Hello,
Please help me with below two errors I see while bringing up Elasticsearch –
Error 1 - [c.f.s.c.PrivilegesEvaluator] No permissions for {sg_own_index=[IndexType [index=myindex-2018.08.22, type=]], sg_logstash=[IndexType [index=myindex-2018.08.22, type=]]}
Error 2 -[2018-08-22T17:55:02,646][INFO ][c.f.s.c.PrivilegesEvaluator] No index-level perm match for User [name=logstash, roles=[logstash], requestedTenant=null] [IndexType [index=myindex-2018.08.22, type=*]] [Action [[indices:admin/create]]] [RolesChecked [sg_logstash, sg_own_index]]
SG Version - search-guard-6-6.1.2-22.3
Elastic/Logstash - 6.1.2
JAVA 1.8.0_66-b31
sg_roles.yml
···
sg_logstash:
cluster:
- CLUSTER_MONITOR
- CLUSTER_COMPOSITE_OPS
- indices:admin/template/get
- indices:admin/template/put
- indices:data/write/bulk*
indices:
‘logstash-':
'’:
- CRUD
- CREATE_INDEX
‘myindex-':
'’:
- CRUD
- CREATE_INDEX
‘beat’:
‘*’:
- CRUD
- CREATE_INDEX
sg_own_index:
cluster:
- CLUSTER_COMPOSITE_OPS
indices:
‘${user_name}’:
‘*’:
- INDICES_ALL
sg_roles_mapping.yml
sg_logstash:
backendroles:
- logstash
Logstash – output
output {
elasticsearch {
user => logstash
password => logstash
ssl => true
ssl_certificate_verification => false
index => “myindex-%{+YYYY.MM.dd}”
hosts => [“xx.xx.xx.xx:nnnn”]
}
}
Did you copy the config files verbatim here? You may have an indentation error in the config, but it may be a copy and paste error, please check:
‘myindex-*’:
‘*’:
``
Here the index name (“myindex-“) and the document type (””) are on the same level. Thus it is interpreted like two indices. Try this and see if it makes a difference:
‘myindex-*’:
‘*’:
This should be done for all indices. If it is a copy&paste error, please post your original config files here.
···
On Wednesday, August 22, 2018 at 6:19:31 PM UTC-5, Dharma Thadi wrote:
Hello,
Please help me with below two errors I see while bringing up Elasticsearch –
Error 1 - [c.f.s.c.PrivilegesEvaluator] No permissions for {sg_own_index=[IndexType [index=myindex-2018.08.22, type=]], sg_logstash=[IndexType [index=myindex-2018.08.22, type=]]}
Error 2 -[2018-08-22T17:55:02,646][INFO ][c.f.s.c.PrivilegesEvaluator] No index-level perm match for User [name=logstash, roles=[logstash], requestedTenant=null] [IndexType [index=myindex-2018.08.22, type=*]] [Action [[indices:admin/create]]] [RolesChecked [sg_logstash, sg_own_index]]
SG Version - search-guard-6-6.1.2-22.3
Elastic/Logstash - 6.1.2
JAVA 1.8.0_66-b31
sg_roles.yml
sg_logstash:
cluster:
- CLUSTER_MONITOR
- CLUSTER_COMPOSITE_OPS
- indices:admin/template/get
- indices:admin/template/put
- indices:data/write/bulk*
indices:
‘logstash-':
'’:
- CRUD
- CREATE_INDEX
‘myindex-':
'’:
- CRUD
- CREATE_INDEX
‘beat’:
‘*’:
- CRUD
- CREATE_INDEX
sg_own_index:
cluster:
- CLUSTER_COMPOSITE_OPS
indices:
‘${user_name}’:
‘*’:
- INDICES_ALL
sg_roles_mapping.yml
sg_logstash:
backendroles:
- logstash
Logstash – output
output {
elasticsearch {
user => logstash
password => logstash
ssl => true
ssl_certificate_verification => false
index => “myindex-%{+YYYY.MM.dd}”
hosts => [“xx.xx.xx.xx:nnnn”]
}
}