Elasticsearch version: 6.5.4
Kibana: 6.5.4

Searchguard for kibana: 6.5.4-18

How can i access kibana Dashboard after installing searchguard plugin on it?

i have elasticsearch running on cluster enabled searchguard on it and service is accessible on port 443:9200

i have another server with only kibana installed on it and enabled searchguard on that server, i have included all the elasticsearch cluster and certs details in it.

Please suggest me how do i access kibana dashboard, thanks.

kibana.yml

xpack.security.enabled: false

xpack.spaces.enabled: false

xpack.monitoring.enabled: false

xpack.graph.enabled: false

xpack.ml.enabled: false

xpack.watcher.enabled: false

BEGIN ANSIBLE MANAGED BLOCK

elasticsearch.url: “https://test-elastic:443”

elasticsearch.ssl.certificateAuthorities: /root/ssl/cacert

elasticsearch.ssl.certificate: /root/ssl/test-elastic-client.pem

elasticsearch.ssl.key: /root/ssl/test-elastic-client.key

#server.basePath: /kibana

END ANSIBLE MANAGED BLOCK

server.host: “10.10.10.15”

server.name: “kibana73”

From your config below i assume its

http://10.10.10.15:5601

With regards to your settings:
   elasticsearch.ssl.certificate: /root/ssl/test-elastic-client.pem
   elasticsearch.ssl.key: /root/ssl/test-elastic-client.key
in kibana.yml pls. refer to Installing the Search Guard Kibana Plugin | Security for Elasticsearch | Search Guard
because using client certificates is maybe not something you really want.

If you like to encrypt the access to Kibana itself (so that it would be accessible via https://10.10.10.15:5601) then set
   server.ssl.enabled: true
   server.ssl.certificate: /path/to/cert.pem
   server.ssl.key: /path/to/key.pem
   ...
   ...
in kibana.yml as documented in Configure Kibana | Kibana Guide [8.11] | Elastic

···

Am 15.03.2019 um 22:01 schrieb Vijay <vijayakrishna.rg@gmail.com>:

Elasticsearch version: 6.5.4
Kibana: 6.5.4
Searchguard for kibana: 6.5.4-18

How can i access kibana Dashboard after installing searchguard plugin on it?

i have elasticsearch running on cluster enabled searchguard on it and service is accessible on port 443:9200

i have another server with only kibana installed on it and enabled searchguard on that server, i have included all the elasticsearch cluster and certs details in it.

Please suggest me how do i access kibana dashboard, thanks.

kibana.yml

xpack.security.enabled: false
xpack.spaces.enabled: false
xpack.monitoring.enabled: false
xpack.graph.enabled: false
xpack.ml.enabled: false
xpack.watcher.enabled: false

# BEGIN ANSIBLE MANAGED BLOCK
elasticsearch.url: "https://test-elastic:443"
elasticsearch.ssl.certificateAuthorities: /root/ssl/cacert
elasticsearch.ssl.certificate: /root/ssl/test-elastic-client.pem
elasticsearch.ssl.key: /root/ssl/test-elastic-client.key
#server.basePath: /kibana
# END ANSIBLE MANAGED BLOCK
server.host: "10.10.10.15"
server.name: "kibana73"

--
You received this message because you are subscribed to the Google Groups "Search Guard Community Forum" group.
To unsubscribe from this group and stop receiving emails from it, send an email to search-guard+unsubscribe@googlegroups.com.
To post to this group, send email to search-guard@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/15f83069-d498-47f8-a6d2-2cebdb459bde%40googlegroups.com\.
For more options, visit https://groups.google.com/d/optout\.

Thanks for the response.

i am able to access kibana Dashboard, but not able to login into it, getting below error, please help me.

{“type”:“log”,“@timestamp”:“2019-03-18T22:00:40Z”,“tags”:[“status”,“plugin:kibana@6.5.4”,“info”],“pid”:14882,“state”:“green”,“message”:“Status changed from uninitialized to green - Ready”,“prevState”:“uninitialized”,“prevMsg”:“uninitialized”}

{“type”:“log”,“@timestamp”:“2019-03-18T22:00:40Z”,“tags”:[“status”,“plugin:elasticsearch@6.5.4”,“info”],“pid”:14882,“state”:“yellow”,“message”:“Status changed from uninitialized to yellow - Waiting for Elasticsearch”,“prevState”:“uninitialized”,“prevMsg”:“uninitialized”}

{“type”:“log”,“@timestamp”:“2019-03-18T22:00:40Z”,“tags”:[“status”,“plugin:xpack_main@6.5.4”,“info”],“pid”:14882,“state”:“yellow”,“message”:“Status changed from uninitialized to yellow - Waiting for Elasticsearch”,“prevState”:“uninitialized”,“prevMsg”:“uninitialized”}

{“type”:“log”,“@timestamp”:“2019-03-18T22:00:40Z”,“tags”:[“status”,“plugin:searchprofiler@6.5.4”,“info”],“pid”:14882,“state”:“yellow”,“message”:“Status changed from uninitialized to yellow - Waiting for Elasticsearch”,“prevState”:“uninitialized”,“prevMsg”:“uninitialized”}

{“type”:“log”,“@timestamp”:“2019-03-18T22:00:40Z”,“tags”:[“status”,“plugin:tilemap@6.5.4”,“info”],“pid”:14882,“state”:“yellow”,“message”:“Status changed from uninitialized to yellow - Waiting for Elasticsearch”,“prevState”:“uninitialized”,“prevMsg”:“uninitialized”}

{“type”:“log”,“@timestamp”:“2019-03-18T22:00:40Z”,“tags”:[“status”,“plugin:license_management@6.5.4”,“info”],“pid”:14882,“state”:“green”,“message”:“Status changed from uninitialized to green - Ready”,“prevState”:“uninitialized”,“prevMsg”:“uninitialized”}

{“type”:“log”,“@timestamp”:“2019-03-18T22:00:40Z”,“tags”:[“status”,“plugin:index_management@6.5.4”,“info”],“pid”:14882,“state”:“yellow”,“message”:“Status changed from uninitialized to yellow - Waiting for Elasticsearch”,“prevState”:“uninitialized”,“prevMsg”:“uninitialized”}

{“type”:“log”,“@timestamp”:“2019-03-18T22:00:41Z”,“tags”:[“status”,“plugin:rollup@6.5.4”,“info”],“pid”:14882,“state”:“yellow”,“message”:“Status changed from uninitialized to yellow - Waiting for Elasticsearch”,“prevState”:“uninitialized”,“prevMsg”:“uninitialized”}

{“type”:“log”,“@timestamp”:“2019-03-18T22:00:41Z”,“tags”:[“status”,“plugin:timelion@6.5.4”,“info”],“pid”:14882,“state”:“green”,“message”:“Status changed from uninitialized to green - Ready”,“prevState”:“uninitialized”,“prevMsg”:“uninitialized”}

{“type”:“log”,“@timestamp”:“2019-03-18T22:00:41Z”,“tags”:[“status”,“plugin:grokdebugger@6.5.4”,“info”],“pid”:14882,“state”:“yellow”,“message”:“Status changed from uninitialized to yellow - Waiting for Elasticsearch”,“prevState”:“uninitialized”,“prevMsg”:“uninitialized”}

{“type”:“log”,“@timestamp”:“2019-03-18T22:00:41Z”,“tags”:[“status”,“plugin:dashboard_mode@6.5.4”,“info”],“pid”:14882,“state”:“green”,“message”:“Status changed from uninitialized to green - Ready”,“prevState”:“uninitialized”,“prevMsg”:“uninitialized”}

{“type”:“log”,“@timestamp”:“2019-03-18T22:00:41Z”,“tags”:[“status”,“plugin:logstash@6.5.4”,“info”],“pid”:14882,“state”:“yellow”,“message”:“Status changed from uninitialized to yellow - Waiting for Elasticsearch”,“prevState”:“uninitialized”,“prevMsg”:“uninitialized”}

{“type”:“log”,“@timestamp”:“2019-03-18T22:00:41Z”,“tags”:[“status”,“plugin:beats_management@6.5.4”,“info”],“pid”:14882,“state”:“yellow”,“message”:“Status changed from uninitialized to yellow - Waiting for Elasticsearch”,“prevState”:“uninitialized”,“prevMsg”:“uninitialized”}

{“type”:“log”,“@timestamp”:“2019-03-18T22:00:41Z”,“tags”:[“status”,“plugin:apm@6.5.4”,“info”],“pid”:14882,“state”:“green”,“message”:“Status changed from uninitialized to green - Ready”,“prevState”:“uninitialized”,“prevMsg”:“uninitialized”}

{“type”:“log”,“@timestamp”:“2019-03-18T22:00:41Z”,“tags”:[“status”,“plugin:canvas@6.5.4”,“info”],“pid”:14882,“state”:“green”,“message”:“Status changed from uninitialized to green - Ready”,“prevState”:“uninitialized”,“prevMsg”:“uninitialized”}

{“type”:“log”,“@timestamp”:“2019-03-18T22:00:41Z”,“tags”:[“status”,“plugin:console@6.5.4”,“info”],“pid”:14882,“state”:“green”,“message”:“Status changed from uninitialized to green - Ready”,“prevState”:“uninitialized”,“prevMsg”:“uninitialized”}

{“type”:“log”,“@timestamp”:“2019-03-18T22:00:41Z”,“tags”:[“status”,“plugin:console_extensions@6.5.4”,“info”],“pid”:14882,“state”:“green”,“message”:“Status changed from uninitialized to green - Ready”,“prevState”:“uninitialized”,“prevMsg”:“uninitialized”}

{“type”:“log”,“@timestamp”:“2019-03-18T22:00:41Z”,“tags”:[“status”,“plugin:notifications@6.5.4”,“info”],“pid”:14882,“state”:“green”,“message”:“Status changed from uninitialized to green - Ready”,“prevState”:“uninitialized”,“prevMsg”:“uninitialized”}

{“type”:“log”,“@timestamp”:“2019-03-18T22:00:41Z”,“tags”:[“status”,“plugin:infra@6.5.4”,“info”],“pid”:14882,“state”:“green”,“message”:“Status changed from uninitialized to green - Ready”,“prevState”:“uninitialized”,“prevMsg”:“uninitialized”}

{“type”:“log”,“@timestamp”:“2019-03-18T22:00:41Z”,“tags”:[“status”,“plugin:searchguard@6.5.4-18”,“info”],“pid”:14882,“state”:“yellow”,“message”:“Status changed from uninitialized to yellow - Initialising Search Guard authentication plugin.”,“prevState”:“uninitialized”,“prevMsg”:“uninitialized”}

{“type”:“log”,“@timestamp”:“2019-03-18T22:00:41Z”,“tags”:[“status”,“plugin:searchguard@6.5.4-18”,“info”],“pid”:14882,“state”:“yellow”,“message”:“Status changed from yellow to yellow - Default cookie password detected, please set a password in kibana.yml by setting ‘searchguard.cookie.password’ (min. 32 characters).”,“prevState”:“yellow”,“prevMsg”:“Initialising Search Guard authentication plugin.”}

{“type”:“log”,“@timestamp”:“2019-03-18T22:00:41Z”,“tags”:[“status”,“plugin:searchguard@6.5.4-18”,“info”],“pid”:14882,“state”:“yellow”,“message”:“Status changed from yellow to yellow - ‘searchguard.cookie.secure’ is set to false, cookies are transmitted over unsecure HTTP connection. Consider using HTTPS and set this key to ‘true’”,“prevState”:“yellow”,“prevMsg”:“Default cookie password detected, please set a password in kibana.yml by setting ‘searchguard.cookie.password’ (min. 32 characters).”}

{“type”:“log”,“@timestamp”:“2019-03-18T22:00:41Z”,“tags”:[“status”,“plugin:searchguard@6.5.4-18”,“info”],“pid”:14882,“state”:“yellow”,“message”:“Status changed from yellow to yellow - Search Guard session management enabled.”,“prevState”:“yellow”,“prevMsg”:“‘searchguard.cookie.secure’ is set to false, cookies are transmitted over unsecure HTTP connection. Consider using HTTPS and set this key to ‘true’”}

{“type”:“log”,“@timestamp”:“2019-03-18T22:00:41Z”,“tags”:[“status”,“plugin:searchguard@6.5.4-18”,“info”],“pid”:14882,“state”:“yellow”,“message”:“Status changed from yellow to yellow - Search Guard copy JWT params disabled”,“prevState”:“yellow”,“prevMsg”:“Search Guard session management enabled.”}

{“type”:“log”,“@timestamp”:“2019-03-18T22:00:41Z”,“tags”:[“status”,“plugin:searchguard@6.5.4-18”,“info”],“pid”:14882,“state”:“yellow”,“message”:“Status changed from yellow to yellow - Search Guard multitenancy disabled”,“prevState”:“yellow”,“prevMsg”:“Search Guard copy JWT params disabled”}

{“type”:“log”,“@timestamp”:“2019-03-18T22:00:41Z”,“tags”:[“status”,“plugin:searchguard@6.5.4-18”,“info”],“pid”:14882,“state”:“yellow”,“message”:“Status changed from yellow to yellow - Routes for Search Guard configuration GUI registered. This is an Enterprise feature.”,“prevState”:“yellow”,“prevMsg”:“Search Guard multitenancy disabled”}

{“type”:“log”,“@timestamp”:“2019-03-18T22:00:41Z”,“tags”:[“status”,“plugin:searchguard@6.5.4-18”,“info”],“pid”:14882,“state”:“yellow”,“message”:“Status changed from yellow to yellow - Search Guard system routes registered.”,“prevState”:“yellow”,“prevMsg”:“Routes for Search Guard configuration GUI registered. This is an Enterprise feature.”}

{“type”:“log”,“@timestamp”:“2019-03-18T22:00:41Z”,“tags”:[“status”,“plugin:searchguard@6.5.4-18”,“info”],“pid”:14882,“state”:“green”,“message”:“Status changed from yellow to green - Search Guard plugin version 6.5.4-18 initialised.”,“prevState”:“yellow”,“prevMsg”:“Search Guard system routes registered.”}

{“type”:“log”,“@timestamp”:“2019-03-18T22:00:41Z”,“tags”:[“status”,“plugin:metrics@6.5.4”,“info”],“pid”:14882,“state”:“green”,“message”:“Status changed from uninitialized to green - Ready”,“prevState”:“uninitialized”,“prevMsg”:“uninitialized”}

{“type”:“log”,“@timestamp”:“2019-03-18T22:00:42Z”,“tags”:[“reporting”,“warning”],“pid”:14882,“message”:“Generating a random key for xpack.reporting.encryptionKey. To prevent pending reports from failing on restart, please set xpack.reporting.encryptionKey in kibana.yml”}

{“type”:“log”,“@timestamp”:“2019-03-18T22:00:42Z”,“tags”:[“status”,“plugin:reporting@6.5.4”,“info”],“pid”:14882,“state”:“yellow”,“message”:“Status changed from uninitialized to yellow - Waiting for Elasticsearch”,“prevState”:“uninitialized”,“prevMsg”:“uninitialized”}

{“type”:“log”,“@timestamp”:“2019-03-18T22:00:42Z”,“tags”:[“status”,“plugin:elasticsearch@6.5.4”,“info”],“pid”:14882,“state”:“green”,“message”:“Status changed from yellow to green - Ready”,“prevState”:“yellow”,“prevMsg”:“Waiting for Elasticsearch”}

{“type”:“log”,“@timestamp”:“2019-03-18T22:00:42Z”,“tags”:[“license”,“info”,“xpack”],“pid”:14882,“message”:“Imported license information from Elasticsearch for the [data] cluster: mode: basic | status: active”}

{“type”:“log”,“@timestamp”:“2019-03-18T22:00:42Z”,“tags”:[“status”,“plugin:xpack_main@6.5.4”,“info”],“pid”:14882,“state”:“green”,“message”:“Status changed from yellow to green - Ready”,“prevState”:“yellow”,“prevMsg”:“Waiting for Elasticsearch”}

{“type”:“log”,“@timestamp”:“2019-03-18T22:00:42Z”,“tags”:[“status”,“plugin:searchprofiler@6.5.4”,“info”],“pid”:14882,“state”:“green”,“message”:“Status changed from yellow to green - Ready”,“prevState”:“yellow”,“prevMsg”:“Waiting for Elasticsearch”}

{“type”:“log”,“@timestamp”:“2019-03-18T22:00:42Z”,“tags”:[“status”,“plugin:tilemap@6.5.4”,“info”],“pid”:14882,“state”:“green”,“message”:“Status changed from yellow to green - Ready”,“prevState”:“yellow”,“prevMsg”:“Waiting for Elasticsearch”}

{“type”:“log”,“@timestamp”:“2019-03-18T22:00:42Z”,“tags”:[“status”,“plugin:index_management@6.5.4”,“info”],“pid”:14882,“state”:“green”,“message”:“Status changed from yellow to green - Ready”,“prevState”:“yellow”,“prevMsg”:“Waiting for Elasticsearch”}

{“type”:“log”,“@timestamp”:“2019-03-18T22:00:42Z”,“tags”:[“status”,“plugin:rollup@6.5.4”,“info”],“pid”:14882,“state”:“green”,“message”:“Status changed from yellow to green - Ready”,“prevState”:“yellow”,“prevMsg”:“Waiting for Elasticsearch”}

{“type”:“log”,“@timestamp”:“2019-03-18T22:00:42Z”,“tags”:[“status”,“plugin:grokdebugger@6.5.4”,“info”],“pid”:14882,“state”:“green”,“message”:“Status changed from yellow to green - Ready”,“prevState”:“yellow”,“prevMsg”:“Waiting for Elasticsearch”}

{“type”:“log”,“@timestamp”:“2019-03-18T22:00:42Z”,“tags”:[“status”,“plugin:logstash@6.5.4”,“info”],“pid”:14882,“state”:“green”,“message”:“Status changed from yellow to green - Ready”,“prevState”:“yellow”,“prevMsg”:“Waiting for Elasticsearch”}

{“type”:“log”,“@timestamp”:“2019-03-18T22:00:42Z”,“tags”:[“status”,“plugin:beats_management@6.5.4”,“info”],“pid”:14882,“state”:“green”,“message”:“Status changed from yellow to green - Ready”,“prevState”:“yellow”,“prevMsg”:“Waiting for Elasticsearch”}

{“type”:“log”,“@timestamp”:“2019-03-18T22:00:42Z”,“tags”:[“status”,“plugin:reporting@6.5.4”,“info”],“pid”:14882,“state”:“green”,“message”:“Status changed from yellow to green - Ready”,“prevState”:“yellow”,“prevMsg”:“Waiting for Elasticsearch”}

{“type”:“log”,“@timestamp”:“2019-03-18T22:00:42Z”,“tags”:[“reporting”,“warning”],“pid”:14882,“message”:“Enabling the Chromium sandbox provides an additional layer of protection.”}

{“type”:“log”,“@timestamp”:“2019-03-18T22:00:43Z”,“tags”:[“listening”,“info”],“pid”:14882,“message”:“Server running at https://10.10.10.15:5601”}

{“type”:“error”,“@timestamp”:“2019-03-18T22:00:45Z”,“tags”:[“connection”,“client”,“error”],“pid”:14882,“level”:“error”,“error”:{“message”:“socket hang up”,“name”:“Error”,“stack”:“Error: socket hang up\n at TLSSocket. (_tls_wrap.js:890:25)\n at emitOne (events.js:121:20)\n at TLSSocket.emit (events.js:211:7)\n at _handle.close (net.js:561:12)\n at Socket.done (_tls_wrap.js:360:7)\n at Object.onceWrapper (events.js:315:30)\n at emitOne (events.js:116:13)\n at Socket.emit (events.js:211:7)\n at TCP._handle.close [as _onclose] (net.js:561:12)”,“code”:“ECONNRESET”},“message”:“socket hang up”}

When i started kibana service it has created index (.kibana_1) on elasticsearch.

While i hit url(https://test-kibana.example.com:443) to login to dashboard getting all these logs in kibana.stdout, moreover it’s not allow me login using some basic credentials.

{“type”:“response”,“@timestamp”:“2019-03-18T22:19:24Z”,“tags”:,“pid”:17460,“method”:“get”,“statusCode”:302,“req”:{“url”:“/”,“method”:“get”,“headers”:{“host”:“test-kibana.example.com”,“connection”:“keep-alive”,“upgrade-insecure-requests”:“1”,“user-agent”:“Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36”,“accept”:“text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8”,“accept-encoding”:“gzip, deflate, br”,“accept-language”:“en-US,en;q=0.9”},“remoteAddress”:“10.28.10.10”,“userAgent”:“10.28.10.10”},“res”:{“statusCode”:302,“responseTime”:3,“contentLength”:9},“message”:“GET / 302 3ms - 9.0B”}

{“type”:“response”,“@timestamp”:“2019-03-18T22:19:24Z”,“tags”:,“pid”:17460,“method”:“get”,“statusCode”:200,“req”:{“url”:“/login?nextUrl=%2F”,“method”:“get”,“headers”:{“host”:“test-kibana.example.com”,“connection”:“keep-alive”,“upgrade-insecure-requests”:“1”,“user-agent”:“Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36”,“accept”:“text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8”,“accept-encoding”:“gzip, deflate, br”,“accept-language”:“en-US,en;q=0.9”},“remoteAddress”:“10.28.10.10”,“userAgent”:“10.28.10.10”},“res”:{“statusCode”:200,“responseTime”:8,“contentLength”:9},“message”:“GET /login?nextUrl=%2F 200 8ms - 9.0B”}

{“type”:“response”,“@timestamp”:“2019-03-18T22:19:24Z”,“tags”:,“pid”:17460,“method”:“get”,“statusCode”:304,“req”:{“url”:“/bundles/app/searchguard-login/bootstrap.js”,“method”:“get”,“headers”:{“host”:“test-kibana.example.com”,“connection”:“keep-alive”,“user-agent”:“Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36”,“accept”:“/”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F",“accept-encoding”:"gzip, deflate, br”,“accept-language”:“en-US,en;q=0.9”,“if-none-match”:“"c543687fc02fbf3744b6b36cc12f4908a9b2604d-gzip"”},“remoteAddress”:“10.28.10.10”,“userAgent”:“10.28.10.10”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F"},“res”:{“statusCode”:304,“responseTime”:7,“contentLength”:9},“message”:"GET /bundles/app/searchguard-login/bootstrap.js 304 7ms - 9.0B”}

{“type”:“response”,“@timestamp”:“2019-03-18T22:19:24Z”,“tags”:,“pid”:17460,“method”:“get”,“statusCode”:304,“req”:{“url”:“/bundles/vendors.style.css”,“method”:“get”,“headers”:{“host”:“test-kibana.example.com”,“connection”:“keep-alive”,“user-agent”:“Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36”,“accept”:“text/css,/;q=0.1”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F",“accept-encoding”:"gzip, deflate, br”,“accept-language”:“en-US,en;q=0.9”,“if-none-match”:“"3c5c2110a1de487057185bd475a79d4c1082d31c-/bundles/-gzip"”},“remoteAddress”:“10.28.10.10”,“userAgent”:“10.28.10.10”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F"},“res”:{“statusCode”:304,“responseTime”:2,“contentLength”:9},“message”:"GET /bundles/vendors.style.css 304 2ms - 9.0B”}

{“type”:“response”,“@timestamp”:“2019-03-18T22:19:24Z”,“tags”:,“pid”:17460,“method”:“get”,“statusCode”:304,“req”:{“url”:“/bundles/commons.style.css”,“method”:“get”,“headers”:{“host”:“test-kibana.example.com”,“connection”:“keep-alive”,“user-agent”:“Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36”,“accept”:“text/css,/;q=0.1”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F",“accept-encoding”:"gzip, deflate, br”,“accept-language”:“en-US,en;q=0.9”,“if-none-match”:“"9e4e3f987f8362ad547a3e785e6598fbe474d322-/bundles/-gzip"”},“remoteAddress”:“10.28.10.10”,“userAgent”:“10.28.10.10”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F"},“res”:{“statusCode”:304,“responseTime”:1,“contentLength”:9},“message”:"GET /bundles/commons.style.css 304 1ms - 9.0B”}

{“type”:“response”,“@timestamp”:“2019-03-18T22:19:24Z”,“tags”:,“pid”:17460,“method”:“get”,“statusCode”:304,“req”:{“url”:“/plugins/vega/index.css”,“method”:“get”,“headers”:{“host”:“test-kibana.example.com”,“connection”:“keep-alive”,“user-agent”:“Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36”,“accept”:“text/css,/;q=0.1”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F",“accept-encoding”:"gzip, deflate, br”,“accept-language”:“en-US,en;q=0.9”,“if-none-match”:“"00d4c2d774dd65a55fc1e7f63ee3cba86dd8ae14-gzip"”,“if-modified-since”:“Mon, 17 Dec 2018 21:40:29 GMT”},“remoteAddress”:“10.28.10.10”,“userAgent”:“10.28.10.10”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F"},“res”:{“statusCode”:304,“responseTime”:2,“contentLength”:9},“message”:"GET /plugins/vega/index.css 304 2ms - 9.0B”}

{“type”:“response”,“@timestamp”:“2019-03-18T22:19:24Z”,“tags”:,“pid”:17460,“method”:“get”,“statusCode”:304,“req”:{“url”:“/bundles/searchguard-login.style.css”,“method”:“get”,“headers”:{“host”:“test-kibana.example.com”,“connection”:“keep-alive”,“user-agent”:“Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36”,“accept”:“text/css,/;q=0.1”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F",“accept-encoding”:"gzip, deflate, br”,“accept-language”:“en-US,en;q=0.9”,“if-none-match”:“"04a982f2ffc1681c3ff0da90b3f7d41736864cd5-/bundles/-gzip"”},“remoteAddress”:“10.28.10.10”,“userAgent”:“10.28.10.10”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F"},“res”:{“statusCode”:304,“responseTime”:5,“contentLength”:9},“message”:"GET /bundles/searchguard-login.style.css 304 5ms - 9.0B”}

{“type”:“response”,“@timestamp”:“2019-03-18T22:19:24Z”,“tags”:,“pid”:17460,“method”:“get”,“statusCode”:304,“req”:{“url”:“/plugins/kibana/index.css”,“method”:“get”,“headers”:{“host”:“test-kibana.example.com”,“connection”:“keep-alive”,“user-agent”:“Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36”,“accept”:“text/css,/;q=0.1”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F",“accept-encoding”:"gzip, deflate, br”,“accept-language”:“en-US,en;q=0.9”,“if-none-match”:“"edbe6533dfdaaaa779819137c70d2cf12d628934-gzip"”,“if-modified-since”:“Mon, 17 Dec 2018 21:40:29 GMT”},“remoteAddress”:“10.28.10.10”,“userAgent”:“10.28.10.10”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F"},“res”:{“statusCode”:304,“responseTime”:4,“contentLength”:9},“message”:"GET /plugins/kibana/index.css 304 4ms - 9.0B”}

{“type”:“response”,“@timestamp”:“2019-03-18T22:19:24Z”,“tags”:,“pid”:17460,“method”:“get”,“statusCode”:304,“req”:{“url”:“/plugins/console/index.css”,“method”:“get”,“headers”:{“host”:“test-kibana.example.com”,“connection”:“keep-alive”,“user-agent”:“Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36”,“accept”:“text/css,/;q=0.1”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F",“accept-encoding”:"gzip, deflate, br”,“accept-language”:“en-US,en;q=0.9”,“if-none-match”:“"90cd62eb95bbc2eb75143c3e879287c770359f20-gzip"”,“if-modified-since”:“Mon, 17 Dec 2018 21:40:29 GMT”},“remoteAddress”:“10.28.10.10”,“userAgent”:“10.28.10.10”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F"},“res”:{“statusCode”:304,“responseTime”:4,“contentLength”:9},“message”:"GET /plugins/console/index.css 304 4ms - 9.0B”}

{“type”:“response”,“@timestamp”:“2019-03-18T22:19:24Z”,“tags”:,“pid”:17460,“method”:“get”,“statusCode”:304,“req”:{“url”:“/plugins/canvas/style/index.css”,“method”:“get”,“headers”:{“host”:“test-kibana.example.com”,“connection”:“keep-alive”,“user-agent”:“Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36”,“accept”:“text/css,/;q=0.1”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F",“accept-encoding”:"gzip, deflate, br”,“accept-language”:“en-US,en;q=0.9”,“if-none-match”:“"a50954176de5b839059382ac8b49f5a8cc0b3b97-gzip"”,“if-modified-since”:“Mon, 17 Dec 2018 21:40:29 GMT”},“remoteAddress”:“10.28.10.10”,“userAgent”:“10.28.10.10”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F"},“res”:{“statusCode”:304,“responseTime”:2,“contentLength”:9},“message”:"GET /plugins/canvas/style/index.css 304 2ms - 9.0B”}

{“type”:“response”,“@timestamp”:“2019-03-18T22:19:24Z”,“tags”:,“pid”:17460,“method”:“get”,“statusCode”:304,“req”:{“url”:“/plugins/timelion/index.css”,“method”:“get”,“headers”:{“host”:“test-kibana.example.com”,“connection”:“keep-alive”,“user-agent”:“Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36”,“accept”:“text/css,/;q=0.1”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F",“accept-encoding”:"gzip, deflate, br”,“accept-language”:“en-US,en;q=0.9”,“if-none-match”:“"426fb451292b92189019f5072050b7568ddc04ab-gzip"”,“if-modified-since”:“Mon, 17 Dec 2018 21:40:29 GMT”},“remoteAddress”:“10.28.10.10”,“userAgent”:“10.28.10.10”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F"},“res”:{“statusCode”:304,“responseTime”:2,“contentLength”:9},“message”:"GET /plugins/timelion/index.css 304 2ms - 9.0B”}

{“type”:“response”,“@timestamp”:“2019-03-18T22:19:24Z”,“tags”:,“pid”:17460,“method”:“get”,“statusCode”:304,“req”:{“url”:“/plugins/tile_map/index.css”,“method”:“get”,“headers”:{“host”:“test-kibana.example.com”,“connection”:“keep-alive”,“user-agent”:“Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36”,“accept”:“text/css,/;q=0.1”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F",“accept-encoding”:"gzip, deflate, br”,“accept-language”:“en-US,en;q=0.9”,“if-none-match”:“"2ef9007d20c88445828bd0ee76b2a0fac494d742-gzip"”,“if-modified-since”:“Mon, 17 Dec 2018 21:40:29 GMT”},“remoteAddress”:“10.28.10.10”,“userAgent”:“10.28.10.10”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F"},“res”:{“statusCode”:304,“responseTime”:1,“contentLength”:9},“message”:"GET /plugins/tile_map/index.css 304 1ms - 9.0B”}

{“type”:“response”,“@timestamp”:“2019-03-18T22:19:24Z”,“tags”:,“pid”:17460,“method”:“get”,“statusCode”:304,“req”:{“url”:“/plugins/tagcloud/index.css”,“method”:“get”,“headers”:{“host”:“test-kibana.example.com”,“connection”:“keep-alive”,“user-agent”:“Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36”,“accept”:“text/css,/;q=0.1”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F",“accept-encoding”:"gzip, deflate, br”,“accept-language”:“en-US,en;q=0.9”,“if-none-match”:“"49198202c1346338d8d111ed5e6a042f36e03293-gzip"”,“if-modified-since”:“Mon, 17 Dec 2018 21:40:29 GMT”},“remoteAddress”:“10.28.10.10”,“userAgent”:“10.28.10.10”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F"},“res”:{“statusCode”:304,“responseTime”:5,“contentLength”:9},“message”:"GET /plugins/tagcloud/index.css 304 5ms - 9.0B”}

{“type”:“response”,“@timestamp”:“2019-03-18T22:19:24Z”,“tags”:,“pid”:17460,“method”:“get”,“statusCode”:304,“req”:{“url”:“/plugins/table_vis/index.css”,“method”:“get”,“headers”:{“host”:“test-kibana.example.com”,“connection”:“keep-alive”,“user-agent”:“Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36”,“accept”:“text/css,/;q=0.1”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F",“accept-encoding”:"gzip, deflate, br”,“accept-language”:“en-US,en;q=0.9”,“if-none-match”:“"74915553c7fe89d9f907bb256d84ed185d820764-gzip"”,“if-modified-since”:“Mon, 17 Dec 2018 21:40:29 GMT”},“remoteAddress”:“10.28.10.10”,“userAgent”:“10.28.10.10”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F"},“res”:{“statusCode”:304,“responseTime”:5,“contentLength”:9},“message”:"GET /plugins/table_vis/index.css 304 5ms - 9.0B”}

{“type”:“response”,“@timestamp”:“2019-03-18T22:19:24Z”,“tags”:,“pid”:17460,“method”:“get”,“statusCode”:304,“req”:{“url”:“/plugins/status_page/index.css”,“method”:“get”,“headers”:{“host”:“test-kibana.example.com”,“connection”:“keep-alive”,“user-agent”:“Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36”,“accept”:“text/css,/;q=0.1”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F",“accept-encoding”:"gzip, deflate, br”,“accept-language”:“en-US,en;q=0.9”,“if-none-match”:“"655ac781c20c2c5cef0ae555a94c59df29b8e001-gzip"”,“if-modified-since”:“Mon, 17 Dec 2018 21:40:29 GMT”},“remoteAddress”:“10.28.10.10”,“userAgent”:“10.28.10.10”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F"},“res”:{“statusCode”:304,“responseTime”:6,“contentLength”:9},“message”:"GET /plugins/status_page/index.css 304 6ms - 9.0B”}

{“type”:“response”,“@timestamp”:“2019-03-18T22:19:25Z”,“tags”:,“pid”:17460,“method”:“get”,“statusCode”:304,“req”:{“url”:“/plugins/metric_vis/index.css”,“method”:“get”,“headers”:{“host”:“test-kibana.example.com”,“connection”:“keep-alive”,“user-agent”:“Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36”,“accept”:“text/css,/;q=0.1”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F",“accept-encoding”:"gzip, deflate, br”,“accept-language”:“en-US,en;q=0.9”,“if-none-match”:“"ea491163abd9620319395dfe56b78b7abe712731-gzip"”,“if-modified-since”:“Mon, 17 Dec 2018 21:40:29 GMT”},“remoteAddress”:“10.28.10.10”,“userAgent”:“10.28.10.10”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F"},“res”:{“statusCode”:304,“responseTime”:2,“contentLength”:9},“message”:"GET /plugins/metric_vis/index.css 304 2ms - 9.0B”}

{“type”:“response”,“@timestamp”:“2019-03-18T22:19:25Z”,“tags”:,“pid”:17460,“method”:“get”,“statusCode”:304,“req”:{“url”:“/plugins/region_map/index.css”,“method”:“get”,“headers”:{“host”:“test-kibana.example.com”,“connection”:“keep-alive”,“user-agent”:“Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36”,“accept”:“text/css,/;q=0.1”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F",“accept-encoding”:"gzip, deflate, br”,“accept-language”:“en-US,en;q=0.9”,“if-none-match”:“"da8bf17c724f2310eb402ee445c30e0815bdf861-gzip"”,“if-modified-since”:“Mon, 17 Dec 2018 21:40:29 GMT”},“remoteAddress”:“10.28.10.10”,“userAgent”:“10.28.10.10”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F"},“res”:{“statusCode”:304,“responseTime”:2,“contentLength”:9},“message”:"GET /plugins/region_map/index.css 304 2ms - 9.0B”}

{“type”:“response”,“@timestamp”:“2019-03-18T22:19:25Z”,“tags”:,“pid”:17460,“method”:“get”,“statusCode”:304,“req”:{“url”:“/plugins/markdown_vis/index.css”,“method”:“get”,“headers”:{“host”:“test-kibana.example.com”,“connection”:“keep-alive”,“user-agent”:“Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36”,“accept”:“text/css,/;q=0.1”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F",“accept-encoding”:"gzip, deflate, br”,“accept-language”:“en-US,en;q=0.9”,“if-none-match”:“"27861bb9ed5c08248103739bf5a3583c2052dfb7-gzip"”,“if-modified-since”:“Mon, 17 Dec 2018 21:40:29 GMT”},“remoteAddress”:“10.28.10.10”,“userAgent”:“10.28.10.10”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F"},“res”:{“statusCode”:304,“responseTime”:1,“contentLength”:9},“message”:"GET /plugins/markdown_vis/index.css 304 1ms - 9.0B”}

{“type”:“response”,“@timestamp”:“2019-03-18T22:19:25Z”,“tags”:,“pid”:17460,“method”:“get”,“statusCode”:304,“req”:{“url”:“/plugins/inspector_views/index.css”,“method”:“get”,“headers”:{“host”:“test-kibana.example.com”,“connection”:“keep-alive”,“user-agent”:“Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36”,“accept”:“text/css,/;q=0.1”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F",“accept-encoding”:"gzip, deflate, br”,“accept-language”:“en-US,en;q=0.9”,“if-none-match”:“"d1cb1233a2936f380cb6aadd95713e3bfcc909e5-gzip"”,“if-modified-since”:“Mon, 17 Dec 2018 21:40:29 GMT”},“remoteAddress”:“10.28.10.10”,“userAgent”:“10.28.10.10”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F"},“res”:{“statusCode”:304,“responseTime”:2,“contentLength”:9},“message”:"GET /plugins/inspector_views/index.css 304 2ms - 9.0B”}

{“type”:“response”,“@timestamp”:“2019-03-18T22:19:25Z”,“tags”:,“pid”:17460,“method”:“get”,“statusCode”:304,“req”:{“url”:“/plugins/rollup/index.css”,“method”:“get”,“headers”:{“host”:“test-kibana.example.com”,“connection”:“keep-alive”,“user-agent”:“Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36”,“accept”:“text/css,/;q=0.1”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F",“accept-encoding”:"gzip, deflate, br”,“accept-language”:“en-US,en;q=0.9”,“if-none-match”:“"165837cc0fb48b6ad17a5e5ace2f752ba45dc0ba-gzip"”,“if-modified-since”:“Mon, 17 Dec 2018 21:40:29 GMT”},“remoteAddress”:“10.28.10.10”,“userAgent”:“10.28.10.10”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F"},“res”:{“statusCode”:304,“responseTime”:1,“contentLength”:9},“message”:"GET /plugins/rollup/index.css 304 1ms - 9.0B”}

{“type”:“response”,“@timestamp”:“2019-03-18T22:19:25Z”,“tags”:,“pid”:17460,“method”:“get”,“statusCode”:304,“req”:{“url”:“/plugins/input_control_vis/index.css”,“method”:“get”,“headers”:{“host”:“test-kibana.example.com”,“connection”:“keep-alive”,“user-agent”:“Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36”,“accept”:“text/css,/;q=0.1”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F",“accept-encoding”:"gzip, deflate, br”,“accept-language”:“en-US,en;q=0.9”,“if-none-match”:“"99f0910a430c98d657e8e0b4aadf260170b7b745-gzip"”,“if-modified-since”:“Mon, 17 Dec 2018 21:40:29 GMT”},“remoteAddress”:“10.28.10.10”,“userAgent”:“10.28.10.10”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F"},“res”:{“statusCode”:304,“responseTime”:2,“contentLength”:9},“message”:"GET /plugins/input_control_vis/index.css 304 2ms - 9.0B”}

{“type”:“response”,“@timestamp”:“2019-03-18T22:19:25Z”,“tags”:,“pid”:17460,“method”:“get”,“statusCode”:304,“req”:{“url”:“/plugins/index_management/index.css”,“method”:“get”,“headers”:{“host”:“test-kibana.example.com”,“connection”:“keep-alive”,“user-agent”:“Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36”,“accept”:“text/css,/;q=0.1”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F",“accept-encoding”:"gzip, deflate, br”,“accept-language”:“en-US,en;q=0.9”,“if-none-match”:“"d1aa520f78ab54a9f740b8a50ee8735a1805898f-gzip"”,“if-modified-since”:“Mon, 17 Dec 2018 21:40:29 GMT”},“remoteAddress”:“10.28.10.10”,“userAgent”:“10.28.10.10”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F"},“res”:{“statusCode”:304,“responseTime”:2,“contentLength”:9},“message”:"GET /plugins/index_management/index.css 304 2ms - 9.0B”}

{“type”:“response”,“@timestamp”:“2019-03-18T22:19:25Z”,“tags”:,“pid”:17460,“method”:“get”,“statusCode”:304,“req”:{“url”:“/plugins/searchprofiler/index.css”,“method”:“get”,“headers”:{“host”:“test-kibana.example.com”,“connection”:“keep-alive”,“user-agent”:“Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36”,“accept”:“text/css,/;q=0.1”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F",“accept-encoding”:"gzip, deflate, br”,“accept-language”:“en-US,en;q=0.9”,“if-none-match”:“"fdd633559f0864ace51268c661d47f7510746b6b-gzip"”,“if-modified-since”:“Mon, 17 Dec 2018 21:40:29 GMT”},“remoteAddress”:“10.28.10.10”,“userAgent”:“10.28.10.10”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F"},“res”:{“statusCode”:304,“responseTime”:3,“contentLength”:9},“message”:"GET /plugins/searchprofiler/index.css 304 3ms - 9.0B”}

{“type”:“response”,“@timestamp”:“2019-03-18T22:19:25Z”,“tags”:,“pid”:17460,“method”:“get”,“statusCode”:304,“req”:{“url”:“/plugins/license_management/index.css”,“method”:“get”,“headers”:{“host”:“test-kibana.example.com”,“connection”:“keep-alive”,“user-agent”:“Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36”,“accept”:“text/css,/;q=0.1”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F",“accept-encoding”:"gzip, deflate, br”,“accept-language”:“en-US,en;q=0.9”,“if-none-match”:“"6c45dade0714ad364f9a667835df86a27c293bff-gzip"”,“if-modified-since”:“Mon, 17 Dec 2018 21:40:29 GMT”},“remoteAddress”:“10.28.10.10”,“userAgent”:“10.28.10.10”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F"},“res”:{“statusCode”:304,“responseTime”:1,“contentLength”:9},“message”:"GET /plugins/license_management/index.css 304 1ms - 9.0B”}

{“type”:“response”,“@timestamp”:“2019-03-18T22:19:25Z”,“tags”:,“pid”:17460,“method”:“get”,“statusCode”:304,“req”:{“url”:“/bundles/vendors.bundle.js”,“method”:“get”,“headers”:{“host”:“test-kibana.example.com”,“connection”:“keep-alive”,“user-agent”:“Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36”,“accept”:“/”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F",“accept-encoding”:"gzip, deflate, br”,“accept-language”:“en-US,en;q=0.9”,“if-none-match”:“"224319971212a637f7ced9ac7fae25c6daac20ed-/bundles/-gzip"”},“remoteAddress”:“10.28.10.10”,“userAgent”:“10.28.10.10”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F"},“res”:{“statusCode”:304,“responseTime”:2,“contentLength”:9},“message”:"GET /bundles/vendors.bundle.js 304 2ms - 9.0B”}

{“type”:“response”,“@timestamp”:“2019-03-18T22:19:25Z”,“tags”:,“pid”:17460,“method”:“get”,“statusCode”:304,“req”:{“url”:“/bundles/commons.bundle.js”,“method”:“get”,“headers”:{“host”:“test-kibana.example.com”,“connection”:“keep-alive”,“user-agent”:“Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36”,“accept”:“/”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F",“accept-encoding”:"gzip, deflate, br”,“accept-language”:“en-US,en;q=0.9”,“if-none-match”:“"5ac308cb01a978046fab92de30a1252acbec181f-/bundles/-gzip"”},“remoteAddress”:“10.28.10.10”,“userAgent”:“10.28.10.10”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F"},“res”:{“statusCode”:304,“responseTime”:1,“contentLength”:9},“message”:"GET /bundles/commons.bundle.js 304 1ms - 9.0B”}

{“type”:“response”,“@timestamp”:“2019-03-18T22:19:26Z”,“tags”:,“pid”:17460,“method”:“get”,“statusCode”:304,“req”:{“url”:“/bundles/searchguard-login.bundle.js”,“method”:“get”,“headers”:{“host”:“test-kibana.example.com”,“connection”:“keep-alive”,“user-agent”:“Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36”,“accept”:“/”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F",“accept-encoding”:"gzip, deflate, br”,“accept-language”:“en-US,en;q=0.9”,“if-none-match”:“"3810df8212beb600d74d52c8c357f170fa1f04d4-/bundles/-gzip"”},“remoteAddress”:“10.28.10.10”,“userAgent”:“10.28.10.10”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F"},“res”:{“statusCode”:304,“responseTime”:2,“contentLength”:9},“message”:"GET /bundles/searchguard-login.bundle.js 304 2ms - 9.0B”}

{“type”:“response”,“@timestamp”:“2019-03-18T22:19:27Z”,“tags”:,“pid”:17460,“method”:“get”,“statusCode”:304,“req”:{“url”:“/ui/fonts/open_sans/open_sans_v15_latin_regular.woff2”,“method”:“get”,“headers”:{“host”:“test-kibana.example.com”,“connection”:“keep-alive”,“origin”:“https://test-kibana.example.com”,“user-agent”:“Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36”,“accept”:“/”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F",“accept-encoding”:"gzip, deflate, br”,“accept-language”:“en-US,en;q=0.9”,“if-none-match”:“"2c07a9656f1e38da408f20f1cf11581a15cbd7a2"”,“if-modified-since”:“Mon, 17 Dec 2018 21:40:29 GMT”},“remoteAddress”:“10.28.10.10”,“userAgent”:“10.28.10.10”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F"},“res”:{“statusCode”:304,“responseTime”:3,“contentLength”:9},“message”:"GET /ui/fonts/open_sans/open_sans_v15_latin_regular.woff2 304 3ms - 9.0B”}

{“type”:“response”,“@timestamp”:“2019-03-18T22:19:27Z”,“tags”:,“pid”:17460,“method”:“get”,“statusCode”:304,“req”:{“url”:“/bundles/4b5a84aaf1c9485e060c503a0ff8cadb.woff2”,“method”:“get”,“headers”:{“host”:“test-kibana.example.com”,“connection”:“keep-alive”,“origin”:“https://test-kibana.example.com”,“user-agent”:“Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36”,“accept”:“/”,“referer”:“https://test-kibana.example.com/bundles/commons.style.css",“accept-encoding”:"gzip, deflate, br”,“accept-language”:“en-US,en;q=0.9”,“if-none-match”:“"574ea2698c03ae9477db2ea3baf460ee32f1a7ea"”,“if-modified-since”:“Mon, 18 Mar 2019 20:04:12 GMT”},“remoteAddress”:“10.28.10.10”,“userAgent”:“10.28.10.10”,“referer”:“https://test-kibana.example.com/bundles/commons.style.css"},“res”:{“statusCode”:304,“responseTime”:1,“contentLength”:9},“message”:"GET /bundles/4b5a84aaf1c9485e060c503a0ff8cadb.woff2 304 1ms - 9.0B”}

{“type”:“response”,“@timestamp”:“2019-03-18T22:19:27Z”,“tags”:,“pid”:17460,“method”:“get”,“statusCode”:304,“req”:{“url”:“/ui/fonts/open_sans/open_sans_v15_latin_700.woff2”,“method”:“get”,“headers”:{“host”:“test-kibana.example.com”,“connection”:“keep-alive”,“origin”:“https://test-kibana.example.com”,“user-agent”:“Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36”,“accept”:“/”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F",“accept-encoding”:"gzip, deflate, br”,“accept-language”:“en-US,en;q=0.9”,“if-none-match”:“"5a6a45d6f98752b11ccb7c4f0f6fd7faf18ad1a7"”,“if-modified-since”:“Mon, 17 Dec 2018 21:40:29 GMT”},“remoteAddress”:“10.28.10.10”,“userAgent”:“10.28.10.10”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F"},“res”:{“statusCode”:304,“responseTime”:4,“contentLength”:9},“message”:"GET /ui/fonts/open_sans/open_sans_v15_latin_700.woff2 304 4ms - 9.0B”}

{“type”:“response”,“@timestamp”:“2019-03-18T22:19:27Z”,“tags”:,“pid”:17460,“method”:“get”,“statusCode”:304,“req”:{“url”:“/plugins/searchguard/assets/searchguard_logo.svg”,“method”:“get”,“headers”:{“host”:“test-kibana.example.com”,“connection”:“keep-alive”,“user-agent”:“Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36”,“accept”:“image/webp,image/apng,image/,/*;q=0.8”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F",“accept-encoding”:"gzip, deflate, br”,“accept-language”:“en-US,en;q=0.9”,“if-none-match”:“"2c06bacc5016ab96536cf64e689f3819ba9646fa-gzip"”,“if-modified-since”:“Mon, 18 Mar 2019 19:35:07 GMT”},“remoteAddress”:“10.28.10.10”,“userAgent”:“10.28.10.10”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F"},“res”:{“statusCode”:304,“responseTime”:1,“contentLength”:9},“message”:"GET /plugins/searchguard/assets/searchguard_logo.svg 304 1ms - 9.0B”}

{“type”:“response”,“@timestamp”:“2019-03-18T22:19:27Z”,“tags”:,“pid”:17460,“method”:“get”,“statusCode”:304,“req”:{“url”:“/plugins/kibana/assets/discover.svg”,“method”:“get”,“headers”:{“host”:“test-kibana.example.com”,“connection”:“keep-alive”,“user-agent”:“Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36”,“accept”:“image/webp,image/apng,image/,/*;q=0.8”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F",“accept-encoding”:"gzip, deflate, br”,“accept-language”:“en-US,en;q=0.9”,“if-none-match”:“"c4035451a8e776d0f0cd354a825ec432ad06884e-gzip"”,“if-modified-since”:“Mon, 17 Dec 2018 21:40:29 GMT”},“remoteAddress”:“10.28.10.10”,“userAgent”:“10.28.10.10”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F"},“res”:{“statusCode”:304,“responseTime”:2,“contentLength”:9},“message”:"GET /plugins/kibana/assets/discover.svg 304 2ms - 9.0B”}

{“type”:“error”,“@timestamp”:“2019-03-18T22:19:27Z”,“tags”:,“pid”:17460,“level”:“error”,“error”:{“message”:“No Living connections: No Living connections”,“name”:“Error”,“stack”:“Error: No Living connections\n at sendReqWithConnection (/usr/share/kibana/node_modules/elasticsearch/src/lib/transport.js:226:15)\n at next (/usr/share/kibana/node_modules/elasticsearch/src/lib/connection_pool.js:214:7)\n at _combinedTickCallback (internal/process/next_tick.js:132:7)\n at process._tickDomainCallback (internal/process/next_tick.js:219:9)”},“url”:{“protocol”:null,“slashes”:null,“auth”:null,“host”:null,“port”:null,“hostname”:null,“hash”:null,“search”:“”,“query”:{},“pathname”:“/api/v1/systeminfo”,“path”:“/api/v1/systeminfo”,“href”:“/api/v1/systeminfo”},“message”:“No Living connections: No Living connections”}

{“type”:“response”,“@timestamp”:“2019-03-18T22:19:27Z”,“tags”:,“pid”:17460,“method”:“get”,“statusCode”:500,“req”:{“url”:“/api/v1/systeminfo”,“method”:“get”,“headers”:{“host”:“test-kibana.example.com”,“connection”:“keep-alive”,“accept”:“application/json, text/plain, /”,“kbn-version”:“6.5.4”,“user-agent”:“Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F",“accept-encoding”:"gzip, deflate, br”,“accept-language”:“en-US,en;q=0.9”},“remoteAddress”:“10.28.10.10”,“userAgent”:“10.28.10.10”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F"},“res”:{“statusCode”:500,“responseTime”:55,“contentLength”:9},“message”:"GET /api/v1/systeminfo 500 55ms - 9.0B”}

{“type”:“response”,“@timestamp”:“2019-03-18T22:19:27Z”,“tags”:,“pid”:17460,“method”:“get”,“statusCode”:304,“req”:{“url”:“/plugins/kibana/assets/visualize.svg”,“method”:“get”,“headers”:{“host”:“test-kibana.example.com”,“connection”:“keep-alive”,“user-agent”:“Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36”,“accept”:“image/webp,image/apng,image/,/*;q=0.8”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F",“accept-encoding”:"gzip, deflate, br”,“accept-language”:“en-US,en;q=0.9”,“if-none-match”:“"4cc79a4d91bd0380d0c82a6b092f339d185670ef-gzip"”,“if-modified-since”:“Mon, 17 Dec 2018 21:40:29 GMT”},“remoteAddress”:“10.28.10.10”,“userAgent”:“10.28.10.10”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F"},“res”:{“statusCode”:304,“responseTime”:2,“contentLength”:9},“message”:"GET /plugins/kibana/assets/visualize.svg 304 2ms - 9.0B”}

{“type”:“response”,“@timestamp”:“2019-03-18T22:19:27Z”,“tags”:,“pid”:17460,“method”:“get”,“statusCode”:304,“req”:{“url”:“/plugins/kibana/assets/dashboard.svg”,“method”:“get”,“headers”:{“host”:“test-kibana.example.com”,“connection”:“keep-alive”,“user-agent”:“Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36”,“accept”:“image/webp,image/apng,image/,/*;q=0.8”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F",“accept-encoding”:"gzip, deflate, br”,“accept-language”:“en-US,en;q=0.9”,“if-none-match”:“"42c2161fa64691414784868afdd722444460763a-gzip"”,“if-modified-since”:“Mon, 17 Dec 2018 21:40:29 GMT”},“remoteAddress”:“10.28.10.10”,“userAgent”:“10.28.10.10”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F"},“res”:{“statusCode”:304,“responseTime”:3,“contentLength”:9},“message”:"GET /plugins/kibana/assets/dashboard.svg 304 3ms - 9.0B”}

{“type”:“response”,“@timestamp”:“2019-03-18T22:19:27Z”,“tags”:,“pid”:17460,“method”:“get”,“statusCode”:304,“req”:{“url”:“/plugins/timelion/icon.svg”,“method”:“get”,“headers”:{“host”:“test-kibana.example.com”,“connection”:“keep-alive”,“user-agent”:“Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36”,“accept”:“image/webp,image/apng,image/,/*;q=0.8”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F",“accept-encoding”:"gzip, deflate, br”,“accept-language”:“en-US,en;q=0.9”,“if-none-match”:“"cb793d5314d680b7d5ce130f0393a70b51989541-gzip"”,“if-modified-since”:“Mon, 17 Dec 2018 21:40:29 GMT”},“remoteAddress”:“10.28.10.10”,“userAgent”:“10.28.10.10”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F"},“res”:{“statusCode”:304,“responseTime”:5,“contentLength”:9},“message”:"GET /plugins/timelion/icon.svg 304 5ms - 9.0B”}

{“type”:“response”,“@timestamp”:“2019-03-18T22:19:27Z”,“tags”:,“pid”:17460,“method”:“get”,“statusCode”:304,“req”:{“url”:“/plugins/canvas/icon.svg”,“method”:“get”,“headers”:{“host”:“test-kibana.example.com”,“connection”:“keep-alive”,“user-agent”:“Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36”,“accept”:“image/webp,image/apng,image/,/*;q=0.8”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F",“accept-encoding”:"gzip, deflate, br”,“accept-language”:“en-US,en;q=0.9”,“if-none-match”:“"830f37ffc1343d996973d73fe082fa87eb487b6b-gzip"”,“if-modified-since”:“Mon, 17 Dec 2018 21:40:29 GMT”},“remoteAddress”:“10.28.10.10”,“userAgent”:“10.28.10.10”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F"},“res”:{“statusCode”:304,“responseTime”:2,“contentLength”:9},“message”:"GET /plugins/canvas/icon.svg 304 2ms - 9.0B”}

{“type”:“response”,“@timestamp”:“2019-03-18T22:19:27Z”,“tags”:,“pid”:17460,“method”:“get”,“statusCode”:304,“req”:{“url”:“/plugins/infra/images/infra_mono_white.svg”,“method”:“get”,“headers”:{“host”:“test-kibana.example.com”,“connection”:“keep-alive”,“user-agent”:“Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36”,“accept”:“image/webp,image/apng,image/,/*;q=0.8”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F",“accept-encoding”:"gzip, deflate, br”,“accept-language”:“en-US,en;q=0.9”,“if-none-match”:“"16e3f30566fc6d413a9c1a0861755e2c0d385693-gzip"”,“if-modified-since”:“Mon, 17 Dec 2018 21:40:29 GMT”},“remoteAddress”:“10.28.10.10”,“userAgent”:“10.28.10.10”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F"},“res”:{“statusCode”:304,“responseTime”:1,“contentLength”:9},“message”:"GET /plugins/infra/images/infra_mono_white.svg 304 1ms - 9.0B”}

{“type”:“response”,“@timestamp”:“2019-03-18T22:19:27Z”,“tags”:,“pid”:17460,“method”:“get”,“statusCode”:304,“req”:{“url”:“/plugins/infra/images/logging_mono_white.svg”,“method”:“get”,“headers”:{“host”:“test-kibana.example.com”,“connection”:“keep-alive”,“user-agent”:“Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36”,“accept”:“image/webp,image/apng,image/,/*;q=0.8”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F",“accept-encoding”:"gzip, deflate, br”,“accept-language”:“en-US,en;q=0.9”,“if-none-match”:“"6eee95b5aac44dd76fbb99abb60a3a3429d4ada2-gzip"”,“if-modified-since”:“Mon, 17 Dec 2018 21:40:29 GMT”},“remoteAddress”:“10.28.10.10”,“userAgent”:“10.28.10.10”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F"},“res”:{“statusCode”:304,“responseTime”:1,“contentLength”:9},“message”:"GET /plugins/infra/images/logging_mono_white.svg 304 1ms - 9.0B”}

{“type”:“response”,“@timestamp”:“2019-03-18T22:19:27Z”,“tags”:,“pid”:17460,“method”:“get”,“statusCode”:304,“req”:{“url”:“/plugins/apm/icon.svg”,“method”:“get”,“headers”:{“host”:“test-kibana.example.com”,“connection”:“keep-alive”,“user-agent”:“Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36”,“accept”:“image/webp,image/apng,image/,/*;q=0.8”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F",“accept-encoding”:"gzip, deflate, br”,“accept-language”:“en-US,en;q=0.9”,“if-none-match”:“"cdb6515bc1340e806d4f17cbeea6a51eb5f40732-gzip"”,“if-modified-since”:“Mon, 17 Dec 2018 21:40:29 GMT”},“remoteAddress”:“10.28.10.10”,“userAgent”:“10.28.10.10”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F"},“res”:{“statusCode”:304,“responseTime”:1,“contentLength”:9},“message”:"GET /plugins/apm/icon.svg 304 1ms - 9.0B”}

{“type”:“response”,“@timestamp”:“2019-03-18T22:19:27Z”,“tags”:,“pid”:17460,“method”:“get”,“statusCode”:304,“req”:{“url”:“/plugins/kibana/assets/wrench.svg”,“method”:“get”,“headers”:{“host”:“test-kibana.example.com”,“connection”:“keep-alive”,“user-agent”:“Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36”,“accept”:“image/webp,image/apng,image/,/*;q=0.8”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F",“accept-encoding”:"gzip, deflate, br”,“accept-language”:“en-US,en;q=0.9”,“if-none-match”:“"088a9a98c99e406dca2354af14f688ad84826b97-gzip"”,“if-modified-since”:“Mon, 17 Dec 2018 21:40:29 GMT”},“remoteAddress”:“10.28.10.10”,“userAgent”:“10.28.10.10”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F"},“res”:{“statusCode”:304,“responseTime”:2,“contentLength”:9},“message”:"GET /plugins/kibana/assets/wrench.svg 304 2ms - 9.0B”}

{“type”:“response”,“@timestamp”:“2019-03-18T22:19:27Z”,“tags”:,“pid”:17460,“method”:“get”,“statusCode”:304,“req”:{“url”:“/plugins/kibana/assets/settings.svg”,“method”:“get”,“headers”:{“host”:“test-kibana.example.com”,“connection”:“keep-alive”,“user-agent”:“Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36”,“accept”:“image/webp,image/apng,image/,/*;q=0.8”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F",“accept-encoding”:"gzip, deflate, br”,“accept-language”:“en-US,en;q=0.9”,“if-none-match”:“"4f859e27d4917026ff1590805887902b14ce79d5-gzip"”,“if-modified-since”:“Mon, 17 Dec 2018 21:40:29 GMT”},“remoteAddress”:“10.28.10.10”,“userAgent”:“10.28.10.10”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F"},“res”:{“statusCode”:304,“responseTime”:1,“contentLength”:9},“message”:"GET /plugins/kibana/assets/settings.svg 304 1ms - 9.0B”}

{“type”:“response”,“@timestamp”:“2019-03-18T22:19:27Z”,“tags”:,“pid”:17460,“method”:“get”,“statusCode”:304,“req”:{“url”:“/plugins/kibana/assets/play-circle.svg”,“method”:“get”,“headers”:{“host”:“test-kibana.example.com”,“connection”:“keep-alive”,“user-agent”:“Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36”,“accept”:“image/webp,image/apng,image/,/*;q=0.8”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F",“accept-encoding”:"gzip, deflate, br”,“accept-language”:“en-US,en;q=0.9”,“if-none-match”:“"2433ecf38258f7121c835670b6993600e7657717-gzip"”,“if-modified-since”:“Mon, 17 Dec 2018 21:40:29 GMT”},“remoteAddress”:“10.28.10.10”,“userAgent”:“10.28.10.10”,“referer”:“https://test-kibana.example.com/login?nextUrl=%2F"},“res”:{“statusCode”:304,“responseTime”:1,“contentLength”:9},“message”:"GET /plugins/kibana/assets/play-circle.svg 304 1ms - 9.0B”}

kibana.yml

xpack.security.enabled: false

xpack.spaces.enabled: false

xpack.monitoring.enabled: false

xpack.graph.enabled: false

xpack.ml.enabled: false

xpack.watcher.enabled: false

BEGIN ANSIBLE MANAGED BLOCK

#elasticsearch.ssl.verify: true

#elasticsearch.ssl.verificationMode: none

elasticsearch.url: “https://test-elastic.example.com:443”

elasticsearch.ssl.certificateAuthorities: /root/ssl/cacert

elasticsearch.ssl.certificate: /root/ssl/test-elastic-client.example.com.pem

elasticsearch.ssl.key: /root/ssl/test-elastic-client.example.com.key

elasticsearch.username: “admin”

elasticsearch.password: “admin”

END ANSIBLE MANAGED BLOCK

server.host: “10.10.10.15”

server.name: “kibana73”

server.ssl.enabled: true

server.ssl.certificateAuthorities: /root/ssl/cacert

server.ssl.certificate: /root/ssl/test-kibana.example.com.pem

server.ssl.key: /root/ssl/test-kibana.example.com.key

···

On Sunday, March 17, 2019 at 11:12:32 AM UTC-7, Search Guard wrote:

From your config below i assume its

http://10.10.10.15:5601

With regards to your settings:

elasticsearch.ssl.certificate: /root/ssl/test-elastic-client.pem

elasticsearch.ssl.key: /root/ssl/test-elastic-client.key

in kibana.yml pls. refer to https://docs.search-guard.com/latest/kibana-plugin-installation#client-certificates-elasticsearchsslcertificate

because using client certificates is maybe not something you really want.

If you like to encrypt the access to Kibana itself (so that it would be accessible via https://10.10.10.15:5601) then set

server.ssl.enabled: true

server.ssl.certificate: /path/to/cert.pem

server.ssl.key: /path/to/key.pem

…

…

in kibana.yml as documented in https://www.elastic.co/guide/en/kibana/current/settings.html

Am 15.03.2019 um 22:01 schrieb Vijay vijayakr...@gmail.com:

Elasticsearch version: 6.5.4

Kibana: 6.5.4

Searchguard for kibana: 6.5.4-18

How can i access kibana Dashboard after installing searchguard plugin on it?

i have elasticsearch running on cluster enabled searchguard on it and service is accessible on port 443:9200

i have another server with only kibana installed on it and enabled searchguard on that server, i have included all the elasticsearch cluster and certs details in it.

Please suggest me how do i access kibana dashboard, thanks.

kibana.yml

xpack.security.enabled: false

xpack.spaces.enabled: false

xpack.monitoring.enabled: false

xpack.graph.enabled: false

xpack.ml.enabled: false

xpack.watcher.enabled: false

BEGIN ANSIBLE MANAGED BLOCK

elasticsearch.url: “https://test-elastic:443”

elasticsearch.ssl.certificateAuthorities: /root/ssl/cacert

elasticsearch.ssl.certificate: /root/ssl/test-elastic-client.pem

elasticsearch.ssl.key: /root/ssl/test-elastic-client.key

#server.basePath: /kibana

END ANSIBLE MANAGED BLOCK

server.host: “10.10.10.15”

server.name: “kibana73”

–
You received this message because you are subscribed to the Google Groups “Search Guard Community Forum” group.

To unsubscribe from this group and stop receiving emails from it, send an email to search-guard...@googlegroups.com.

To post to this group, send email to search...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/15f83069-d498-47f8-a6d2-2cebdb459bde%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

Never mind, it’s working…

···

On Friday, March 15, 2019 at 2:01:54 PM UTC-7, Vijay wrote:

Elasticsearch version: 6.5.4
Kibana: 6.5.4

Searchguard for kibana: 6.5.4-18

How can i access kibana Dashboard after installing searchguard plugin on it?

i have elasticsearch running on cluster enabled searchguard on it and service is accessible on port 443:9200

i have another server with only kibana installed on it and enabled searchguard on that server, i have included all the elasticsearch cluster and certs details in it.

Please suggest me how do i access kibana dashboard, thanks.

kibana.yml

xpack.security.enabled: false

xpack.spaces.enabled: false

xpack.monitoring.enabled: false

xpack.graph.enabled: false

xpack.ml.enabled: false

xpack.watcher.enabled: false

BEGIN ANSIBLE MANAGED BLOCK

elasticsearch.url: “https://test-elastic:443”

elasticsearch.ssl.certificateAuthorities: /root/ssl/cacert

elasticsearch.ssl.certificate: /root/ssl/test-elastic-client.pem

elasticsearch.ssl.key: /root/ssl/test-elastic-client.key

#server.basePath: /kibana

END ANSIBLE MANAGED BLOCK

server.host: “10.10.10.15”

server.name: “kibana73”