Kibana not working after upgrading to ELK 8.14.3

Hi,

Yesterday we’ve upgraded our production Elastic cluster to version 8.14.3.

Shortly after the upgrade, users reported that searches and visualizations in Kibana are resulting in a error when they take longer than a few seconds.

Looking in our Elasticsearch server logs we’ve discovered following missing privileges messages:

### No cluster privileges for cluster:monitor/async_search/status (org.elasticsearch.xpack.core.async.GetAsyncStatusRequest)
User: User <USER>> [backend_roles=[...] requestedTenant=<TENANT>]
Roles: [SGS_KIBANA_USER_NO_GLOBAL_TENANT, ...]
Status: INSUFFICIENT
Evaluated Privileges:
_/cluster:monitor/async_search/status: MISSING

With a quick look into the Kibana release notes for 8.14.0 we’ve discovered following change:

Management

Kibana now uses Elasticsearch’s _async_search/status/{id} endpoint (instead of _async_search/{id}) when polling on search requests to improve performance.(#178921).

The change is documented in the linked GitHub pull request:

We’ve manually added the new cluster:monitor/async_search/status privilege to our SG role definitions, however I think this should be added into default SGS_KIBANA_USER… roles.

Regards,
Alex

Hi @trauta,

Thanks for sharing your findings, I’ll have a look at what can be done and get back to you. Am I correct to assume that you have multitenancy enabled?

thanks,
mj

Yes, the multitenancy feature is enabled and we’re using an academic (enterprise) license.

@trauta, Could you please also confirm if you are using Global Tenant, at all, in your cluster, to help me with my investigation?

Thanks,
Mantas

The global tenant is not used by any regular users, it is only available for our ‘admin’ account.