tags":["api"],"pid":19,"method":"get","statusCode":200,"req":{"url":"/api/status","method":"get","headers":{"host":"localhost:5601","user-agent":"curl/7.61.1","accept":"*/*"},"remoteAddress":"127.0.0.1","userAgent":"curl/7.61.1"},"res":{"statusCode":200,"responseTime":3,"contentLength":22284},"message":"GET /api/status 200 3ms - 21.8KB"}
{"type":"response","@timestamp":"2021-07-22T08:15:21+00:00","tags":["api"],"pid":19,"method":"get","statusCode":200,"req":{"url":"/api/status","method":"get","headers":{"host":"localhost:5601","user-agent":"curl/7.61.1","accept":"*/*"},"remoteAddress":"127.0.0.1","userAgent":"curl/7.61.1"},"res":{"statusCode":200,"responseTime":2,"contentLength":22284},"message":"GET /api/status 200 2ms - 21.8KB"}
{"type":"response","@timestamp":"2021-07-22T08:15:31+00:00","tags":["api"],"pid":19,"method":"get","statusCode":200,"req":{"url":"/api/status","method":"get","headers":{"host":"localhost:5601","user-agent":"curl/7.61.1","accept":"*/*"},"remoteAddress":"127.0.0.1","userAgent":"curl/7.61.1"},"res":{"statusCode":200,"responseTime":3,"contentLength":22284},"message":"GET /api/status 200 3ms - 21.8KB"}
{"type":"response","@timestamp":"2021-07-22T08:15:41+00:00","tags":["api"],"pid":19,"method":"get","statusCode":200,"req":{"url":"/api/status","method":"get","headers":{"host":"localhost:5601","user-agent":"curl/7.61.1","accept":"*/*"},"remoteAddress":"127.0.0.1","userAgent":"curl/7.61.1"},"res":{"statusCode":200,"responseTime":3,"contentLength":22284},"message":"GET /api/status 200 3ms - 21.8KB"}
{"type":"log","@timestamp":"2021-07-22T08:15:43+00:00","tags":["warning","plugins","alerting","plugins","alerting"],"pid":19,"message":"Error executing alerting apiKey invalidation task: Response Error"}
{"type":"response","@timestamp":"2021-07-22T08:15:51+00:00","tags":["api"],"pid":19,"method":"get","statusCode":200,"req":{"url":"/api/status","method":"get","headers":{"host":"localhost:5601","user-agent":"curl/7.61.1","accept":"*/*"},"remoteAddress":"127.0.0.1","userAgent":"curl/7.61.1"},"res":{"statusCode":200,"responseTime":6,"contentLength":22285},"message":"GET /api/status 200 6ms - 21.8KB"}
{"type":"response","@timestamp":"2021-07-22T08:16:01+00:00","tags":["api"],"pid":19,"method":"get","statusCode":200,"req":{"url":"/api/status","method":"get","headers":{"host":"localhost:5601","user-agent":"curl/7.61.1","accept":"*/*"},"remoteAddress":"127.0.0.1","userAgent":"curl/7.61.1"},"res":{"statusCode":200,"responseTime":2,"contentLength":22284},"message":"GET /api/status 200 2ms - 21.8KB"}
{"type":"log","@timestamp":"2021-07-22T08:16:10+00:00","tags":["error","plugins","alerting","plugins","alerting"],"pid":19,"message":"Executing Alert \"cb8095e0-d9b2-11eb-b74d-b5a9d9fe47d1\" has resulted in Error: Response Error"}
{"type":"response","@timestamp":"2021-07-22T08:16:11+00:00","tags":["api"],"pid":19,"method":"get","statusCode":200,"req":{"url":"/api/status","method":"get","headers":{"host":"localhost:5601","user-agent":"curl/7.61.1","accept":"*/*"},"remoteAddress":"127.0.0.1","userAgent":"curl/7.61.1"},"res":{"statusCode":200,"responseTime":4,"contentLength":22285},"message":"GET /api/status 200 4ms - 21.8KB"}
{"type":"response","@timestamp":"2021-07-22T08:16:21+00:00","tags":["api"],"pid":19,"method":"get","statusCode":200,"req":{"url":"/api/status","method":"get","headers":{"host":"localhost:5601","user-agent":"curl/7.61.1","accept":"*/*"},"remoteAddress":"127.0.0.1","userAgent":"curl/7.61.1"},"res":{"statusCode":200,"responseTime":2,"contentLength":22284},"message":"GET /api/status 200 2ms - 21.8KB"}
{"type":"response","@timestamp":"2021-07-22T08:16:31+00:00","tags":["api"],"pid":19,"method":"get","statusCode":200,"req":{"url":"/api/status","method":"get","headers":{"host":"localhost:5601","user-agent":"curl/7.61.1","accept":"*/*"},"remoteAddress":"127.0.0.1","userAgent":"curl/7.61.1"},"res":{"statusCode":200,"responseTime":3,"contentLength":22283},"message":"GET /api/status 200 3ms - 21.8KB"}
{"type":"response","@timestamp":"2021-07-22T08:16:41+00:00","tags":["api"],"pid":19,"method":"get","statusCode":200,"req":{"url":"/api/status","method":"get","headers":{"host":"localhost:5601","user-agent":"curl/7.61.1","accept":"*/*"},"remoteAddress":"127.0.0.1","userAgent":"curl/7.61.1"},"res":{"statusCode":200,"responseTime":3,"contentLength":22283},"message":"GET /api/status 200 3ms - 21.8KB"}
{"type":"log","@timestamp":"2021-07-22T08:16:49+00:00","tags":["error","plugins","alerting","plugins","alerting"],"pid":19,"message":"Executing Alert \"cb7f0f40-d9b2-11eb-b74d-b5a9d9fe47d1\" has resulted in Error: Response Error"}
{"type":"response","@timestamp":"2021-07-22T08:16:51+00:00","tags":["api"],"pid":19,"method":"get","statusCode":200,"req":{"url":"/api/status","method":"get","headers":{"host":"localhost:5601","user-agent":"curl/7.61.1","accept":"*/*"},"remoteAddress":"127.0.0.1","userAgent":"curl/7.61.1"},"res":{"statusCode":200,"responseTime":4,"contentLength":22284},"message":"GET /api/status 200 4ms - 21.8KB"}
{"type":"response","@timestamp":"2021-07-22T08:17:01+00:00","tags":["api"],"pid":19,"method":"get","statusCode":200,"req":{"url":"/api/status","method":"get","headers":{"host":"localhost:5601","user-agent":"curl/7.61.1","accept":"*/*"},"remoteAddress":"127.0.0.1","userAgent":"curl/7.61.1"},"res":{"statusCode":200,"responseTime":2,"contentLength":22280},"message":"GET /api/status 200 2ms - 21.8KB"}