When I installed SG+ES bundle for first time I was able to successfully executed sgadmin script without any issues. Once I added Logstash and Kibana and when I tried to start ES I got message as searchguard not initialized SG11.
I tried below steps to fix this issue as per previous blogs but no luck. Can you please help on this?
[2016-08-04 18:52:41,343][WARN ][bootstrap ] unable to install syscall filter: seccomp unavailable: CONFIG_SECCOMP not compiled into kernel,
[2016-08-04 18:52:41,437][INFO ][node ] [localhost] version[2.3.4], pid[20117], build[e455fd0/2016-06-30T11:24:31Z]
[2016-08-04 18:52:41,437][INFO ][node ] [localhost] initializing …
[2016-08-04 18:52:41,769][INFO ][com.floragunn.searchguard.ssl.SearchGuardSSLPlugin] Search Guard 2 plugin not available
[2016-08-04 18:52:41,789][INFO ][plugins ] [localhost] modules [reindex, lang-expression, lang-groovy], plugins [search-guard-ssl, kopf, search-
[2016-08-04 18:52:41,803][INFO ][env ] [localhost] using [1] data paths, mounts [[/home (/dev/mapper/vg_sda-lv_home)]], net usable_space [8.9gb],
[2016-08-04 18:52:41,803][INFO ][env ] [localhost] heap size [989.8mb], compressed ordinary object pointers [true]
[2016-08-04 18:52:41,803][WARN ][env ] [localhost] max file descriptors [4096] for elasticsearch process likely too low, consider increasing to at
[2016-08-04 18:52:41,830][INFO ][com.floragunn.searchguard.ssl.SearchGuardKeyStore] Open SSL not available (this is not an error, we simply fallback to built-in JDK
SSL) because of java.lang.IllegalArgumentException: Failed to load any of the given libraries: [netty-tcnative-linux-x86_64, netty-tcnative-linux-x86_64-fedora,
[2016-08-04 18:52:42,011][INFO ][com.floragunn.searchguard.ssl.SearchGuardKeyStore] Config directory is /home/test/test/elasticsearch-2.3.4-localhost/config/, from
Exception in thread “main” ElasticsearchException[searchguard.ssl.transport.keystore_filepath must be set if transport ssl is reqested.]
at com.floragunn.searchguard.ssl.SearchGuardKeyStore.initSSLConfig(SearchGuardKeyStore.java:188)
at com.floragunn.searchguard.ssl.SearchGuardKeyStore.(SearchGuardKeyStore.java:139)
at com.floragunn.searchguard.ssl.SearchGuardSSLModule.(SearchGuardSSLModule.java:29)
at com.floragunn.searchguard.ssl.SearchGuardSSLPlugin.nodeModules(SearchGuardSSLPlugin.java:126)
Refer to the log for complete error details.
···
ES logs after uncommenting SG SSL only. Restarted ES and below are logs
./elasticsearch-2.3.4-localhost/bin/elasticsearch
[2016-08-04 18:59:00,447][WARN ][bootstrap ] unable to install syscall filter: seccomp unavailable: CONFIG_SECCOMP not compiled into kernel,
CONFIG_SECCOMP and CONFIG_SECCOMP_FILTER are needed
[2016-08-04 18:59:00,554][INFO ][node ] [localhost] version[2.3.4], pid[20193], build[e455fd0/2016-06-30T11:24:31Z]
[2016-08-04 18:59:00,554][INFO ][node ] [localhost] initializing …
[2016-08-04 18:59:00,892][INFO ][com.floragunn.searchguard.ssl.SearchGuardSSLPlugin] Search Guard 2 plugin also available
[2016-08-04 18:59:00,913][INFO ][plugins ] [localhost] modules [reindex, lang-expression, lang-groovy], plugins [search-guard-ssl, kopf, search-
guard-2], sites [kopf]
[2016-08-04 18:59:00,927][INFO ][env ] [localhost] using [1] data paths, mounts [[/home (/dev/mapper/vg_sda-lv_home)]], net usable_space [8.9gb],
net total_space [9.7gb], spins? [possibly], types [ext4]
[2016-08-04 18:59:00,927][INFO ][env ] [localhost] heap size [989.8mb], compressed ordinary object pointers [true]
[2016-08-04 18:59:00,927][WARN ][env ] [localhost] max file descriptors [4096] for elasticsearch process likely too low, consider increasing to at
least [65536]
[2016-08-04 18:59:00,954][INFO ][com.floragunn.searchguard.ssl.SearchGuardKeyStore] Open SSL not available (this is not an error, we simply fallback to built-in JDK
SSL) because of java.lang.IllegalArgumentException: Failed to load any of the given libraries: [netty-tcnative-linux-x86_64, netty-tcnative-linux-x86_64-fedora,
netty-tcnative]
[2016-08-04 18:59:00,954][INFO ][com.floragunn.searchguard.ssl.SearchGuardKeyStore] Open SSL not available (this is not an error, we simply fallback to built-in JDK
SSL) because of java.lang.IllegalArgumentException: Failed to load any of the given libraries: [netty-tcnative-linux-x86_64, netty-tcnative-linux-x86_64-fedora,
netty-tcnative]
[2016-08-04 18:59:01,114][INFO ][com.floragunn.searchguard.ssl.SearchGuardKeyStore] Config directory is /home/test/test/elasticsearch-2.3.4-localhost/config/, from
there the key- and truststore files are resolved relatively
Exception in thread “main” ElasticsearchException[searchguard.ssl.transport.keystore_filepath must be set if transport ssl is reqested.]
at com.floragunn.searchguard.ssl.SearchGuardKeyStore.initSSLConfig(SearchGuardKeyStore.java:188)
at com.floragunn.searchguard.ssl.SearchGuardKeyStore.(SearchGuardKeyStore.java:139)
at com.floragunn.searchguard.ssl.SearchGuardSSLModule.(SearchGuardSSLModule.java:29)
at com.floragunn.searchguard.ssl.SearchGuardSSLPlugin.nodeModules(SearchGuardSSLPlugin.java:126)
at org.elasticsearch.plugins.PluginsService.nodeModules(PluginsService.java:263)
at org.elasticsearch.node.Node.(Node.java:179)
at org.elasticsearch.node.Node.(Node.java:140)
at org.elasticsearch.node.NodeBuilder.build(NodeBuilder.java:143)
at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:178)
at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:270)
at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:35)
Refer to the log for complete error details.
ES logs after SG . Restarted ES and below are logs****************************************
./elasticsearch-2.3.4-localhost/bin/elasticsearch
[2016-08-04 19:04:26,014][WARN ][bootstrap ] unable to install syscall filter: seccomp unavailable: CONFIG_SECCOMP not compiled into kernel,
CONFIG_SECCOMP and CONFIG_SECCOMP_FILTER are needed
[2016-08-04 19:04:26,112][INFO ][node ] [localhost] version[2.3.4], pid[20249], build[e455fd0/2016-06-30T11:24:31Z]
[2016-08-04 19:04:26,112][INFO ][node ] [localhost] initializing …
[2016-08-04 19:04:26,444][INFO ][com.floragunn.searchguard.ssl.SearchGuardSSLPlugin] Search Guard 2 plugin also available
[2016-08-04 19:04:26,464][INFO ][plugins ] [localhost] modules [reindex, lang-expression, lang-groovy], plugins [search-guard-ssl, kopf, search-
guard-2], sites [kopf]
[2016-08-04 19:04:26,479][INFO ][env ] [localhost] using [1] data paths, mounts [[/home (/dev/mapper/vg_sda-lv_home)]], net usable_space [8.9gb],
net total_space [9.7gb], spins? [possibly], types [ext4]
[2016-08-04 19:04:26,479][INFO ][env ] [localhost] heap size [989.8mb], compressed ordinary object pointers [true]
[2016-08-04 19:04:26,479][WARN ][env ] [localhost] max file descriptors [4096] for elasticsearch process likely too low, consider increasing to at
least [65536]
[2016-08-04 19:04:26,506][INFO ][com.floragunn.searchguard.ssl.SearchGuardKeyStore] Open SSL not available (this is not an error, we simply fallback to built-in JDK
SSL) because of java.lang.IllegalArgumentException: Failed to load any of the given libraries: [netty-tcnative-linux-x86_64, netty-tcnative-linux-x86_64-fedora,
netty-tcnative]
[2016-08-04 19:04:26,506][INFO ][com.floragunn.searchguard.ssl.SearchGuardKeyStore] Open SSL not available (this is not an error, we simply fallback to built-in JDK
SSL) because of java.lang.IllegalArgumentException: Failed to load any of the given libraries: [netty-tcnative-linux-x86_64, netty-tcnative-linux-x86_64-fedora,
netty-tcnative]
[2016-08-04 19:04:26,661][INFO ][com.floragunn.searchguard.ssl.SearchGuardKeyStore] Config directory is /home/test/test/elasticsearch-2.3.4-localhost/config/, from
there the key- and truststore files are resolved relatively
[2016-08-04 19:04:26,674][INFO ][com.floragunn.searchguard.ssl.SearchGuardKeyStore] HTTPS client auth mode OPTIONAL
[2016-08-04 19:04:26,678][INFO ][com.floragunn.searchguard.ssl.SearchGuardKeyStore] AES-256 not supported, max key length for AES is 128 bit… That is not an issue, it
just limits possible encryption strength. To enable AES 256 install ‘Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files’
[2016-08-04 19:04:26,678][INFO ][com.floragunn.searchguard.ssl.SearchGuardKeyStore] sslTransportClientProvider:JDK with ciphers
[TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256]
[2016-08-04 19:04:26,678][INFO ][com.floragunn.searchguard.ssl.SearchGuardKeyStore] sslTransportServerProvider:JDK with ciphers
[TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256]
[2016-08-04 19:04:26,678][INFO ][com.floragunn.searchguard.ssl.SearchGuardKeyStore] sslHTTPProvider:JDK with ciphers [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256]
[2016-08-04 19:04:26,678][INFO ][com.floragunn.searchguard.ssl.SearchGuardKeyStore] sslTransport protocols [TLSv1.2, TLSv1.1]
[2016-08-04 19:04:26,678][INFO ][com.floragunn.searchguard.ssl.SearchGuardKeyStore] sslHTTP protocols [TLSv1.2, TLSv1.1]
[2016-08-04 19:04:26,785][INFO ][http ] [localhost] Using [org.elasticsearch.http.netty.NettyHttpServerTransport] as http transport, overridden by
[search-guard2]
[2016-08-04 19:04:26,831][INFO ][com.floragunn.searchguard.configuration.ConfigurationModule] FLS/DLS valve bound
Search Guard Audit Log is not free software
for commercial use in production.
You have to obtain a license if you
use it in production.
[2016-08-04 19:04:26,833][INFO ][com.floragunn.searchguard.auditlog.AuditLogModule] Auditlog available (AuditLogImpl)
[2016-08-04 19:04:26,874][INFO ][transport ] [localhost] Using [com.floragunn.searchguard.transport.SearchGuardTransportService] as transport service,
overridden by [search-guard2]
[2016-08-04 19:04:26,874][INFO ][transport ] [localhost] Using [com.floragunn.searchguard.ssl.transport.SearchGuardSSLNettyTransport] as transport,
overridden by [search-guard-ssl]
[2016-08-04 19:04:27,340][INFO ][com.floragunn.searchguard.auditlog.impl.AuditLogImpl] Audit Log class: ESAuditLog
[2016-08-04 19:04:27,755][INFO ][node ] [localhost] initialized
[2016-08-04 19:04:27,755][INFO ][node ] [localhost] starting …
[2016-08-04 19:04:27,816][INFO ][com.floragunn.searchguard.transport.SearchGuardTransportService] [localhost] publish_address {127.0.0.1:9301}, bound_addresses
{[::1]:9301}, {127.0.0.1:9301}
[2016-08-04 19:04:27,820][INFO ][discovery ] [localhost] elasticsearch/14mtfOfFR-yfWh3ZCijeqw
[2016-08-04 19:04:27,823][DEBUG][action.admin.cluster.health] [localhost] no known master node, scheduling a retry
[2016-08-04 19:04:31,080][INFO ][cluster.service ] [localhost] detected_master {localhost}{ux5kIQD6QZCseHxfpN7vcQ}{127.0.0.1}{127.0.0.1:9300}, added
{{localhost}{ux5kIQD6QZCseHxfpN7vcQ}{127.0.0.1}{127.0.0.1:9300},}, reason: zen-disco-receive(from master [{localhost}{ux5kIQD6QZCseHxfpN7vcQ}{127.0.0.1}
{127.0.0.1:9300}])
[2016-08-04 19:04:31,306][INFO ][http ] [localhost] publish_address {127.0.0.1:9201}, bound_addresses {[::1]:9201}, {127.0.0.1:9201}
[2016-08-04 19:04:31,307][INFO ][node ] [localhost] started
Searchguard DLS/FLS(+) Security is not free software
for commercial use in production.
You have to obtain a license if you
use it in production.
(+) Document-/Fieldlevel
[2016-08-04 19:04:31,437][INFO ][com.floragunn.searchguard.configuration.SearchGuardIndexSearcherWrapperModule] FLS/DLS enabled
[2016-08-04 19:05:01,288][WARN ][com.floragunn.searchguard.action.configupdate.TransportConfigUpdateAction] [localhost] searchguard index not healthy (timeout: true)
[2016-08-04 19:05:34,289][WARN ][com.floragunn.searchguard.action.configupdate.TransportConfigUpdateAction] [localhost] searchguard index not healthy (timeout: true)
[2016-08-04 19:06:07,291][WARN ][com.floragunn.searchguard.action.configupdate.TransportConfigUpdateAction] [localhost] searchguard index not healthy (timeout: true)
[2016-08-04 19:06:40,292][WARN ][com.floragunn.searchguard.action.configupdate.TransportConfigUpdateAction] [localhost] searchguard index not healthy (timeout: true)
[2016-08-04 19:07:13,293][WARN ][com.floragunn.searchguard.action.configupdate.TransportConfigUpdateAction] [localhost] searchguard index not healthy (timeout: true)
Finally started sgadmin and it throws timeout error error
./sgadmin.sh
Connect to localhost:9300
Cluster state timeout
Logs in ES after starting sgadmin
[2016-08-04 19:13:08,012][ERROR][com.floragunn.searchguard.auth.BackendRegistry] Not yet initialized
[2016-08-04 19:13:10,530][ERROR][com.floragunn.searchguard.auth.BackendRegistry] Not yet initialized
[2016-08-04 19:13:13,046][ERROR][com.floragunn.searchguard.auth.BackendRegistry] Not yet initialized
[2016-08-04 19:13:14,567][WARN ][com.floragunn.searchguard.action.configupdate.TransportConfigUpdateAction] [localhost] searchguard index not healthy (timeout: true)
[2016-08-04 19:13:15,564][ERROR][com.floragunn.searchguard.auth.BackendRegistry] Not yet initialized
[2016-08-04 19:13:16,304][WARN ][com.floragunn.searchguard.action.configupdate.TransportConfigUpdateAction] [localhost] searchguard index not healthy (timeout: true)
[2016-08-04 19:13:18,075][ERROR][com.floragunn.searchguard.auth.BackendRegistry] Not yet initialized
[2016-08-04 19:13:20,593][ERROR][com.floragunn.searchguard.auth.BackendRegistry] Not yet initialized
[2016-08-04 19:13:23,104][ERROR][com.floragunn.searchguard.auth.BackendRegistry] Not yet initialized
[2016-08-04 19:13:25,620][ERROR][com.floragunn.searchguard.auth.BackendRegistry] Not yet initialized
[2016-08-04 19:13:28,133][ERROR][com.floragunn.searchguard.auth.BackendRegistry] Not yet initialized
[2016-08-04 19:13:30,649][ERROR][com.floragunn.searchguard.auth.BackendRegistry] Not yet initialized
[2016-08-04 19:13:33,164][ERROR][com.floragunn.searchguard.auth.BackendRegistry] Not yet initialized
[2016-08-04 19:13:35,697][ERROR][com.floragunn.searchguard.auth.BackendRegistry] Not yet initialized
[2016-08-04 19:13:38,212][ERROR][com.floragunn.searchguard.auth.BackendRegistry] Not yet initialized
[2016-08-04 19:13:40,728][ERROR][com.floragunn.searchguard.auth.BackendRegistry] Not yet initialized
[2016-08-04 19:13:43,244][ERROR][com.floragunn.searchguard.auth.BackendRegistry] Not yet initialized
[2016-08-04 19:13:45,760][ERROR][com.floragunn.searchguard.auth.BackendRegistry] Not yet initialized
[2016-08-04 19:13:47,568][WARN ][com.floragunn.searchguard.action.configupdate.TransportConfigUpdateAction] [localhost] searchguard index not healthy (timeout: true)
[2016-08-04 19:13:48,274][ERROR][com.floragunn.searchguard.auth.BackendRegistry] Not yet initialized
[2016-08-04 19:13:49,305][WARN ][com.floragunn.searchguard.action.configupdate.TransportConfigUpdateAction] [localhost] searchguard index not healthy (timeout: true)
[2016-08-04 19:13:50,790][ERROR][com.floragunn.searchguard.auth.BackendRegistry] Not yet initialized
[2016-08-04 19:13:53,305][ERROR][com.floragunn.searchguard.auth.BackendRegistry] Not yet initialized
[2016-08-04 19:13:55,821][ERROR][com.floragunn.searchguard.auth.BackendRegistry] Not yet initialized
[2016-08-04 19:13:58,333][ERROR][com.floragunn.searchguard.auth.BackendRegistry] Not yet initialized
[2016-08-04 19:14:00,850][ERROR][com.floragunn.searchguard.auth.BackendRegistry] Not yet initialized
[2016-08-04 19:14:03,363][ERROR][com.floragunn.searchguard.auth.BackendRegistry] Not yet initialized
[2016-08-04 19:14:05,881][ERROR][com.floragunn.searchguard.auth.BackendRegistry] Not yet initialized
[2016-08-04 19:14:08,393][ERROR][com.floragunn.searchguard.auth.BackendRegistry] Not yet initialized
[2016-08-04 19:14:10,923][ERROR][com.floragunn.searchguard.auth.BackendRegistry] Not yet initialized
[2016-08-04 19:14:13,437][ERROR][com.floragunn.searchguard.auth.BackendRegistry] Not yet initialized
[2016-08-04 19:14:15,952][ERROR][com.floragunn.searchguard.auth.BackendRegistry] Not yet initialized
[2016-08-04 19:14:18,467][ERROR][com.floragunn.searchguard.auth.BackendRegistry] Not yet initialized
[2016-08-04 19:14:20,568][WARN ][com.floragunn.searchguard.action.configupdate.TransportConfigUpdateAction] [localhost] searchguard index not healthy (timeout: true)
[2016-08-04 19:14:20,983][ERROR][com.floragunn.searchguard.auth.BackendRegistry] Not yet initialized
[2016-08-04 19:14:22,306][WARN ][com.floragunn.searchguard.action.configupdate.TransportConfigUpdateAction] [localhost] searchguard index not healthy (timeout: true)
[2016-08-04 19:14:23,498][ERROR][com.floragunn.searchguard.auth.BackendRegistry] Not yet initialized
[2016-08-04 19:14:26,014][ERROR][com.floragunn.searchguard.auth.BackendRegistry] Not yet initialized
[2016-08-04 19:14:28,530][ERROR][com.floragunn.searchguard.auth.BackendRegistry] Not yet initialized
[2016-08-04 19:14:31,045][ERROR][com.floragunn.searchguard.auth.BackendRegistry] Not yet initialized
[2016-08-04 19:14:33,628][ERROR][com.floragunn.searchguard.auth.BackendRegistry] Not yet initialize
My Infradetails : Logstash, Kibana, SG+ES bundle installed in one server and installed filebeats on client server
Note: I am going with default setup ad per searchguardbundle for testing phase I didnot create any new admin certificates
ES configuration
======================== Elasticsearch Configuration =========================
NOTE: Elasticsearch comes with reasonable defaults for most settings.
Before you set out to tweak and tune the configuration, make sure you
understand what are you trying to accomplish and the consequences.
The primary way of configuring a node is via this file. This template lists
the most important settings you may want to configure for a production cluster.
Please see the documentation for further information on configuration options:
---------------------------------- Cluster -----------------------------------
Use a descriptive name for your cluster:
cluster.name: my-application
------------------------------------ Node ------------------------------------
Use a descriptive name for the node:
node.name: node-1
Add custom attributes to the node:
node.rack: r1
----------------------------------- Paths ------------------------------------
Path to directory where to store the data (separate multiple locations by comma):
path.data: /path/to/data
Path to log files:
path.logs: /path/to/logs
----------------------------------- Memory -----------------------------------
Lock the memory on startup:
bootstrap.mlockall: true
Make sure that the ES_HEAP_SIZE
environment variable is set to about half the memory
available on the system and that the owner of the process is allowed to use this limit.
Elasticsearch performs poorly when the system is swapping the memory.
---------------------------------- Network -----------------------------------
Set the bind address to a specific IP (IPv4 or IPv6):
#network.host: x.x.x.x
Set a custom port for HTTP:
#http.port: 9200
For more information, see the documentation at:
--------------------------------- Discovery ----------------------------------
Pass an initial list of hosts to perform discovery when new node is started:
The default list of hosts is [“127.0.0.1”, “[::1]”]
discovery.zen.ping.unicast.hosts: [“host1”, “host2”]
Prevent the “split brain” by configuring the majority of nodes (total number of nodes / 2 + 1):
discovery.zen.minimum_master_nodes: 3
For more information, see the documentation at:
---------------------------------- Gateway -----------------------------------
Block initial recovery after a full cluster restart until N nodes are started:
gateway.recover_after_nodes: 3
For more information, see the documentation at:
---------------------------------- Various -----------------------------------
Disable starting multiple nodes on a single system:
node.max_local_storage_nodes: 1
Require explicit names when deleting indices:
action.destructive_requires_name: true
node.name: localhost
##################################################
Search Guard 2 configuration
#Host: localhost
#Generated: Sun Jul 31 17:50:58 UTC 2016
#Git Hash: 51fced7dba388267d30ca7826cebcba8fb9edfb8
#ES-Version: 2.3.4
#SG-Version: 2.3.4.4
#SGSSL-Version: 2.3.4.14
#NettyNative-Version: 1.1.33.Fork17
#CA_PASS: f3c45ab4d999bc1f0ad8967ff9b42e39980eec58
#CL_ADM_PASS: 553281dad7802f1d6018
#CL_DEMOUSER_PASS: d88242ef83b1c5e48e0e
##################################################
searchguard.ssl.transport.enabled: true
searchguard.ssl.transport.keystore_filepath: CN=localhost-keystore.jks
searchguard.ssl.transport.keystore_password: xxxx
searchguard.ssl.transport.truststore_filepath: truststore.jks
searchguard.ssl.transport.truststore_password: xxxx
searchguard.ssl.transport.enforce_hostname_verification: false
searchguard.ssl.http.enabled: true
searchguard.ssl.http.keystore_filepath: CN=localhost-keystore.jks
searchguard.ssl.http.keystore_password: xxxxx
searchguard.ssl.http.truststore_filepath: truststore.jks
searchguard.ssl.http.truststore_password: xxxx
searchguard.kerberos.krb5_filepath: /Users/temp/kerberos_ldap_environment/krb5.conf
searchguard.kerberos.acceptor_keytab_filepath: http_srv.keytab
searchguard.audit.type: internal_elasticsearch
searchguard.authcz.admin_dn:
On Friday, August 5, 2016 at 1:20:11 AM UTC+5:30, SG wrote:
pls do not cross post, this one is already logged here https://github.com/floragunncom/search-guard/issues/182#issuecomment-237533599
Can you please provide error messages and your elasticsearch log files as well as your configuration? Otherwise its hard to help.
Start easy just with the Search Guard bundle and curl. Once you initialized Search Guard by runiing sgadmin you normally should not see a “Search Guard not initialized (SG11)” afterwards.
Am 04.08.2016 um 15:58 schrieb rocky rocky....@gmail.com:
Hi All,
Can anyone help me with the below issue I am facing
I used tarfile which was said to be the easiest way to installtion searchguard which also includes elasticsearch package. Please refer to below link
https://github.com/floragunncom/search-guard/wiki/Search-Guard-Bundle.
After extracting tarfile I have started elasticsearch using the steps as mentioned in link and later ran sgadmin.sh script and evrything was looking great.
Once I have installed Kibana and Logstash as root user , installed beats on client machine . Currently beats are able to push logs to logstash whereas logstash is not able to comminucate to elasticsearch.
When I found reason it says “Search Guard not initialized (SG11)” and searchguard index not healthy (timeout: truewhich is really strange.
Note: I deployed search guard tarfile using non rootuser.I also installed Kibana logastah and Elasticsearch with search guard on same server. beats on client machines.
Can anyone guide me here please as I am going crazy with this searchguard installation?
–
You received this message because you are subscribed to the Google Groups “Search Guard” group.
To unsubscribe from this group and stop receiving emails from it, send an email to search-guard...@googlegroups.com.
To post to this group, send email to search...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/68a3415e-eaee-439d-ad0e-9e2759295549%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.