We upgraded ELK from 7.9.2 to 7.10.1.https://<kibana_endpoint>/login?nextUrl=%2F and then the page goes blank.
If we try to go via the okta chicklet, we get the following response:
{
statusCode: 404,
error: "Not Found",
message: "Not Found"
}
The endpoint okta takes us to is this: https://<kibana_endpoint>/searchguard/saml/acs/idpinitiated
We have not changed any config on Searchguard or elastic. The only change was the version upgrade.
Kibana Searchguard plugin: 7.10.1-48.0.0
Thank you.
1 Like
On further investigation, I noticed that when I try to load Kibana, in the chrome console I see a bunch of 401s on searchguard endpoints
https://<kibana_endpoint>/api/v1/restapiinfo 401
https://<kibana_endpoint>/api/v1/auth/authinfo 401
https://<kibana_endpoint>/api/v1/searchguard/kibana_config 401
We have made no changes to any users, so surprising that we get a 401 unauthorized
srgbnd
December 21, 2020, 10:46am
3
Hi.
kibana.yml
elasticsearch.yml
sg_config.yml
Elasticsearch log
Kibana log. Make sure you have the debug switch on
kibana.yml
searchguard.auth.debug: true
Caution: the logged information and configurations may contain sensitive authentication information. Obfuscate.
srgbnd
December 21, 2020, 10:48am
4
Also, try to remove all cookies from browser, then access Kibana.
The only change was the version upgrade.
What is your upgrade procedure?
srgbnd
December 21, 2020, 3:05pm
5
What is your client configuration in the IDP? IDP Initiated SSO URL Name and SAML endpoint configuration are of special interest. For example, Keycloak
Thanks for the responses!
We actually just triggered another deployment of Kibana and it did the tenant migrations again. This seems to have fixed the issue.
Our guess is the first time we updated the version, for some reason the tenant migration did not finish or was interrupted somehow
1 Like
