When xpack security is disabled, kibana with search-guard became unavailable.

Hi.

I have an issue about installing search-guard-plugin to elasticsearch and kibana.

When I installed it, Kibana said “plugin:searchguard@6.3.2-15 X-Pack Security needs to be disabled for Search Guard to work properly. Please set ‘xpack.security.enabled’ to false in your kibana.yml” on kibana’s web page.

After I added ‘xpack.security.enabled: false’ to kibana.yml, I could not access to kibana’s web page.(denied connection)

Please let me know the solution.

[elasticsearch]

  1. systemctl stop elasticsearch

  2. /usr/share/elasticsearch/bin/elasticsearch-plugin install -b com.floragunn:search-guard-6:6.3.2-23.1

  3. cd /usr/share/elasticsearch/plugins/search-guard-6/tools

  4. sh install_demo_configuration.h

y y N

  1. systemctl start elasticsearch

  2. sh sgadmin_demo.sh

[kibana]

  1. cd /tmp/

  2. wget https://oss.sonatype.org/service/local/repositories/releases/content/com/floragunn/search-guard-kibana-plugin/6.3.2-15/search-guard-kibana-plugin-6.3.2-15.zip

  3. /usr/share/kibana/bin/kibana-plugin install file:///tmp/search-guard-kibana-plugin-6.3.2-15.zip

elasticsearch.url: “https://:9200”

elasticsearch.username: “kibanaserver”

elasticsearch.password: “kibanaserver”

elasticsearch.ssl.verificationMode: none

xpack.security.enabled: false

Thank you.

···

When asking questions, please provide the following information:

  • Search Guard and Elasticsearch version
  • search-guard-6:6.3.2-23.1

  • elasticsearch 6.3.2

  • Installed and used enterprise modules, if any

  • JVM version and operating system version

  • OpenJDK Runtime Environment (build 1.8.0_181-b13)

  • CentOS7

  • Search Guard configuration files
  • I don’t modify it.
  • Elasticsearch log messages on debug level

  • Other installed Elasticsearch or Kibana plugins, if any

Can you please attach the Kibana logfiles as well? Are you using the regular Kibana binaries or the OSS flavour?

···

On Friday, October 12, 2018 at 4:38:42 AM UTC+2, ate wrote:

Hi.

I have an issue about installing search-guard-plugin to elasticsearch and kibana.

When I installed it, Kibana said “plugin:searchguard@6.3.2-15 X-Pack Security needs to be disabled for Search Guard to work properly. Please set ‘xpack.security.enabled’ to false in your kibana.yml” on kibana’s web page.

After I added ‘xpack.security.enabled: false’ to kibana.yml, I could not access to kibana’s web page.(denied connection)

Please let me know the solution.

[elasticsearch]

  1. systemctl stop elasticsearch
  1. /usr/share/elasticsearch/bin/elasticsearch-plugin install -b com.floragunn:search-guard-6:6.3.2-23.1
  1. cd /usr/share/elasticsearch/plugins/search-guard-6/tools
  1. sh install_demo_configuration.h

y y N

  1. systemctl start elasticsearch
  1. sh sgadmin_demo.sh

[kibana]

  1. cd /tmp/
  1. wget https://oss.sonatype.org/service/local/repositories/releases/content/com/floragunn/search-guard-kibana-plugin/6.3.2-15/search-guard-kibana-plugin-6.3.2-15.zip
  1. /usr/share/kibana/bin/kibana-plugin install file:///tmp/search-guard-kibana-plugin-6.3.2-15.zip

elasticsearch.url: “https://:9200”

elasticsearch.username: “kibanaserver”

elasticsearch.password: “kibanaserver”

elasticsearch.ssl.verificationMode: none

xpack.security.enabled: false

Thank you.


When asking questions, please provide the following information:

  • Search Guard and Elasticsearch version
  • search-guard-6:6.3.2-23.1
  • elasticsearch 6.3.2
  • Installed and used enterprise modules, if any
  • JVM version and operating system version
  • OpenJDK Runtime Environment (build 1.8.0_181-b13)
  • CentOS7
  • Search Guard configuration files
  • I don’t modify it.
  • Elasticsearch log messages on debug level
  • Other installed Elasticsearch or Kibana plugins, if any

Thank you for your reply.

I’m sorry that I couldn’t find the Kibana logfiles and directories(“/var/log/kibana”).

I used the regular Kibana.

So I changed it to the Kibana(OSS only), the Search Guard began to work.

But I want to use the regular Kibana because I want to use both the Search Guard and the x-pack(only monitoring).

Can I try anything about this issue?

In order to see what is going on we really need to see the Kibana logfile. You can configure the log file destination like:

logging.dest: /var/log/kibana.log

Note that the Kibana process needs write access to that file / directory.

On Friday, October 19,

···

Thank you for your reply.

I’m sorry that I couldn’t find the Kibana logfiles and directories(“/var/log/kibana”).

I used the regular Kibana.

So I changed it to the Kibana(OSS only), the Search Guard began to work.

But I want to use the regular Kibana because I want to use both the Search Guard and the x-pack(only monitoring).

Can I try anything about this issue?

According to your advice, I could see the kibana logfile.

I add it to this topic as [kibana.log].

At first, without setting up xpack, I started the page of kibana,

then I set xpack.security.enabled: false to kibana.yml and restarted.

After setting xpack.security.enabled: false to kibana.yml, the following error continues to appear.

permission denied, open '/usr/share/kibana/optimize/bundles/searchguard-login.entry.js

I tried executing the following command,

chown 777 /usr/share/kibana/optimize/bundles/searchguard-login.entry.js

chown kibana:kibana /usr/share/kibana/optimize/bundles/searchguard-login.entry.js

this error appears.

permission denied, open '/usr/share/kibana/optimize/bundles/searchguard-customerror.entry.js

Next I executed follows,

chown -R 777 /usr/share/kibana/optimize/bundles

chown -R kibana:kibana /usr/share/kibana/optimize/bundles

the search-guard plugin now works correctly.

Is this the correct way to fix this issue?

In addition, I tried the same step using elasticsearch ver 6.4.2 and kibana ver 6.4.2, the search-guard plugin worked without problem.(I didn’t execute chown command at all.)

2018年10月19日金曜日 18時30分22秒 UTC+9 Jochen Kressin:

kibana.log (51.6 KB)

···

In order to see what is going on we really need to see the Kibana logfile. You can configure the log file destination like:

logging.dest: /var/log/kibana.log

Note that the Kibana process needs write access to that file / directory.

On Friday, October 19,

Thank you for your reply.

I’m sorry that I couldn’t find the Kibana logfiles and directories(“/var/log/kibana”).

I used the regular Kibana.

So I changed it to the Kibana(OSS only), the Search Guard began to work.

But I want to use the regular Kibana because I want to use both the Search Guard and the x-pack(only monitoring).

Can I try anything about this issue?