What exactly do you mean when saying “cannot see the changes”? Can you describe exactly what you are doing?
To debug, you can use the sgadmin tool to retrieve the currently active configuration from a running cluster. Instead of specifying the configuration directory (-cd) use the -r/–retrieve switch. This will store the configuration that SG is currently using. Please compare the contents and see if your changes are there.
If not, what is in the ES logs when you execute the sgadmin call?
Also, please post your changed internal users yaml file.
On Wednesday, July 11, 2018 at 12:47:28 PM UTC+2, Harish K wrote:
Following is the output when I reload the configuration Files.But still i cannot see the changes made in internal users file.I didn’t make any major change just renamed the username
C:\Users\Harish\Desktop\Kibana with search guard\elasticsearch-6.2.4\plugins\search-guard-6\tools>sgadmin -cd …/sgconfig/ -icl -nhnv -cacert …/…/…/config/root-ca.pem -cert …/…/…/config/kirk.pe
m -key …/…/…/config/kirk-key.pem
Search Guard Admin v6
Will connect to localhost:9300 … done
Elasticsearch Version: 6.2.4
Search Guard Version: 6.2.4-22.3
Connected as CN=kirk,OU=client,O=client,L=test,C=de
Contacting elasticsearch cluster ‘elasticsearch’ and wait for YELLOW clusterstate …
Number of nodes: 1
Number of data nodes: 1
searchguard index already exists, so we do not need to create one.
Populate config from C:\Users\Harish\Desktop\Kibana with search guard\elasticsearch-6.2.4\plugins\search-guard-6\sgconfig
Will update ‘sg/config’ with …/sgconfig/\sg_config.yml
SUCC: Configuration for ‘config’ created or updated
Will update ‘sg/roles’ with …/sgconfig/\sg_roles.yml
SUCC: Configuration for ‘roles’ created or updated
Will update ‘sg/rolesmapping’ with …/sgconfig/\sg_roles_mapping.yml
SUCC: Configuration for ‘rolesmapping’ created or updated
Will update ‘sg/internalusers’ with …/sgconfig/\sg_internal_users.yml
SUCC: Configuration for ‘internalusers’ created or updated
Will update ‘sg/actiongroups’ with …/sgconfig/\sg_action_groups.yml
SUCC: Configuration for ‘actiongroups’ created or updated
Done with success