Unable to log in to Kibana after 7.10.1 upgrade

We upgraded ELK from 7.9.2 to 7.10.1.
After the upgrade, when we try to go to our Kibana endpoint we get redirected to
https://<kibana_endpoint>/login?nextUrl=%2F and then the page goes blank.

If we try to go via the okta chicklet, we get the following response:

{
  statusCode: 404,
  error: "Not Found",
  message: "Not Found"
}

The endpoint okta takes us to is this: https://<kibana_endpoint>/searchguard/saml/acs/idpinitiated

We have not changed any config on Searchguard or elastic. The only change was the version upgrade.
Any help is appreciated.

Kibana Searchguard plugin: 7.10.1-48.0.0
Searchguard plugin: 7.10.1-48.0.0

Thank you.

On further investigation, I noticed that when I try to load Kibana, in the chrome console I see a bunch of 401s on searchguard endpoints

https://<kibana_endpoint>/api/v1/restapiinfo 401
https://<kibana_endpoint>/api/v1/auth/authinfo 401
https://<kibana_endpoint>/api/v1/searchguard/kibana_config 401

We have made no changes to any users, so surprising that we get a 401 unauthorized

Hi.
I need the following data to help you.

  1. kibana.yml
  2. elasticsearch.yml
  3. sg_config.yml
  4. Elasticsearch log
  5. Kibana log. Make sure you have the debug switch on

kibana.yml

searchguard.auth.debug: true

Caution: the logged information and configurations may contain sensitive authentication information. Obfuscate.

Also, try to remove all cookies from browser, then access Kibana.

The only change was the version upgrade.

What is your upgrade procedure?

What is your client configuration in the IDP? IDP Initiated SSO URL Name and SAML endpoint configuration are of special interest. For example, Keycloak

Thanks for the responses!

We actually just triggered another deployment of Kibana and it did the tenant migrations again. This seems to have fixed the issue.

Our guess is the first time we updated the version, for some reason the tenant migration did not finish or was interrupted somehow

1 Like