When xpack security is disabled, kibana with search-guard became unavailable.

When asking questions, please provide the following information:

• Search Guard and Elasticsearch version

• search-guard-6:6.3.2-23.1

• elasticsearch 6.3.2

• Installed and used enterprise modules, if any

• JVM version and operating system version

• OpenJDK Runtime Environment (build 1.8.0_181-b13)

• CentOS7

• Search Guard configuration files

• I don’t modify it.

• Elasticsearch log messages on debug level

• Other installed Elasticsearch or Kibana plugins, if any

On Friday, October 12, 2018 at 4:38:42 AM UTC+2, ate wrote:

Hi.

I have an issue about installing search-guard-plugin to elasticsearch and kibana.

When I installed it, Kibana said “plugin:searchguard@6.3.2-15 X-Pack Security needs to be disabled for Search Guard to work properly. Please set ‘xpack.security.enabled’ to false in your kibana.yml” on kibana’s web page.

After I added ‘xpack.security.enabled: false’ to kibana.yml, I could not access to kibana’s web page.(denied connection)

Please let me know the solution.

[elasticsearch]

1. systemctl stop elasticsearch

2. /usr/share/elasticsearch/bin/elasticsearch-plugin install -b com.floragunn:search-guard-6:6.3.2-23.1

3. cd /usr/share/elasticsearch/plugins/search-guard-6/tools

4. sh install_demo_configuration.h

y y N

5. systemctl start elasticsearch

6. sh sgadmin_demo.sh

[kibana]

1. cd /tmp/

2. wget https://oss.sonatype.org/service/local/repositories/releases/content/com/floragunn/search-guard-kibana-plugin/6.3.2-15/search-guard-kibana-plugin-6.3.2-15.zip

3. /usr/share/kibana/bin/kibana-plugin install file:///tmp/search-guard-kibana-plugin-6.3.2-15.zip

elasticsearch.url: “https://:9200”

elasticsearch.username: “kibanaserver”

elasticsearch.password: “kibanaserver”

elasticsearch.ssl.verificationMode: none

xpack.security.enabled: false

Thank you.

When asking questions, please provide the following information:

• Search Guard and Elasticsearch version

• search-guard-6:6.3.2-23.1

• elasticsearch 6.3.2

• Installed and used enterprise modules, if any

• JVM version and operating system version

• OpenJDK Runtime Environment (build 1.8.0_181-b13)

• CentOS7

• Search Guard configuration files

• I don’t modify it.

• Elasticsearch log messages on debug level

• Other installed Elasticsearch or Kibana plugins, if any

Thank you for your reply.

I’m sorry that I couldn’t find the Kibana logfiles and directories(“/var/log/kibana”).

I used the regular Kibana.

So I changed it to the Kibana(OSS only), the Search Guard began to work.

But I want to use the regular Kibana because I want to use both the Search Guard and the x-pack(only monitoring).

Can I try anything about this issue?

In order to see what is going on we really need to see the Kibana logfile. You can configure the log file destination like:

logging.dest: /var/log/kibana.log

Note that the Kibana process needs write access to that file / directory.

On Friday, October 19,

Thank you for your reply.

I’m sorry that I couldn’t find the Kibana logfiles and directories(“/var/log/kibana”).

I used the regular Kibana.

So I changed it to the Kibana(OSS only), the Search Guard began to work.

But I want to use the regular Kibana because I want to use both the Search Guard and the x-pack(only monitoring).

Can I try anything about this issue?