[2017-10-23T16:35:01,217][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http basic
[2017-10-23T16:35:01,217][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http spnego
[2017-10-23T16:35:01,232][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http basic
[2017-10-23T16:35:01,232][WARN ][c.f.s.h.HTTPBasicAuthenticator] No 'Basic Authorization' header, send 401 and 'WWW-Authenticate Basic'
[2017-10-23T16:35:01,232][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http spnego
[2017-10-23T16:35:01,242][DEBUG][c.f.s.a.BackendRegistry  ] User 'Emtsev_S' is in cache? true (cache size: 5)
[2017-10-23T16:35:01,242][DEBUG][c.f.s.a.BackendRegistry  ] User 'User [name=Emtsev_S, roles=[]]' is authenticated
[2017-10-23T16:35:01,242][DEBUG][c.f.s.a.BackendRegistry  ] sg_tenant 'null'
[2017-10-23T16:35:01,243][DEBUG][c.f.s.c.PrivilegesEvaluator] evaluate permissions for User [name=Emtsev_S, roles=[]]
[2017-10-23T16:35:01,243][DEBUG][c.f.s.c.PrivilegesEvaluator] requested indices:data/read/search from 10.70.124.115:34296
[2017-10-23T16:35:01,243][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolve [.kibana] from class org.elasticsearch.action.search.SearchRequest
[2017-10-23T16:35:01,243][DEBUG][c.f.s.c.PrivilegesEvaluator] indicesOptions IndicesOptions[id=38, ignore_unavailable=false, allow_no_indices=true, expand_wildcards_open=true, expand_wildcards_closed=false, allow_alisases_to_multiple_indices=true, forbid_closed_indices=true]
[2017-10-23T16:35:01,243][DEBUG][c.f.s.c.PrivilegesEvaluator] 1 raw indices [.kibana]
[2017-10-23T16:35:01,243][DEBUG][c.f.s.c.PrivilegesEvaluator] No date math indices found
[2017-10-23T16:35:01,243][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolved [.kibana] to [.kibana]
[2017-10-23T16:35:01,243][DEBUG][c.f.s.c.PrivilegesEvaluator] requested resolved indextypes: [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:01,243][DEBUG][c.f.s.c.PrivilegesEvaluator] mapped roles for Emtsev_S: [sg_all_access, sg_own_index, sg_public]
[2017-10-23T16:35:01,243][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_all_access
[2017-10-23T16:35:01,243][DEBUG][c.f.s.c.PrivilegesEvaluator]   Try wildcard match for *
[2017-10-23T16:35:01,243][DEBUG][c.f.s.c.PrivilegesEvaluator]   Wildcard match for *: [.kibana]
[2017-10-23T16:35:01,243][DEBUG][c.f.s.c.PrivilegesEvaluator]   matches for *, will check now types [*]
[2017-10-23T16:35:01,243][DEBUG][c.f.s.c.PrivilegesEvaluator]     match requested action indices:data/read/search against */*: [*]
[2017-10-23T16:35:01,243][DEBUG][c.f.s.c.PrivilegesEvaluator]     removed .kibana*
[2017-10-23T16:35:01,243][DEBUG][c.f.s.c.PrivilegesEvaluator] For index * remaining requested indextype: []
[2017-10-23T16:35:01,243][DEBUG][c.f.s.c.PrivilegesEvaluator] found a match for 'sg_all_access.*', evaluate other roles
[2017-10-23T16:35:01,243][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_all_access=>[]
[2017-10-23T16:35:01,243][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_own_index
[2017-10-23T16:35:01,243][DEBUG][c.f.s.c.PrivilegesEvaluator]   Resolve and match Emtsev_S
[2017-10-23T16:35:01,243][DEBUG][c.f.s.c.PrivilegesEvaluator] no permittedAliasesIndex 'Emtsev_S' found for  'indices:data/read/search'
[2017-10-23T16:35:01,243][DEBUG][c.f.s.c.PrivilegesEvaluator] permittedAliasesIndices '{Emtsev_S=org.elasticsearch.common.settings.Settings@37b8cba5}' -> '{*.0=INDICES_ALL}'
[2017-10-23T16:35:01,244][DEBUG][c.f.s.c.PrivilegesEvaluator] requestedResolvedIndexTypes '[IndexType [index=.kibana, type=*]]'
[2017-10-23T16:35:01,244][DEBUG][c.f.s.c.PrivilegesEvaluator]   resolved permitted aliases indices for Emtsev_S: [Emtsev_S]
[2017-10-23T16:35:01,244][DEBUG][c.f.s.c.PrivilegesEvaluator]   matches for Emtsev_S, will check now types [*]
[2017-10-23T16:35:01,244][DEBUG][c.f.s.c.PrivilegesEvaluator]     match requested action indices:data/read/search against Emtsev_S/*: [indices:*]
[2017-10-23T16:35:01,244][DEBUG][c.f.s.c.PrivilegesEvaluator]     no match Emtsev_S* in [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:01,244][DEBUG][c.f.s.c.PrivilegesEvaluator] For index Emtsev_S remaining requested indextype: [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:01,244][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_own_index=>[IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:01,244][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_public
[2017-10-23T16:35:01,244][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_public=>[IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:01,262][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http basic
[2017-10-23T16:35:01,262][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http spnego
[2017-10-23T16:35:01,270][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http basic
[2017-10-23T16:35:01,270][WARN ][c.f.s.h.HTTPBasicAuthenticator] No 'Basic Authorization' header, send 401 and 'WWW-Authenticate Basic'
[2017-10-23T16:35:01,270][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http spnego
[2017-10-23T16:35:01,276][DEBUG][c.f.s.a.BackendRegistry  ] User 'Emtsev_S' is in cache? true (cache size: 5)
[2017-10-23T16:35:01,276][DEBUG][c.f.s.a.BackendRegistry  ] User 'User [name=Emtsev_S, roles=[]]' is authenticated
[2017-10-23T16:35:01,276][DEBUG][c.f.s.a.BackendRegistry  ] sg_tenant 'null'
[2017-10-23T16:35:01,277][DEBUG][c.f.s.c.PrivilegesEvaluator] evaluate permissions for User [name=Emtsev_S, roles=[]]
[2017-10-23T16:35:01,277][DEBUG][c.f.s.c.PrivilegesEvaluator] requested indices:data/read/search from 10.70.124.115:34296
[2017-10-23T16:35:01,277][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolve [.kibana] from class org.elasticsearch.action.search.SearchRequest
[2017-10-23T16:35:01,277][DEBUG][c.f.s.c.PrivilegesEvaluator] indicesOptions IndicesOptions[id=38, ignore_unavailable=false, allow_no_indices=true, expand_wildcards_open=true, expand_wildcards_closed=false, allow_alisases_to_multiple_indices=true, forbid_closed_indices=true]
[2017-10-23T16:35:01,277][DEBUG][c.f.s.c.PrivilegesEvaluator] 1 raw indices [.kibana]
[2017-10-23T16:35:01,277][DEBUG][c.f.s.c.PrivilegesEvaluator] No date math indices found
[2017-10-23T16:35:01,277][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolved [.kibana] to [.kibana]
[2017-10-23T16:35:01,277][DEBUG][c.f.s.c.PrivilegesEvaluator] requested resolved indextypes: [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:01,277][DEBUG][c.f.s.c.PrivilegesEvaluator] mapped roles for Emtsev_S: [sg_all_access, sg_own_index, sg_public]
[2017-10-23T16:35:01,277][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_all_access
[2017-10-23T16:35:01,277][DEBUG][c.f.s.c.PrivilegesEvaluator]   Try wildcard match for *
[2017-10-23T16:35:01,277][DEBUG][c.f.s.c.PrivilegesEvaluator]   Wildcard match for *: [.kibana]
[2017-10-23T16:35:01,277][DEBUG][c.f.s.c.PrivilegesEvaluator]   matches for *, will check now types [*]
[2017-10-23T16:35:01,277][DEBUG][c.f.s.c.PrivilegesEvaluator]     match requested action indices:data/read/search against */*: [*]
[2017-10-23T16:35:01,277][DEBUG][c.f.s.c.PrivilegesEvaluator]     removed .kibana*
[2017-10-23T16:35:01,277][DEBUG][c.f.s.c.PrivilegesEvaluator] For index * remaining requested indextype: []
[2017-10-23T16:35:01,277][DEBUG][c.f.s.c.PrivilegesEvaluator] found a match for 'sg_all_access.*', evaluate other roles
[2017-10-23T16:35:01,277][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_all_access=>[]
[2017-10-23T16:35:01,277][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_own_index
[2017-10-23T16:35:01,277][DEBUG][c.f.s.c.PrivilegesEvaluator]   Resolve and match Emtsev_S
[2017-10-23T16:35:01,277][DEBUG][c.f.s.c.PrivilegesEvaluator] no permittedAliasesIndex 'Emtsev_S' found for  'indices:data/read/search'
[2017-10-23T16:35:01,277][DEBUG][c.f.s.c.PrivilegesEvaluator] permittedAliasesIndices '{Emtsev_S=org.elasticsearch.common.settings.Settings@37b8cba5}' -> '{*.0=INDICES_ALL}'
[2017-10-23T16:35:01,277][DEBUG][c.f.s.c.PrivilegesEvaluator] requestedResolvedIndexTypes '[IndexType [index=.kibana, type=*]]'
[2017-10-23T16:35:01,277][DEBUG][c.f.s.c.PrivilegesEvaluator]   resolved permitted aliases indices for Emtsev_S: [Emtsev_S]
[2017-10-23T16:35:01,277][DEBUG][c.f.s.c.PrivilegesEvaluator]   matches for Emtsev_S, will check now types [*]
[2017-10-23T16:35:01,277][DEBUG][c.f.s.c.PrivilegesEvaluator]     match requested action indices:data/read/search against Emtsev_S/*: [indices:*]
[2017-10-23T16:35:01,277][DEBUG][c.f.s.c.PrivilegesEvaluator]     no match Emtsev_S* in [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:01,277][DEBUG][c.f.s.c.PrivilegesEvaluator] For index Emtsev_S remaining requested indextype: [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:01,277][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_own_index=>[IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:01,277][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_public
[2017-10-23T16:35:01,277][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_public=>[IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:01,314][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http basic
[2017-10-23T16:35:01,315][DEBUG][c.f.s.a.BackendRegistry  ] User 'admin' is in cache? true (cache size: 5)
[2017-10-23T16:35:01,315][DEBUG][c.f.s.a.BackendRegistry  ] User 'User [name=admin, roles=[]]' is authenticated
[2017-10-23T16:35:01,315][DEBUG][c.f.s.a.BackendRegistry  ] sg_tenant 'null'
[2017-10-23T16:35:01,315][DEBUG][c.f.s.c.PrivilegesEvaluator] evaluate permissions for User [name=admin, roles=[]]
[2017-10-23T16:35:01,315][DEBUG][c.f.s.c.PrivilegesEvaluator] requested cluster:monitor/main from 10.70.124.113:40912
[2017-10-23T16:35:01,315][DEBUG][c.f.s.c.PrivilegesEvaluator] class org.elasticsearch.action.main.MainRequest is not an IndicesRequest
[2017-10-23T16:35:01,315][DEBUG][c.f.s.c.PrivilegesEvaluator] requested resolved indextypes: [IndexType [index=_all, type=*]]
[2017-10-23T16:35:01,315][DEBUG][c.f.s.c.PrivilegesEvaluator] mapped roles for admin: [sg_all_access, sg_own_index, sg_public]
[2017-10-23T16:35:01,315][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_all_access
[2017-10-23T16:35:01,315][DEBUG][c.f.s.c.PrivilegesEvaluator]   resolved cluster actions:[*]
[2017-10-23T16:35:01,315][DEBUG][c.f.s.c.PrivilegesEvaluator]   found a match for 'sg_all_access' and cluster:monitor/main, skip other roles
[2017-10-23T16:35:01,318][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http basic
[2017-10-23T16:35:01,318][DEBUG][c.f.s.a.BackendRegistry  ] User 'admin' is in cache? true (cache size: 5)
[2017-10-23T16:35:01,318][DEBUG][c.f.s.a.BackendRegistry  ] User 'User [name=admin, roles=[]]' is authenticated
[2017-10-23T16:35:01,318][DEBUG][c.f.s.a.BackendRegistry  ] sg_tenant 'null'
[2017-10-23T16:35:01,318][DEBUG][c.f.s.c.PrivilegesEvaluator] evaluate permissions for User [name=admin, roles=[]]
[2017-10-23T16:35:01,318][DEBUG][c.f.s.c.PrivilegesEvaluator] requested cluster:monitor/nodes/info from 10.70.124.113:40912
[2017-10-23T16:35:01,318][DEBUG][c.f.s.c.PrivilegesEvaluator] class org.elasticsearch.action.admin.cluster.node.info.NodesInfoRequest is not an IndicesRequest
[2017-10-23T16:35:01,318][DEBUG][c.f.s.c.PrivilegesEvaluator] requested resolved indextypes: [IndexType [index=_all, type=*]]
[2017-10-23T16:35:01,318][DEBUG][c.f.s.c.PrivilegesEvaluator] mapped roles for admin: [sg_all_access, sg_own_index, sg_public]
[2017-10-23T16:35:01,319][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_all_access
[2017-10-23T16:35:01,319][DEBUG][c.f.s.c.PrivilegesEvaluator]   resolved cluster actions:[*]
[2017-10-23T16:35:01,319][DEBUG][c.f.s.c.PrivilegesEvaluator]   found a match for 'sg_all_access' and cluster:monitor/nodes/info, skip other roles
[2017-10-23T16:35:01,325][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http basic
[2017-10-23T16:35:01,325][DEBUG][c.f.s.a.BackendRegistry  ] User 'admin' is in cache? true (cache size: 5)
[2017-10-23T16:35:01,325][DEBUG][c.f.s.a.BackendRegistry  ] User 'User [name=admin, roles=[]]' is authenticated
[2017-10-23T16:35:01,325][DEBUG][c.f.s.a.BackendRegistry  ] sg_tenant 'null'
[2017-10-23T16:35:01,325][DEBUG][c.f.s.c.PrivilegesEvaluator] evaluate permissions for User [name=admin, roles=[]]
[2017-10-23T16:35:01,325][DEBUG][c.f.s.c.PrivilegesEvaluator] requested cluster:monitor/nodes/info from 10.70.124.113:40912
[2017-10-23T16:35:01,325][DEBUG][c.f.s.c.PrivilegesEvaluator] class org.elasticsearch.action.admin.cluster.node.info.NodesInfoRequest is not an IndicesRequest
[2017-10-23T16:35:01,325][DEBUG][c.f.s.c.PrivilegesEvaluator] requested resolved indextypes: [IndexType [index=_all, type=*]]
[2017-10-23T16:35:01,325][DEBUG][c.f.s.c.PrivilegesEvaluator] mapped roles for admin: [sg_all_access, sg_own_index, sg_public]
[2017-10-23T16:35:01,325][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_all_access
[2017-10-23T16:35:01,325][DEBUG][c.f.s.c.PrivilegesEvaluator]   resolved cluster actions:[*]
[2017-10-23T16:35:01,325][DEBUG][c.f.s.c.PrivilegesEvaluator]   found a match for 'sg_all_access' and cluster:monitor/nodes/info, skip other roles
[2017-10-23T16:35:01,329][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http basic
[2017-10-23T16:35:01,329][DEBUG][c.f.s.a.BackendRegistry  ] User 'admin' is in cache? true (cache size: 5)
[2017-10-23T16:35:01,329][DEBUG][c.f.s.a.BackendRegistry  ] User 'User [name=admin, roles=[]]' is authenticated
[2017-10-23T16:35:01,329][DEBUG][c.f.s.a.BackendRegistry  ] sg_tenant 'null'
[2017-10-23T16:35:01,329][DEBUG][c.f.s.c.PrivilegesEvaluator] evaluate permissions for User [name=admin, roles=[]]
[2017-10-23T16:35:01,329][DEBUG][c.f.s.c.PrivilegesEvaluator] requested indices:data/read/mget from 10.70.124.113:40912
[2017-10-23T16:35:01,329][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolve [.kibana] from class org.elasticsearch.action.get.MultiGetRequest$Item
[2017-10-23T16:35:01,329][DEBUG][c.f.s.c.PrivilegesEvaluator] indicesOptions IndicesOptions[id=48, ignore_unavailable=false, allow_no_indices=false, expand_wildcards_open=false, expand_wildcards_closed=false, allow_alisases_to_multiple_indices=false, forbid_closed_indices=true]
[2017-10-23T16:35:01,329][DEBUG][c.f.s.c.PrivilegesEvaluator] 1 raw indices [.kibana]
[2017-10-23T16:35:01,329][DEBUG][c.f.s.c.PrivilegesEvaluator] No date math indices found
[2017-10-23T16:35:01,329][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolved [.kibana] to [.kibana]
[2017-10-23T16:35:01,329][DEBUG][c.f.s.c.PrivilegesEvaluator] requested resolved indextypes: [IndexType [index=.kibana, type=config]]
[2017-10-23T16:35:01,329][DEBUG][c.f.s.c.PrivilegesEvaluator] mapped roles for admin: [sg_all_access, sg_own_index, sg_public]
[2017-10-23T16:35:01,330][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_all_access
[2017-10-23T16:35:01,330][DEBUG][c.f.s.c.PrivilegesEvaluator]   resolved cluster actions:[*]
[2017-10-23T16:35:01,330][DEBUG][c.f.s.c.PrivilegesEvaluator]   found a match for 'sg_all_access' and indices:data/read/mget, skip other roles
[2017-10-23T16:35:01,330][DEBUG][c.f.s.c.PrivilegesEvaluator] evaluate permissions for User [name=admin, roles=[]]
[2017-10-23T16:35:01,330][DEBUG][c.f.s.c.PrivilegesEvaluator] requested indices:data/read/mget[shard] from 10.70.124.113:40912
[2017-10-23T16:35:01,330][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolve [.kibana] from class org.elasticsearch.action.get.MultiGetShardRequest
[2017-10-23T16:35:01,330][DEBUG][c.f.s.c.PrivilegesEvaluator] indicesOptions IndicesOptions[id=48, ignore_unavailable=false, allow_no_indices=false, expand_wildcards_open=false, expand_wildcards_closed=false, allow_alisases_to_multiple_indices=false, forbid_closed_indices=true]
[2017-10-23T16:35:01,330][DEBUG][c.f.s.c.PrivilegesEvaluator] 1 raw indices [.kibana]
[2017-10-23T16:35:01,330][DEBUG][c.f.s.c.PrivilegesEvaluator] No date math indices found
[2017-10-23T16:35:01,330][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolved [.kibana] to [.kibana]
[2017-10-23T16:35:01,330][DEBUG][c.f.s.c.PrivilegesEvaluator] requested resolved indextypes: [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:01,330][DEBUG][c.f.s.c.PrivilegesEvaluator] mapped roles for admin: [sg_all_access, sg_own_index, sg_public]
[2017-10-23T16:35:01,330][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_all_access
[2017-10-23T16:35:01,330][DEBUG][c.f.s.c.PrivilegesEvaluator]   Try wildcard match for *
[2017-10-23T16:35:01,330][DEBUG][c.f.s.c.PrivilegesEvaluator]   Wildcard match for *: [.kibana]
[2017-10-23T16:35:01,330][DEBUG][c.f.s.c.PrivilegesEvaluator]   matches for *, will check now types [*]
[2017-10-23T16:35:01,330][DEBUG][c.f.s.c.PrivilegesEvaluator]     match requested action indices:data/read/mget[shard] against */*: [*]
[2017-10-23T16:35:01,330][DEBUG][c.f.s.c.PrivilegesEvaluator]     removed .kibana*
[2017-10-23T16:35:01,330][DEBUG][c.f.s.c.PrivilegesEvaluator] For index * remaining requested indextype: []
[2017-10-23T16:35:01,330][DEBUG][c.f.s.c.PrivilegesEvaluator] found a match for 'sg_all_access.*', evaluate other roles
[2017-10-23T16:35:01,330][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_all_access=>[]
[2017-10-23T16:35:01,330][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_own_index
[2017-10-23T16:35:01,330][DEBUG][c.f.s.c.PrivilegesEvaluator]   Resolve and match admin
[2017-10-23T16:35:01,330][DEBUG][c.f.s.c.PrivilegesEvaluator] no permittedAliasesIndex 'admin' found for  'indices:data/read/mget[shard]'
[2017-10-23T16:35:01,330][DEBUG][c.f.s.c.PrivilegesEvaluator] permittedAliasesIndices '{admin=org.elasticsearch.common.settings.Settings@37b8cba5}' -> '{*.0=INDICES_ALL}'
[2017-10-23T16:35:01,330][DEBUG][c.f.s.c.PrivilegesEvaluator] requestedResolvedIndexTypes '[IndexType [index=.kibana, type=*]]'
[2017-10-23T16:35:01,330][DEBUG][c.f.s.c.PrivilegesEvaluator]   resolved permitted aliases indices for admin: [admin]
[2017-10-23T16:35:01,330][DEBUG][c.f.s.c.PrivilegesEvaluator]   matches for admin, will check now types [*]
[2017-10-23T16:35:01,330][DEBUG][c.f.s.c.PrivilegesEvaluator]     match requested action indices:data/read/mget[shard] against admin/*: [indices:*]
[2017-10-23T16:35:01,330][DEBUG][c.f.s.c.PrivilegesEvaluator]     no match admin* in [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:01,330][DEBUG][c.f.s.c.PrivilegesEvaluator] For index admin remaining requested indextype: [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:01,330][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_own_index=>[IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:01,330][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_public
[2017-10-23T16:35:01,331][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_public=>[IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:01,334][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http basic
[2017-10-23T16:35:01,334][DEBUG][c.f.s.a.BackendRegistry  ] User 'admin' is in cache? true (cache size: 5)
[2017-10-23T16:35:01,334][DEBUG][c.f.s.a.BackendRegistry  ] User 'User [name=admin, roles=[]]' is authenticated
[2017-10-23T16:35:01,334][DEBUG][c.f.s.a.BackendRegistry  ] sg_tenant 'null'
[2017-10-23T16:35:01,334][DEBUG][c.f.s.c.PrivilegesEvaluator] evaluate permissions for User [name=admin, roles=[]]
[2017-10-23T16:35:01,334][DEBUG][c.f.s.c.PrivilegesEvaluator] requested cluster:monitor/health from 10.70.124.113:40912
[2017-10-23T16:35:01,334][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolve [.kibana] from class org.elasticsearch.action.admin.cluster.health.ClusterHealthRequest
[2017-10-23T16:35:01,334][DEBUG][c.f.s.c.PrivilegesEvaluator] indicesOptions IndicesOptions[id=7, ignore_unavailable=true, allow_no_indices=true, expand_wildcards_open=true, expand_wildcards_closed=false, allow_alisases_to_multiple_indices=true, forbid_closed_indices=false]
[2017-10-23T16:35:01,334][DEBUG][c.f.s.c.PrivilegesEvaluator] 1 raw indices [.kibana]
[2017-10-23T16:35:01,334][DEBUG][c.f.s.c.PrivilegesEvaluator] No date math indices found
[2017-10-23T16:35:01,334][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolved [.kibana] to [.kibana]
[2017-10-23T16:35:01,334][DEBUG][c.f.s.c.PrivilegesEvaluator] requested resolved indextypes: [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:01,334][DEBUG][c.f.s.c.PrivilegesEvaluator] mapped roles for admin: [sg_all_access, sg_own_index, sg_public]
[2017-10-23T16:35:01,335][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_all_access
[2017-10-23T16:35:01,335][DEBUG][c.f.s.c.PrivilegesEvaluator]   resolved cluster actions:[*]
[2017-10-23T16:35:01,335][DEBUG][c.f.s.c.PrivilegesEvaluator]   found a match for 'sg_all_access' and cluster:monitor/health, skip other roles
[2017-10-23T16:35:01,337][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http basic
[2017-10-23T16:35:01,337][DEBUG][c.f.s.a.BackendRegistry  ] User 'admin' is in cache? true (cache size: 5)
[2017-10-23T16:35:01,337][DEBUG][c.f.s.a.BackendRegistry  ] User 'User [name=admin, roles=[]]' is authenticated
[2017-10-23T16:35:01,337][DEBUG][c.f.s.a.BackendRegistry  ] sg_tenant 'null'
[2017-10-23T16:35:01,337][DEBUG][c.f.s.c.PrivilegesEvaluator] evaluate permissions for User [name=admin, roles=[]]
[2017-10-23T16:35:01,337][DEBUG][c.f.s.c.PrivilegesEvaluator] requested indices:admin/get from 10.70.124.113:40912
[2017-10-23T16:35:01,337][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolve [.kibana] from class org.elasticsearch.action.admin.indices.get.GetIndexRequest
[2017-10-23T16:35:01,337][DEBUG][c.f.s.c.PrivilegesEvaluator] indicesOptions IndicesOptions[id=6, ignore_unavailable=false, allow_no_indices=true, expand_wildcards_open=true, expand_wildcards_closed=false, allow_alisases_to_multiple_indices=true, forbid_closed_indices=false]
[2017-10-23T16:35:01,337][DEBUG][c.f.s.c.PrivilegesEvaluator] 1 raw indices [.kibana]
[2017-10-23T16:35:01,337][DEBUG][c.f.s.c.PrivilegesEvaluator] No date math indices found
[2017-10-23T16:35:01,337][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolved [.kibana] to [.kibana]
[2017-10-23T16:35:01,337][DEBUG][c.f.s.c.PrivilegesEvaluator] requested resolved indextypes: [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:01,337][DEBUG][c.f.s.c.PrivilegesEvaluator] mapped roles for admin: [sg_all_access, sg_own_index, sg_public]
[2017-10-23T16:35:01,337][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_all_access
[2017-10-23T16:35:01,337][DEBUG][c.f.s.c.PrivilegesEvaluator]   Try wildcard match for *
[2017-10-23T16:35:01,337][DEBUG][c.f.s.c.PrivilegesEvaluator]   Wildcard match for *: [.kibana]
[2017-10-23T16:35:01,337][DEBUG][c.f.s.c.PrivilegesEvaluator]   matches for *, will check now types [*]
[2017-10-23T16:35:01,338][DEBUG][c.f.s.c.PrivilegesEvaluator]     match requested action indices:admin/get against */*: [*]
[2017-10-23T16:35:01,338][DEBUG][c.f.s.c.PrivilegesEvaluator]     removed .kibana*
[2017-10-23T16:35:01,338][DEBUG][c.f.s.c.PrivilegesEvaluator] For index * remaining requested indextype: []
[2017-10-23T16:35:01,338][DEBUG][c.f.s.c.PrivilegesEvaluator] found a match for 'sg_all_access.*', evaluate other roles
[2017-10-23T16:35:01,338][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_all_access=>[]
[2017-10-23T16:35:01,338][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_own_index
[2017-10-23T16:35:01,338][DEBUG][c.f.s.c.PrivilegesEvaluator]   Resolve and match admin
[2017-10-23T16:35:01,338][DEBUG][c.f.s.c.PrivilegesEvaluator] no permittedAliasesIndex 'admin' found for  'indices:admin/get'
[2017-10-23T16:35:01,338][DEBUG][c.f.s.c.PrivilegesEvaluator] permittedAliasesIndices '{admin=org.elasticsearch.common.settings.Settings@37b8cba5}' -> '{*.0=INDICES_ALL}'
[2017-10-23T16:35:01,338][DEBUG][c.f.s.c.PrivilegesEvaluator] requestedResolvedIndexTypes '[IndexType [index=.kibana, type=*]]'
[2017-10-23T16:35:01,338][DEBUG][c.f.s.c.PrivilegesEvaluator]   resolved permitted aliases indices for admin: [admin]
[2017-10-23T16:35:01,338][DEBUG][c.f.s.c.PrivilegesEvaluator]   matches for admin, will check now types [*]
[2017-10-23T16:35:01,338][DEBUG][c.f.s.c.PrivilegesEvaluator]     match requested action indices:admin/get against admin/*: [indices:*]
[2017-10-23T16:35:01,338][DEBUG][c.f.s.c.PrivilegesEvaluator]     no match admin* in [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:01,338][DEBUG][c.f.s.c.PrivilegesEvaluator] For index admin remaining requested indextype: [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:01,338][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_own_index=>[IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:01,338][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_public
[2017-10-23T16:35:01,338][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_public=>[IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:01,341][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http basic
[2017-10-23T16:35:01,341][DEBUG][c.f.s.a.BackendRegistry  ] User 'admin' is in cache? true (cache size: 5)
[2017-10-23T16:35:01,341][DEBUG][c.f.s.a.BackendRegistry  ] User 'User [name=admin, roles=[]]' is authenticated
[2017-10-23T16:35:01,341][DEBUG][c.f.s.a.BackendRegistry  ] sg_tenant 'null'
[2017-10-23T16:35:01,341][DEBUG][c.f.s.c.PrivilegesEvaluator] evaluate permissions for User [name=admin, roles=[]]
[2017-10-23T16:35:01,341][DEBUG][c.f.s.c.PrivilegesEvaluator] requested indices:data/read/search from 10.70.124.113:40912
[2017-10-23T16:35:01,341][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolve [.kibana] from class org.elasticsearch.action.search.SearchRequest
[2017-10-23T16:35:01,341][DEBUG][c.f.s.c.PrivilegesEvaluator] indicesOptions IndicesOptions[id=38, ignore_unavailable=false, allow_no_indices=true, expand_wildcards_open=true, expand_wildcards_closed=false, allow_alisases_to_multiple_indices=true, forbid_closed_indices=true]
[2017-10-23T16:35:01,341][DEBUG][c.f.s.c.PrivilegesEvaluator] 1 raw indices [.kibana]
[2017-10-23T16:35:01,341][DEBUG][c.f.s.c.PrivilegesEvaluator] No date math indices found
[2017-10-23T16:35:01,341][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolved [.kibana] to [.kibana]
[2017-10-23T16:35:01,341][DEBUG][c.f.s.c.PrivilegesEvaluator] requested resolved indextypes: [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:01,341][DEBUG][c.f.s.c.PrivilegesEvaluator] mapped roles for admin: [sg_all_access, sg_own_index, sg_public]
[2017-10-23T16:35:01,342][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_all_access
[2017-10-23T16:35:01,342][DEBUG][c.f.s.c.PrivilegesEvaluator]   Try wildcard match for *
[2017-10-23T16:35:01,342][DEBUG][c.f.s.c.PrivilegesEvaluator]   Wildcard match for *: [.kibana]
[2017-10-23T16:35:01,342][DEBUG][c.f.s.c.PrivilegesEvaluator]   matches for *, will check now types [*]
[2017-10-23T16:35:01,342][DEBUG][c.f.s.c.PrivilegesEvaluator]     match requested action indices:data/read/search against */*: [*]
[2017-10-23T16:35:01,342][DEBUG][c.f.s.c.PrivilegesEvaluator]     removed .kibana*
[2017-10-23T16:35:01,342][DEBUG][c.f.s.c.PrivilegesEvaluator] For index * remaining requested indextype: []
[2017-10-23T16:35:01,342][DEBUG][c.f.s.c.PrivilegesEvaluator] found a match for 'sg_all_access.*', evaluate other roles
[2017-10-23T16:35:01,342][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_all_access=>[]
[2017-10-23T16:35:01,342][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_own_index
[2017-10-23T16:35:01,342][DEBUG][c.f.s.c.PrivilegesEvaluator]   Resolve and match admin
[2017-10-23T16:35:01,342][DEBUG][c.f.s.c.PrivilegesEvaluator] no permittedAliasesIndex 'admin' found for  'indices:data/read/search'
[2017-10-23T16:35:01,342][DEBUG][c.f.s.c.PrivilegesEvaluator] permittedAliasesIndices '{admin=org.elasticsearch.common.settings.Settings@37b8cba5}' -> '{*.0=INDICES_ALL}'
[2017-10-23T16:35:01,342][DEBUG][c.f.s.c.PrivilegesEvaluator] requestedResolvedIndexTypes '[IndexType [index=.kibana, type=*]]'
[2017-10-23T16:35:01,342][DEBUG][c.f.s.c.PrivilegesEvaluator]   resolved permitted aliases indices for admin: [admin]
[2017-10-23T16:35:01,342][DEBUG][c.f.s.c.PrivilegesEvaluator]   matches for admin, will check now types [*]
[2017-10-23T16:35:01,342][DEBUG][c.f.s.c.PrivilegesEvaluator]     match requested action indices:data/read/search against admin/*: [indices:*]
[2017-10-23T16:35:01,342][DEBUG][c.f.s.c.PrivilegesEvaluator]     no match admin* in [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:01,342][DEBUG][c.f.s.c.PrivilegesEvaluator] For index admin remaining requested indextype: [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:01,342][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_own_index=>[IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:01,342][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_public
[2017-10-23T16:35:01,342][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_public=>[IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:01,348][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http basic
[2017-10-23T16:35:01,348][DEBUG][c.f.s.a.BackendRegistry  ] User 'admin' is in cache? true (cache size: 5)
[2017-10-23T16:35:01,348][DEBUG][c.f.s.a.BackendRegistry  ] User 'User [name=admin, roles=[]]' is authenticated
[2017-10-23T16:35:01,348][DEBUG][c.f.s.a.BackendRegistry  ] sg_tenant 'null'
[2017-10-23T16:35:01,348][DEBUG][c.f.s.c.PrivilegesEvaluator] evaluate permissions for User [name=admin, roles=[]]
[2017-10-23T16:35:01,348][DEBUG][c.f.s.c.PrivilegesEvaluator] requested cluster:monitor/state from 10.70.124.113:40916
[2017-10-23T16:35:01,348][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolve [] from class org.elasticsearch.action.admin.cluster.state.ClusterStateRequest
[2017-10-23T16:35:01,348][DEBUG][c.f.s.c.PrivilegesEvaluator] indicesOptions IndicesOptions[id=7, ignore_unavailable=true, allow_no_indices=true, expand_wildcards_open=true, expand_wildcards_closed=false, allow_alisases_to_multiple_indices=true, forbid_closed_indices=false]
[2017-10-23T16:35:01,348][DEBUG][c.f.s.c.PrivilegesEvaluator] 0 raw indices []
[2017-10-23T16:35:01,348][DEBUG][c.f.s.c.PrivilegesEvaluator] No indices found in request, assume _all
[2017-10-23T16:35:01,348][DEBUG][c.f.s.c.PrivilegesEvaluator] requested resolved indextypes: [IndexType [index=logstash-2015.05.18, type=*], IndexType [index=logstash-2015.05.19, type=*], IndexType [index=mos-2017.10.17, type=*], IndexType [index=.kibana_1853788673_admemtsevs, type=*], IndexType [index=twitter, type=*], IndexType [index=watcher, type=*], IndexType [index=sentinl_users, type=*], IndexType [index=shakespeare, type=*], IndexType [index=logstash-2015.05.20, type=*], IndexType [index=searchguard, type=*], IndexType [index=bank, type=*], IndexType [index=watcher_alarms-2017.10.20, type=*], IndexType [index=.kibana, type=*], IndexType [index=.kibana_1378793996_emtsevs, type=*], IndexType [index=watcher_alarms, type=*]]
[2017-10-23T16:35:01,348][DEBUG][c.f.s.c.PrivilegesEvaluator] mapped roles for admin: [sg_all_access, sg_own_index, sg_public]
[2017-10-23T16:35:01,349][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_all_access
[2017-10-23T16:35:01,349][DEBUG][c.f.s.c.PrivilegesEvaluator]   resolved cluster actions:[*]
[2017-10-23T16:35:01,349][DEBUG][c.f.s.c.PrivilegesEvaluator]   found a match for 'sg_all_access' and cluster:monitor/state, skip other roles
[2017-10-23T16:35:02,163][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http basic
[2017-10-23T16:35:02,163][DEBUG][c.f.s.a.BackendRegistry  ] User 'kibanaserver' is in cache? true (cache size: 5)
[2017-10-23T16:35:02,163][DEBUG][c.f.s.a.BackendRegistry  ] User 'User [name=kibanaserver, roles=[]]' is authenticated
[2017-10-23T16:35:02,163][DEBUG][c.f.s.a.BackendRegistry  ] sg_tenant 'null'
[2017-10-23T16:35:02,163][DEBUG][c.f.s.c.PrivilegesEvaluator] evaluate permissions for User [name=kibanaserver, roles=[]]
[2017-10-23T16:35:02,164][DEBUG][c.f.s.c.PrivilegesEvaluator] requested cluster:monitor/main from 10.70.124.115:60006
[2017-10-23T16:35:02,164][DEBUG][c.f.s.c.PrivilegesEvaluator] class org.elasticsearch.action.main.MainRequest is not an IndicesRequest
[2017-10-23T16:35:02,164][DEBUG][c.f.s.c.PrivilegesEvaluator] requested resolved indextypes: [IndexType [index=_all, type=*]]
[2017-10-23T16:35:02,164][DEBUG][c.f.s.c.PrivilegesEvaluator] mapped roles for kibanaserver: [sg_all_access, sg_kibana_server, sg_own_index, sg_public]
[2017-10-23T16:35:02,164][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_all_access
[2017-10-23T16:35:02,164][DEBUG][c.f.s.c.PrivilegesEvaluator]   resolved cluster actions:[*]
[2017-10-23T16:35:02,164][DEBUG][c.f.s.c.PrivilegesEvaluator]   found a match for 'sg_all_access' and cluster:monitor/main, skip other roles
[2017-10-23T16:35:02,166][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http basic
[2017-10-23T16:35:02,166][DEBUG][c.f.s.a.BackendRegistry  ] User 'kibanaserver' is in cache? true (cache size: 5)
[2017-10-23T16:35:02,166][DEBUG][c.f.s.a.BackendRegistry  ] User 'User [name=kibanaserver, roles=[]]' is authenticated
[2017-10-23T16:35:02,166][DEBUG][c.f.s.a.BackendRegistry  ] sg_tenant 'null'
[2017-10-23T16:35:02,166][DEBUG][c.f.s.c.PrivilegesEvaluator] evaluate permissions for User [name=kibanaserver, roles=[]]
[2017-10-23T16:35:02,166][DEBUG][c.f.s.c.PrivilegesEvaluator] requested cluster:monitor/nodes/info from 10.70.124.115:59972
[2017-10-23T16:35:02,166][DEBUG][c.f.s.c.PrivilegesEvaluator] class org.elasticsearch.action.admin.cluster.node.info.NodesInfoRequest is not an IndicesRequest
[2017-10-23T16:35:02,166][DEBUG][c.f.s.c.PrivilegesEvaluator] requested resolved indextypes: [IndexType [index=_all, type=*]]
[2017-10-23T16:35:02,166][DEBUG][c.f.s.c.PrivilegesEvaluator] mapped roles for kibanaserver: [sg_all_access, sg_kibana_server, sg_own_index, sg_public]
[2017-10-23T16:35:02,167][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_all_access
[2017-10-23T16:35:02,167][DEBUG][c.f.s.c.PrivilegesEvaluator]   resolved cluster actions:[*]
[2017-10-23T16:35:02,167][DEBUG][c.f.s.c.PrivilegesEvaluator]   found a match for 'sg_all_access' and cluster:monitor/nodes/info, skip other roles
[2017-10-23T16:35:02,173][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http basic
[2017-10-23T16:35:02,173][DEBUG][c.f.s.a.BackendRegistry  ] User 'kibanaserver' is in cache? true (cache size: 5)
[2017-10-23T16:35:02,173][DEBUG][c.f.s.a.BackendRegistry  ] User 'User [name=kibanaserver, roles=[]]' is authenticated
[2017-10-23T16:35:02,173][DEBUG][c.f.s.a.BackendRegistry  ] sg_tenant 'null'
[2017-10-23T16:35:02,173][DEBUG][c.f.s.c.PrivilegesEvaluator] evaluate permissions for User [name=kibanaserver, roles=[]]
[2017-10-23T16:35:02,173][DEBUG][c.f.s.c.PrivilegesEvaluator] requested cluster:monitor/nodes/info from 10.70.124.115:60006
[2017-10-23T16:35:02,173][DEBUG][c.f.s.c.PrivilegesEvaluator] class org.elasticsearch.action.admin.cluster.node.info.NodesInfoRequest is not an IndicesRequest
[2017-10-23T16:35:02,173][DEBUG][c.f.s.c.PrivilegesEvaluator] requested resolved indextypes: [IndexType [index=_all, type=*]]
[2017-10-23T16:35:02,173][DEBUG][c.f.s.c.PrivilegesEvaluator] mapped roles for kibanaserver: [sg_all_access, sg_kibana_server, sg_own_index, sg_public]
[2017-10-23T16:35:02,174][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_all_access
[2017-10-23T16:35:02,174][DEBUG][c.f.s.c.PrivilegesEvaluator]   resolved cluster actions:[*]
[2017-10-23T16:35:02,174][DEBUG][c.f.s.c.PrivilegesEvaluator]   found a match for 'sg_all_access' and cluster:monitor/nodes/info, skip other roles
[2017-10-23T16:35:02,177][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http basic
[2017-10-23T16:35:02,177][DEBUG][c.f.s.a.BackendRegistry  ] User 'kibanaserver' is in cache? true (cache size: 5)
[2017-10-23T16:35:02,177][DEBUG][c.f.s.a.BackendRegistry  ] User 'User [name=kibanaserver, roles=[]]' is authenticated
[2017-10-23T16:35:02,177][DEBUG][c.f.s.a.BackendRegistry  ] sg_tenant 'null'
[2017-10-23T16:35:02,177][DEBUG][c.f.s.c.PrivilegesEvaluator] evaluate permissions for User [name=kibanaserver, roles=[]]
[2017-10-23T16:35:02,177][DEBUG][c.f.s.c.PrivilegesEvaluator] requested indices:data/read/mget from 10.70.124.115:59972
[2017-10-23T16:35:02,177][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolve [.kibana] from class org.elasticsearch.action.get.MultiGetRequest$Item
[2017-10-23T16:35:02,177][DEBUG][c.f.s.c.PrivilegesEvaluator] indicesOptions IndicesOptions[id=48, ignore_unavailable=false, allow_no_indices=false, expand_wildcards_open=false, expand_wildcards_closed=false, allow_alisases_to_multiple_indices=false, forbid_closed_indices=true]
[2017-10-23T16:35:02,177][DEBUG][c.f.s.c.PrivilegesEvaluator] 1 raw indices [.kibana]
[2017-10-23T16:35:02,177][DEBUG][c.f.s.c.PrivilegesEvaluator] No date math indices found
[2017-10-23T16:35:02,177][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolved [.kibana] to [.kibana]
[2017-10-23T16:35:02,177][DEBUG][c.f.s.c.PrivilegesEvaluator] requested resolved indextypes: [IndexType [index=.kibana, type=config]]
[2017-10-23T16:35:02,177][DEBUG][c.f.s.c.PrivilegesEvaluator] mapped roles for kibanaserver: [sg_all_access, sg_kibana_server, sg_own_index, sg_public]
[2017-10-23T16:35:02,177][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_all_access
[2017-10-23T16:35:02,177][DEBUG][c.f.s.c.PrivilegesEvaluator]   resolved cluster actions:[*]
[2017-10-23T16:35:02,177][DEBUG][c.f.s.c.PrivilegesEvaluator]   found a match for 'sg_all_access' and indices:data/read/mget, skip other roles
[2017-10-23T16:35:02,177][DEBUG][c.f.s.c.PrivilegesEvaluator] evaluate permissions for User [name=kibanaserver, roles=[]]
[2017-10-23T16:35:02,177][DEBUG][c.f.s.c.PrivilegesEvaluator] requested indices:data/read/mget[shard] from 10.70.124.115:59972
[2017-10-23T16:35:02,177][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolve [.kibana] from class org.elasticsearch.action.get.MultiGetShardRequest
[2017-10-23T16:35:02,178][DEBUG][c.f.s.c.PrivilegesEvaluator] indicesOptions IndicesOptions[id=48, ignore_unavailable=false, allow_no_indices=false, expand_wildcards_open=false, expand_wildcards_closed=false, allow_alisases_to_multiple_indices=false, forbid_closed_indices=true]
[2017-10-23T16:35:02,178][DEBUG][c.f.s.c.PrivilegesEvaluator] 1 raw indices [.kibana]
[2017-10-23T16:35:02,178][DEBUG][c.f.s.c.PrivilegesEvaluator] No date math indices found
[2017-10-23T16:35:02,178][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolved [.kibana] to [.kibana]
[2017-10-23T16:35:02,178][DEBUG][c.f.s.c.PrivilegesEvaluator] requested resolved indextypes: [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:02,178][DEBUG][c.f.s.c.PrivilegesEvaluator] mapped roles for kibanaserver: [sg_all_access, sg_kibana_server, sg_own_index, sg_public]
[2017-10-23T16:35:02,178][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_all_access
[2017-10-23T16:35:02,178][DEBUG][c.f.s.c.PrivilegesEvaluator]   Try wildcard match for *
[2017-10-23T16:35:02,178][DEBUG][c.f.s.c.PrivilegesEvaluator]   Wildcard match for *: [.kibana]
[2017-10-23T16:35:02,178][DEBUG][c.f.s.c.PrivilegesEvaluator]   matches for *, will check now types [*]
[2017-10-23T16:35:02,178][DEBUG][c.f.s.c.PrivilegesEvaluator]     match requested action indices:data/read/mget[shard] against */*: [*]
[2017-10-23T16:35:02,178][DEBUG][c.f.s.c.PrivilegesEvaluator]     removed .kibana*
[2017-10-23T16:35:02,178][DEBUG][c.f.s.c.PrivilegesEvaluator] For index * remaining requested indextype: []
[2017-10-23T16:35:02,178][DEBUG][c.f.s.c.PrivilegesEvaluator] found a match for 'sg_all_access.*', evaluate other roles
[2017-10-23T16:35:02,178][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_all_access=>[]
[2017-10-23T16:35:02,178][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_kibana_server
[2017-10-23T16:35:02,178][DEBUG][c.f.s.c.PrivilegesEvaluator]   Try wildcard match for watcher*
[2017-10-23T16:35:02,178][DEBUG][c.f.s.c.PrivilegesEvaluator]   No wildcard match found for watcher*
[2017-10-23T16:35:02,178][DEBUG][c.f.s.c.PrivilegesEvaluator] For index watcher* remaining requested indextype: [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:02,178][DEBUG][c.f.s.c.PrivilegesEvaluator]   Try wildcard match for ?kibana
[2017-10-23T16:35:02,178][DEBUG][c.f.s.c.PrivilegesEvaluator]   Wildcard match for ?kibana: [.kibana]
[2017-10-23T16:35:02,178][DEBUG][c.f.s.c.PrivilegesEvaluator]   matches for ?kibana, will check now types [*]
[2017-10-23T16:35:02,178][DEBUG][c.f.s.c.PrivilegesEvaluator]     match requested action indices:data/read/mget[shard] against ?kibana/*: [indices:*]
[2017-10-23T16:35:02,178][DEBUG][c.f.s.c.PrivilegesEvaluator]     removed .kibana*
[2017-10-23T16:35:02,178][DEBUG][c.f.s.c.PrivilegesEvaluator] For index ?kibana remaining requested indextype: []
[2017-10-23T16:35:02,178][DEBUG][c.f.s.c.PrivilegesEvaluator] found a match for 'sg_kibana_server.?kibana', evaluate other roles
[2017-10-23T16:35:02,178][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_kibana_server=>[]
[2017-10-23T16:35:02,178][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_own_index
[2017-10-23T16:35:02,178][DEBUG][c.f.s.c.PrivilegesEvaluator]   Resolve and match kibanaserver
[2017-10-23T16:35:02,178][DEBUG][c.f.s.c.PrivilegesEvaluator] no permittedAliasesIndex 'kibanaserver' found for  'indices:data/read/mget[shard]'
[2017-10-23T16:35:02,178][DEBUG][c.f.s.c.PrivilegesEvaluator] permittedAliasesIndices '{kibanaserver=org.elasticsearch.common.settings.Settings@37b8cba5}' -> '{*.0=INDICES_ALL}'
[2017-10-23T16:35:02,178][DEBUG][c.f.s.c.PrivilegesEvaluator] requestedResolvedIndexTypes '[IndexType [index=.kibana, type=*]]'
[2017-10-23T16:35:02,178][DEBUG][c.f.s.c.PrivilegesEvaluator]   resolved permitted aliases indices for kibanaserver: [kibanaserver]
[2017-10-23T16:35:02,178][DEBUG][c.f.s.c.PrivilegesEvaluator]   matches for kibanaserver, will check now types [*]
[2017-10-23T16:35:02,178][DEBUG][c.f.s.c.PrivilegesEvaluator]     match requested action indices:data/read/mget[shard] against kibanaserver/*: [indices:*]
[2017-10-23T16:35:02,178][DEBUG][c.f.s.c.PrivilegesEvaluator]     no match kibanaserver* in [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:02,178][DEBUG][c.f.s.c.PrivilegesEvaluator] For index kibanaserver remaining requested indextype: [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:02,179][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_own_index=>[IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:02,179][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_public
[2017-10-23T16:35:02,179][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_public=>[IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:02,182][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http basic
[2017-10-23T16:35:02,182][DEBUG][c.f.s.a.BackendRegistry  ] User 'kibanaserver' is in cache? true (cache size: 5)
[2017-10-23T16:35:02,182][DEBUG][c.f.s.a.BackendRegistry  ] User 'User [name=kibanaserver, roles=[]]' is authenticated
[2017-10-23T16:35:02,183][DEBUG][c.f.s.a.BackendRegistry  ] sg_tenant 'null'
[2017-10-23T16:35:02,183][DEBUG][c.f.s.c.PrivilegesEvaluator] evaluate permissions for User [name=kibanaserver, roles=[]]
[2017-10-23T16:35:02,183][DEBUG][c.f.s.c.PrivilegesEvaluator] requested cluster:monitor/health from 10.70.124.115:60006
[2017-10-23T16:35:02,183][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolve [.kibana] from class org.elasticsearch.action.admin.cluster.health.ClusterHealthRequest
[2017-10-23T16:35:02,183][DEBUG][c.f.s.c.PrivilegesEvaluator] indicesOptions IndicesOptions[id=7, ignore_unavailable=true, allow_no_indices=true, expand_wildcards_open=true, expand_wildcards_closed=false, allow_alisases_to_multiple_indices=true, forbid_closed_indices=false]
[2017-10-23T16:35:02,183][DEBUG][c.f.s.c.PrivilegesEvaluator] 1 raw indices [.kibana]
[2017-10-23T16:35:02,183][DEBUG][c.f.s.c.PrivilegesEvaluator] No date math indices found
[2017-10-23T16:35:02,183][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolved [.kibana] to [.kibana]
[2017-10-23T16:35:02,183][DEBUG][c.f.s.c.PrivilegesEvaluator] requested resolved indextypes: [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:02,183][DEBUG][c.f.s.c.PrivilegesEvaluator] mapped roles for kibanaserver: [sg_all_access, sg_kibana_server, sg_own_index, sg_public]
[2017-10-23T16:35:02,183][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_all_access
[2017-10-23T16:35:02,183][DEBUG][c.f.s.c.PrivilegesEvaluator]   resolved cluster actions:[*]
[2017-10-23T16:35:02,183][DEBUG][c.f.s.c.PrivilegesEvaluator]   found a match for 'sg_all_access' and cluster:monitor/health, skip other roles
[2017-10-23T16:35:02,185][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http basic
[2017-10-23T16:35:02,185][DEBUG][c.f.s.a.BackendRegistry  ] User 'kibanaserver' is in cache? true (cache size: 5)
[2017-10-23T16:35:02,185][DEBUG][c.f.s.a.BackendRegistry  ] User 'User [name=kibanaserver, roles=[]]' is authenticated
[2017-10-23T16:35:02,185][DEBUG][c.f.s.a.BackendRegistry  ] sg_tenant 'null'
[2017-10-23T16:35:02,185][DEBUG][c.f.s.c.PrivilegesEvaluator] evaluate permissions for User [name=kibanaserver, roles=[]]
[2017-10-23T16:35:02,186][DEBUG][c.f.s.c.PrivilegesEvaluator] requested indices:admin/get from 10.70.124.115:59972
[2017-10-23T16:35:02,186][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolve [.kibana] from class org.elasticsearch.action.admin.indices.get.GetIndexRequest
[2017-10-23T16:35:02,186][DEBUG][c.f.s.c.PrivilegesEvaluator] indicesOptions IndicesOptions[id=6, ignore_unavailable=false, allow_no_indices=true, expand_wildcards_open=true, expand_wildcards_closed=false, allow_alisases_to_multiple_indices=true, forbid_closed_indices=false]
[2017-10-23T16:35:02,186][DEBUG][c.f.s.c.PrivilegesEvaluator] 1 raw indices [.kibana]
[2017-10-23T16:35:02,186][DEBUG][c.f.s.c.PrivilegesEvaluator] No date math indices found
[2017-10-23T16:35:02,186][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolved [.kibana] to [.kibana]
[2017-10-23T16:35:02,186][DEBUG][c.f.s.c.PrivilegesEvaluator] requested resolved indextypes: [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:02,186][DEBUG][c.f.s.c.PrivilegesEvaluator] mapped roles for kibanaserver: [sg_all_access, sg_kibana_server, sg_own_index, sg_public]
[2017-10-23T16:35:02,186][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_all_access
[2017-10-23T16:35:02,186][DEBUG][c.f.s.c.PrivilegesEvaluator]   Try wildcard match for *
[2017-10-23T16:35:02,186][DEBUG][c.f.s.c.PrivilegesEvaluator]   Wildcard match for *: [.kibana]
[2017-10-23T16:35:02,186][DEBUG][c.f.s.c.PrivilegesEvaluator]   matches for *, will check now types [*]
[2017-10-23T16:35:02,186][DEBUG][c.f.s.c.PrivilegesEvaluator]     match requested action indices:admin/get against */*: [*]
[2017-10-23T16:35:02,186][DEBUG][c.f.s.c.PrivilegesEvaluator]     removed .kibana*
[2017-10-23T16:35:02,186][DEBUG][c.f.s.c.PrivilegesEvaluator] For index * remaining requested indextype: []
[2017-10-23T16:35:02,186][DEBUG][c.f.s.c.PrivilegesEvaluator] found a match for 'sg_all_access.*', evaluate other roles
[2017-10-23T16:35:02,186][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_all_access=>[]
[2017-10-23T16:35:02,186][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_kibana_server
[2017-10-23T16:35:02,186][DEBUG][c.f.s.c.PrivilegesEvaluator]   Try wildcard match for watcher*
[2017-10-23T16:35:02,186][DEBUG][c.f.s.c.PrivilegesEvaluator]   No wildcard match found for watcher*
[2017-10-23T16:35:02,186][DEBUG][c.f.s.c.PrivilegesEvaluator] For index watcher* remaining requested indextype: [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:02,186][DEBUG][c.f.s.c.PrivilegesEvaluator]   Try wildcard match for ?kibana
[2017-10-23T16:35:02,186][DEBUG][c.f.s.c.PrivilegesEvaluator]   Wildcard match for ?kibana: [.kibana]
[2017-10-23T16:35:02,186][DEBUG][c.f.s.c.PrivilegesEvaluator]   matches for ?kibana, will check now types [*]
[2017-10-23T16:35:02,186][DEBUG][c.f.s.c.PrivilegesEvaluator]     match requested action indices:admin/get against ?kibana/*: [indices:*]
[2017-10-23T16:35:02,186][DEBUG][c.f.s.c.PrivilegesEvaluator]     removed .kibana*
[2017-10-23T16:35:02,186][DEBUG][c.f.s.c.PrivilegesEvaluator] For index ?kibana remaining requested indextype: []
[2017-10-23T16:35:02,186][DEBUG][c.f.s.c.PrivilegesEvaluator] found a match for 'sg_kibana_server.?kibana', evaluate other roles
[2017-10-23T16:35:02,186][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_kibana_server=>[]
[2017-10-23T16:35:02,186][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_own_index
[2017-10-23T16:35:02,186][DEBUG][c.f.s.c.PrivilegesEvaluator]   Resolve and match kibanaserver
[2017-10-23T16:35:02,186][DEBUG][c.f.s.c.PrivilegesEvaluator] no permittedAliasesIndex 'kibanaserver' found for  'indices:admin/get'
[2017-10-23T16:35:02,186][DEBUG][c.f.s.c.PrivilegesEvaluator] permittedAliasesIndices '{kibanaserver=org.elasticsearch.common.settings.Settings@37b8cba5}' -> '{*.0=INDICES_ALL}'
[2017-10-23T16:35:02,186][DEBUG][c.f.s.c.PrivilegesEvaluator] requestedResolvedIndexTypes '[IndexType [index=.kibana, type=*]]'
[2017-10-23T16:35:02,186][DEBUG][c.f.s.c.PrivilegesEvaluator]   resolved permitted aliases indices for kibanaserver: [kibanaserver]
[2017-10-23T16:35:02,187][DEBUG][c.f.s.c.PrivilegesEvaluator]   matches for kibanaserver, will check now types [*]
[2017-10-23T16:35:02,187][DEBUG][c.f.s.c.PrivilegesEvaluator]     match requested action indices:admin/get against kibanaserver/*: [indices:*]
[2017-10-23T16:35:02,187][DEBUG][c.f.s.c.PrivilegesEvaluator]     no match kibanaserver* in [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:02,187][DEBUG][c.f.s.c.PrivilegesEvaluator] For index kibanaserver remaining requested indextype: [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:02,187][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_own_index=>[IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:02,187][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_public
[2017-10-23T16:35:02,187][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_public=>[IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:02,190][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http basic
[2017-10-23T16:35:02,190][DEBUG][c.f.s.a.BackendRegistry  ] User 'kibanaserver' is in cache? true (cache size: 5)
[2017-10-23T16:35:02,190][DEBUG][c.f.s.a.BackendRegistry  ] User 'User [name=kibanaserver, roles=[]]' is authenticated
[2017-10-23T16:35:02,190][DEBUG][c.f.s.a.BackendRegistry  ] sg_tenant 'null'
[2017-10-23T16:35:02,190][DEBUG][c.f.s.c.PrivilegesEvaluator] evaluate permissions for User [name=kibanaserver, roles=[]]
[2017-10-23T16:35:02,190][DEBUG][c.f.s.c.PrivilegesEvaluator] requested indices:data/read/search from 10.70.124.115:60006
[2017-10-23T16:35:02,190][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolve [.kibana] from class org.elasticsearch.action.search.SearchRequest
[2017-10-23T16:35:02,190][DEBUG][c.f.s.c.PrivilegesEvaluator] indicesOptions IndicesOptions[id=38, ignore_unavailable=false, allow_no_indices=true, expand_wildcards_open=true, expand_wildcards_closed=false, allow_alisases_to_multiple_indices=true, forbid_closed_indices=true]
[2017-10-23T16:35:02,190][DEBUG][c.f.s.c.PrivilegesEvaluator] 1 raw indices [.kibana]
[2017-10-23T16:35:02,190][DEBUG][c.f.s.c.PrivilegesEvaluator] No date math indices found
[2017-10-23T16:35:02,190][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolved [.kibana] to [.kibana]
[2017-10-23T16:35:02,190][DEBUG][c.f.s.c.PrivilegesEvaluator] requested resolved indextypes: [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:02,190][DEBUG][c.f.s.c.PrivilegesEvaluator] mapped roles for kibanaserver: [sg_all_access, sg_kibana_server, sg_own_index, sg_public]
[2017-10-23T16:35:02,191][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_all_access
[2017-10-23T16:35:02,191][DEBUG][c.f.s.c.PrivilegesEvaluator]   Try wildcard match for *
[2017-10-23T16:35:02,191][DEBUG][c.f.s.c.PrivilegesEvaluator]   Wildcard match for *: [.kibana]
[2017-10-23T16:35:02,191][DEBUG][c.f.s.c.PrivilegesEvaluator]   matches for *, will check now types [*]
[2017-10-23T16:35:02,191][DEBUG][c.f.s.c.PrivilegesEvaluator]     match requested action indices:data/read/search against */*: [*]
[2017-10-23T16:35:02,191][DEBUG][c.f.s.c.PrivilegesEvaluator]     removed .kibana*
[2017-10-23T16:35:02,191][DEBUG][c.f.s.c.PrivilegesEvaluator] For index * remaining requested indextype: []
[2017-10-23T16:35:02,191][DEBUG][c.f.s.c.PrivilegesEvaluator] found a match for 'sg_all_access.*', evaluate other roles
[2017-10-23T16:35:02,191][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_all_access=>[]
[2017-10-23T16:35:02,191][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_kibana_server
[2017-10-23T16:35:02,191][DEBUG][c.f.s.c.PrivilegesEvaluator]   Try wildcard match for watcher*
[2017-10-23T16:35:02,191][DEBUG][c.f.s.c.PrivilegesEvaluator]   No wildcard match found for watcher*
[2017-10-23T16:35:02,191][DEBUG][c.f.s.c.PrivilegesEvaluator] For index watcher* remaining requested indextype: [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:02,191][DEBUG][c.f.s.c.PrivilegesEvaluator]   Try wildcard match for ?kibana
[2017-10-23T16:35:02,191][DEBUG][c.f.s.c.PrivilegesEvaluator]   Wildcard match for ?kibana: [.kibana]
[2017-10-23T16:35:02,191][DEBUG][c.f.s.c.PrivilegesEvaluator]   matches for ?kibana, will check now types [*]
[2017-10-23T16:35:02,191][DEBUG][c.f.s.c.PrivilegesEvaluator]     match requested action indices:data/read/search against ?kibana/*: [indices:*]
[2017-10-23T16:35:02,191][DEBUG][c.f.s.c.PrivilegesEvaluator]     removed .kibana*
[2017-10-23T16:35:02,191][DEBUG][c.f.s.c.PrivilegesEvaluator] For index ?kibana remaining requested indextype: []
[2017-10-23T16:35:02,191][DEBUG][c.f.s.c.PrivilegesEvaluator] found a match for 'sg_kibana_server.?kibana', evaluate other roles
[2017-10-23T16:35:02,191][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_kibana_server=>[]
[2017-10-23T16:35:02,191][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_own_index
[2017-10-23T16:35:02,191][DEBUG][c.f.s.c.PrivilegesEvaluator]   Resolve and match kibanaserver
[2017-10-23T16:35:02,191][DEBUG][c.f.s.c.PrivilegesEvaluator] no permittedAliasesIndex 'kibanaserver' found for  'indices:data/read/search'
[2017-10-23T16:35:02,191][DEBUG][c.f.s.c.PrivilegesEvaluator] permittedAliasesIndices '{kibanaserver=org.elasticsearch.common.settings.Settings@37b8cba5}' -> '{*.0=INDICES_ALL}'
[2017-10-23T16:35:02,191][DEBUG][c.f.s.c.PrivilegesEvaluator] requestedResolvedIndexTypes '[IndexType [index=.kibana, type=*]]'
[2017-10-23T16:35:02,191][DEBUG][c.f.s.c.PrivilegesEvaluator]   resolved permitted aliases indices for kibanaserver: [kibanaserver]
[2017-10-23T16:35:02,191][DEBUG][c.f.s.c.PrivilegesEvaluator]   matches for kibanaserver, will check now types [*]
[2017-10-23T16:35:02,191][DEBUG][c.f.s.c.PrivilegesEvaluator]     match requested action indices:data/read/search against kibanaserver/*: [indices:*]
[2017-10-23T16:35:02,191][DEBUG][c.f.s.c.PrivilegesEvaluator]     no match kibanaserver* in [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:02,191][DEBUG][c.f.s.c.PrivilegesEvaluator] For index kibanaserver remaining requested indextype: [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:02,191][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_own_index=>[IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:02,191][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_public
[2017-10-23T16:35:02,191][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_public=>[IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:02,197][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http basic
[2017-10-23T16:35:02,197][DEBUG][c.f.s.a.BackendRegistry  ] User 'kibanaserver' is in cache? true (cache size: 5)
[2017-10-23T16:35:02,197][DEBUG][c.f.s.a.BackendRegistry  ] User 'User [name=kibanaserver, roles=[]]' is authenticated
[2017-10-23T16:35:02,197][DEBUG][c.f.s.a.BackendRegistry  ] sg_tenant 'null'
[2017-10-23T16:35:02,197][DEBUG][c.f.s.c.PrivilegesEvaluator] evaluate permissions for User [name=kibanaserver, roles=[]]
[2017-10-23T16:35:02,197][DEBUG][c.f.s.c.PrivilegesEvaluator] requested cluster:monitor/state from 10.70.124.115:33476
[2017-10-23T16:35:02,197][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolve [] from class org.elasticsearch.action.admin.cluster.state.ClusterStateRequest
[2017-10-23T16:35:02,197][DEBUG][c.f.s.c.PrivilegesEvaluator] indicesOptions IndicesOptions[id=7, ignore_unavailable=true, allow_no_indices=true, expand_wildcards_open=true, expand_wildcards_closed=false, allow_alisases_to_multiple_indices=true, forbid_closed_indices=false]
[2017-10-23T16:35:02,197][DEBUG][c.f.s.c.PrivilegesEvaluator] 0 raw indices []
[2017-10-23T16:35:02,197][DEBUG][c.f.s.c.PrivilegesEvaluator] No indices found in request, assume _all
[2017-10-23T16:35:02,197][DEBUG][c.f.s.c.PrivilegesEvaluator] requested resolved indextypes: [IndexType [index=logstash-2015.05.18, type=*], IndexType [index=logstash-2015.05.19, type=*], IndexType [index=mos-2017.10.17, type=*], IndexType [index=.kibana_1853788673_admemtsevs, type=*], IndexType [index=twitter, type=*], IndexType [index=watcher, type=*], IndexType [index=sentinl_users, type=*], IndexType [index=shakespeare, type=*], IndexType [index=logstash-2015.05.20, type=*], IndexType [index=searchguard, type=*], IndexType [index=bank, type=*], IndexType [index=watcher_alarms-2017.10.20, type=*], IndexType [index=.kibana, type=*], IndexType [index=.kibana_1378793996_emtsevs, type=*], IndexType [index=watcher_alarms, type=*]]
[2017-10-23T16:35:02,197][DEBUG][c.f.s.c.PrivilegesEvaluator] mapped roles for kibanaserver: [sg_all_access, sg_kibana_server, sg_own_index, sg_public]
[2017-10-23T16:35:02,197][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_all_access
[2017-10-23T16:35:02,197][DEBUG][c.f.s.c.PrivilegesEvaluator]   resolved cluster actions:[*]
[2017-10-23T16:35:02,197][DEBUG][c.f.s.c.PrivilegesEvaluator]   found a match for 'sg_all_access' and cluster:monitor/state, skip other roles
[2017-10-23T16:35:02,462][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http basic
[2017-10-23T16:35:02,462][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http spnego
[2017-10-23T16:35:02,469][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http basic
[2017-10-23T16:35:02,469][DEBUG][c.f.s.a.BackendRegistry  ] User 'kibanaserver' is in cache? true (cache size: 5)
[2017-10-23T16:35:02,469][DEBUG][c.f.s.a.BackendRegistry  ] User 'User [name=kibanaserver, roles=[]]' is authenticated
[2017-10-23T16:35:02,469][DEBUG][c.f.s.a.BackendRegistry  ] sg_tenant 'null'
[2017-10-23T16:35:02,469][DEBUG][c.f.s.c.PrivilegesEvaluator] evaluate permissions for User [name=kibanaserver, roles=[]]
[2017-10-23T16:35:02,469][DEBUG][c.f.s.c.PrivilegesEvaluator] requested cluster:monitor/main from 10.70.124.111:39398
[2017-10-23T16:35:02,469][DEBUG][c.f.s.c.PrivilegesEvaluator] class org.elasticsearch.action.main.MainRequest is not an IndicesRequest
[2017-10-23T16:35:02,469][DEBUG][c.f.s.c.PrivilegesEvaluator] requested resolved indextypes: [IndexType [index=_all, type=*]]
[2017-10-23T16:35:02,469][DEBUG][c.f.s.c.PrivilegesEvaluator] mapped roles for kibanaserver: [sg_all_access, sg_kibana_server, sg_own_index, sg_public]
[2017-10-23T16:35:02,470][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_all_access
[2017-10-23T16:35:02,470][DEBUG][c.f.s.c.PrivilegesEvaluator]   resolved cluster actions:[*]
[2017-10-23T16:35:02,470][DEBUG][c.f.s.c.PrivilegesEvaluator]   found a match for 'sg_all_access' and cluster:monitor/main, skip other roles
[2017-10-23T16:35:02,472][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http basic
[2017-10-23T16:35:02,472][DEBUG][c.f.s.a.BackendRegistry  ] User 'kibanaserver' is in cache? true (cache size: 5)
[2017-10-23T16:35:02,472][DEBUG][c.f.s.a.BackendRegistry  ] User 'User [name=kibanaserver, roles=[]]' is authenticated
[2017-10-23T16:35:02,472][DEBUG][c.f.s.a.BackendRegistry  ] sg_tenant 'null'
[2017-10-23T16:35:02,472][DEBUG][c.f.s.c.PrivilegesEvaluator] evaluate permissions for User [name=kibanaserver, roles=[]]
[2017-10-23T16:35:02,472][DEBUG][c.f.s.c.PrivilegesEvaluator] requested cluster:monitor/nodes/info from 10.70.124.111:39442
[2017-10-23T16:35:02,472][DEBUG][c.f.s.c.PrivilegesEvaluator] class org.elasticsearch.action.admin.cluster.node.info.NodesInfoRequest is not an IndicesRequest
[2017-10-23T16:35:02,472][DEBUG][c.f.s.c.PrivilegesEvaluator] requested resolved indextypes: [IndexType [index=_all, type=*]]
[2017-10-23T16:35:02,472][DEBUG][c.f.s.c.PrivilegesEvaluator] mapped roles for kibanaserver: [sg_all_access, sg_kibana_server, sg_own_index, sg_public]
[2017-10-23T16:35:02,472][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_all_access
[2017-10-23T16:35:02,472][DEBUG][c.f.s.c.PrivilegesEvaluator]   resolved cluster actions:[*]
[2017-10-23T16:35:02,472][DEBUG][c.f.s.c.PrivilegesEvaluator]   found a match for 'sg_all_access' and cluster:monitor/nodes/info, skip other roles
[2017-10-23T16:35:02,477][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http basic
[2017-10-23T16:35:02,477][WARN ][c.f.s.h.HTTPBasicAuthenticator] No 'Basic Authorization' header, send 401 and 'WWW-Authenticate Basic'
[2017-10-23T16:35:02,477][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http spnego
[2017-10-23T16:35:02,478][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http basic
[2017-10-23T16:35:02,478][DEBUG][c.f.s.a.BackendRegistry  ] User 'kibanaserver' is in cache? true (cache size: 5)
[2017-10-23T16:35:02,479][DEBUG][c.f.s.a.BackendRegistry  ] User 'User [name=kibanaserver, roles=[]]' is authenticated
[2017-10-23T16:35:02,479][DEBUG][c.f.s.a.BackendRegistry  ] sg_tenant 'null'
[2017-10-23T16:35:02,479][DEBUG][c.f.s.c.PrivilegesEvaluator] evaluate permissions for User [name=kibanaserver, roles=[]]
[2017-10-23T16:35:02,479][DEBUG][c.f.s.c.PrivilegesEvaluator] requested cluster:monitor/nodes/info from 10.70.124.111:39398
[2017-10-23T16:35:02,479][DEBUG][c.f.s.c.PrivilegesEvaluator] class org.elasticsearch.action.admin.cluster.node.info.NodesInfoRequest is not an IndicesRequest
[2017-10-23T16:35:02,479][DEBUG][c.f.s.c.PrivilegesEvaluator] requested resolved indextypes: [IndexType [index=_all, type=*]]
[2017-10-23T16:35:02,479][DEBUG][c.f.s.c.PrivilegesEvaluator] mapped roles for kibanaserver: [sg_all_access, sg_kibana_server, sg_own_index, sg_public]
[2017-10-23T16:35:02,479][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_all_access
[2017-10-23T16:35:02,479][DEBUG][c.f.s.c.PrivilegesEvaluator]   resolved cluster actions:[*]
[2017-10-23T16:35:02,479][DEBUG][c.f.s.c.PrivilegesEvaluator]   found a match for 'sg_all_access' and cluster:monitor/nodes/info, skip other roles
[2017-10-23T16:35:02,483][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http basic
[2017-10-23T16:35:02,483][DEBUG][c.f.s.a.BackendRegistry  ] User 'Emtsev_S' is in cache? true (cache size: 5)
[2017-10-23T16:35:02,483][DEBUG][c.f.s.a.BackendRegistry  ] User 'kibanaserver' is in cache? true (cache size: 5)
[2017-10-23T16:35:02,483][DEBUG][c.f.s.a.BackendRegistry  ] User 'User [name=Emtsev_S, roles=[]]' is authenticated
[2017-10-23T16:35:02,483][DEBUG][c.f.s.a.BackendRegistry  ] sg_tenant 'null'
[2017-10-23T16:35:02,483][DEBUG][c.f.s.a.BackendRegistry  ] User 'User [name=kibanaserver, roles=[]]' is authenticated
[2017-10-23T16:35:02,483][DEBUG][c.f.s.a.BackendRegistry  ] sg_tenant 'null'
[2017-10-23T16:35:02,484][DEBUG][c.f.s.c.PrivilegesEvaluator] evaluate permissions for User [name=kibanaserver, roles=[]]
[2017-10-23T16:35:02,484][DEBUG][c.f.s.c.PrivilegesEvaluator] requested indices:data/read/mget from 10.70.124.111:39442
[2017-10-23T16:35:02,484][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolve [.kibana] from class org.elasticsearch.action.get.MultiGetRequest$Item
[2017-10-23T16:35:02,484][DEBUG][c.f.s.c.PrivilegesEvaluator] evaluate permissions for User [name=Emtsev_S, roles=[]]
[2017-10-23T16:35:02,484][DEBUG][c.f.s.c.PrivilegesEvaluator] requested indices:data/read/search from 10.70.124.115:34296
[2017-10-23T16:35:02,484][DEBUG][c.f.s.c.PrivilegesEvaluator] indicesOptions IndicesOptions[id=48, ignore_unavailable=false, allow_no_indices=false, expand_wildcards_open=false, expand_wildcards_closed=false, allow_alisases_to_multiple_indices=false, forbid_closed_indices=true]
[2017-10-23T16:35:02,484][DEBUG][c.f.s.c.PrivilegesEvaluator] 1 raw indices [.kibana]
[2017-10-23T16:35:02,484][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolve [.kibana] from class org.elasticsearch.action.search.SearchRequest
[2017-10-23T16:35:02,484][DEBUG][c.f.s.c.PrivilegesEvaluator] No date math indices found
[2017-10-23T16:35:02,484][DEBUG][c.f.s.c.PrivilegesEvaluator] indicesOptions IndicesOptions[id=38, ignore_unavailable=false, allow_no_indices=true, expand_wildcards_open=true, expand_wildcards_closed=false, allow_alisases_to_multiple_indices=true, forbid_closed_indices=true]
[2017-10-23T16:35:02,484][DEBUG][c.f.s.c.PrivilegesEvaluator] 1 raw indices [.kibana]
[2017-10-23T16:35:02,484][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolved [.kibana] to [.kibana]
[2017-10-23T16:35:02,484][DEBUG][c.f.s.c.PrivilegesEvaluator] No date math indices found
[2017-10-23T16:35:02,484][DEBUG][c.f.s.c.PrivilegesEvaluator] requested resolved indextypes: [IndexType [index=.kibana, type=config]]
[2017-10-23T16:35:02,484][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolved [.kibana] to [.kibana]
[2017-10-23T16:35:02,484][DEBUG][c.f.s.c.PrivilegesEvaluator] requested resolved indextypes: [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:02,484][DEBUG][c.f.s.c.PrivilegesEvaluator] mapped roles for kibanaserver: [sg_all_access, sg_kibana_server, sg_own_index, sg_public]
[2017-10-23T16:35:02,484][DEBUG][c.f.s.c.PrivilegesEvaluator] mapped roles for Emtsev_S: [sg_all_access, sg_own_index, sg_public]
[2017-10-23T16:35:02,484][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_all_access
[2017-10-23T16:35:02,484][DEBUG][c.f.s.c.PrivilegesEvaluator]   resolved cluster actions:[*]
[2017-10-23T16:35:02,484][DEBUG][c.f.s.c.PrivilegesEvaluator]   found a match for 'sg_all_access' and indices:data/read/mget, skip other roles
[2017-10-23T16:35:02,484][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_all_access
[2017-10-23T16:35:02,484][DEBUG][c.f.s.c.PrivilegesEvaluator] evaluate permissions for User [name=kibanaserver, roles=[]]
[2017-10-23T16:35:02,484][DEBUG][c.f.s.c.PrivilegesEvaluator]   Try wildcard match for *
[2017-10-23T16:35:02,485][DEBUG][c.f.s.c.PrivilegesEvaluator] requested indices:data/read/mget[shard] from 10.70.124.111:39442
[2017-10-23T16:35:02,485][DEBUG][c.f.s.c.PrivilegesEvaluator]   Wildcard match for *: [.kibana]
[2017-10-23T16:35:02,485][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolve [.kibana] from class org.elasticsearch.action.get.MultiGetShardRequest
[2017-10-23T16:35:02,485][DEBUG][c.f.s.c.PrivilegesEvaluator]   matches for *, will check now types [*]
[2017-10-23T16:35:02,485][DEBUG][c.f.s.c.PrivilegesEvaluator] indicesOptions IndicesOptions[id=48, ignore_unavailable=false, allow_no_indices=false, expand_wildcards_open=false, expand_wildcards_closed=false, allow_alisases_to_multiple_indices=false, forbid_closed_indices=true]
[2017-10-23T16:35:02,485][DEBUG][c.f.s.c.PrivilegesEvaluator] 1 raw indices [.kibana]
[2017-10-23T16:35:02,485][DEBUG][c.f.s.c.PrivilegesEvaluator]     match requested action indices:data/read/search against */*: [*]
[2017-10-23T16:35:02,485][DEBUG][c.f.s.c.PrivilegesEvaluator] No date math indices found
[2017-10-23T16:35:02,485][DEBUG][c.f.s.c.PrivilegesEvaluator]     removed .kibana*
[2017-10-23T16:35:02,485][DEBUG][c.f.s.c.PrivilegesEvaluator] For index * remaining requested indextype: []
[2017-10-23T16:35:02,485][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolved [.kibana] to [.kibana]
[2017-10-23T16:35:02,485][DEBUG][c.f.s.c.PrivilegesEvaluator] found a match for 'sg_all_access.*', evaluate other roles
[2017-10-23T16:35:02,485][DEBUG][c.f.s.c.PrivilegesEvaluator] requested resolved indextypes: [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:02,485][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_all_access=>[]
[2017-10-23T16:35:02,485][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_own_index
[2017-10-23T16:35:02,485][DEBUG][c.f.s.c.PrivilegesEvaluator]   Resolve and match Emtsev_S
[2017-10-23T16:35:02,485][DEBUG][c.f.s.c.PrivilegesEvaluator] no permittedAliasesIndex 'Emtsev_S' found for  'indices:data/read/search'
[2017-10-23T16:35:02,485][DEBUG][c.f.s.c.PrivilegesEvaluator] mapped roles for kibanaserver: [sg_all_access, sg_kibana_server, sg_own_index, sg_public]
[2017-10-23T16:35:02,485][DEBUG][c.f.s.c.PrivilegesEvaluator] permittedAliasesIndices '{Emtsev_S=org.elasticsearch.common.settings.Settings@37b8cba5}' -> '{*.0=INDICES_ALL}'
[2017-10-23T16:35:02,485][DEBUG][c.f.s.c.PrivilegesEvaluator] requestedResolvedIndexTypes '[IndexType [index=.kibana, type=*]]'
[2017-10-23T16:35:02,485][DEBUG][c.f.s.c.PrivilegesEvaluator]   resolved permitted aliases indices for Emtsev_S: [Emtsev_S]
[2017-10-23T16:35:02,485][DEBUG][c.f.s.c.PrivilegesEvaluator]   matches for Emtsev_S, will check now types [*]
[2017-10-23T16:35:02,485][DEBUG][c.f.s.c.PrivilegesEvaluator]     match requested action indices:data/read/search against Emtsev_S/*: [indices:*]
[2017-10-23T16:35:02,485][DEBUG][c.f.s.c.PrivilegesEvaluator]     no match Emtsev_S* in [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:02,485][DEBUG][c.f.s.c.PrivilegesEvaluator] For index Emtsev_S remaining requested indextype: [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:02,485][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_own_index=>[IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:02,485][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_all_access
[2017-10-23T16:35:02,485][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_public
[2017-10-23T16:35:02,485][DEBUG][c.f.s.c.PrivilegesEvaluator]   Try wildcard match for *
[2017-10-23T16:35:02,485][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_public=>[IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:02,485][DEBUG][c.f.s.c.PrivilegesEvaluator]   Wildcard match for *: [.kibana]
[2017-10-23T16:35:02,485][DEBUG][c.f.s.c.PrivilegesEvaluator]   matches for *, will check now types [*]
[2017-10-23T16:35:02,485][DEBUG][c.f.s.c.PrivilegesEvaluator]     match requested action indices:data/read/mget[shard] against */*: [*]
[2017-10-23T16:35:02,485][DEBUG][c.f.s.c.PrivilegesEvaluator]     removed .kibana*
[2017-10-23T16:35:02,485][DEBUG][c.f.s.c.PrivilegesEvaluator] For index * remaining requested indextype: []
[2017-10-23T16:35:02,485][DEBUG][c.f.s.c.PrivilegesEvaluator] found a match for 'sg_all_access.*', evaluate other roles
[2017-10-23T16:35:02,485][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_all_access=>[]
[2017-10-23T16:35:02,485][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_kibana_server
[2017-10-23T16:35:02,486][DEBUG][c.f.s.c.PrivilegesEvaluator]   Try wildcard match for watcher*
[2017-10-23T16:35:02,486][DEBUG][c.f.s.c.PrivilegesEvaluator]   No wildcard match found for watcher*
[2017-10-23T16:35:02,486][DEBUG][c.f.s.c.PrivilegesEvaluator] For index watcher* remaining requested indextype: [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:02,486][DEBUG][c.f.s.c.PrivilegesEvaluator]   Try wildcard match for ?kibana
[2017-10-23T16:35:02,486][DEBUG][c.f.s.c.PrivilegesEvaluator]   Wildcard match for ?kibana: [.kibana]
[2017-10-23T16:35:02,486][DEBUG][c.f.s.c.PrivilegesEvaluator]   matches for ?kibana, will check now types [*]
[2017-10-23T16:35:02,486][DEBUG][c.f.s.c.PrivilegesEvaluator]     match requested action indices:data/read/mget[shard] against ?kibana/*: [indices:*]
[2017-10-23T16:35:02,486][DEBUG][c.f.s.c.PrivilegesEvaluator]     removed .kibana*
[2017-10-23T16:35:02,486][DEBUG][c.f.s.c.PrivilegesEvaluator] For index ?kibana remaining requested indextype: []
[2017-10-23T16:35:02,486][DEBUG][c.f.s.c.PrivilegesEvaluator] found a match for 'sg_kibana_server.?kibana', evaluate other roles
[2017-10-23T16:35:02,486][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_kibana_server=>[]
[2017-10-23T16:35:02,486][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_own_index
[2017-10-23T16:35:02,486][DEBUG][c.f.s.c.PrivilegesEvaluator]   Resolve and match kibanaserver
[2017-10-23T16:35:02,486][DEBUG][c.f.s.c.PrivilegesEvaluator] no permittedAliasesIndex 'kibanaserver' found for  'indices:data/read/mget[shard]'
[2017-10-23T16:35:02,486][DEBUG][c.f.s.c.PrivilegesEvaluator] permittedAliasesIndices '{kibanaserver=org.elasticsearch.common.settings.Settings@37b8cba5}' -> '{*.0=INDICES_ALL}'
[2017-10-23T16:35:02,486][DEBUG][c.f.s.c.PrivilegesEvaluator] requestedResolvedIndexTypes '[IndexType [index=.kibana, type=*]]'
[2017-10-23T16:35:02,486][DEBUG][c.f.s.c.PrivilegesEvaluator]   resolved permitted aliases indices for kibanaserver: [kibanaserver]
[2017-10-23T16:35:02,486][DEBUG][c.f.s.c.PrivilegesEvaluator]   matches for kibanaserver, will check now types [*]
[2017-10-23T16:35:02,486][DEBUG][c.f.s.c.PrivilegesEvaluator]     match requested action indices:data/read/mget[shard] against kibanaserver/*: [indices:*]
[2017-10-23T16:35:02,486][DEBUG][c.f.s.c.PrivilegesEvaluator]     no match kibanaserver* in [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:02,486][DEBUG][c.f.s.c.PrivilegesEvaluator] For index kibanaserver remaining requested indextype: [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:02,486][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_own_index=>[IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:02,486][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_public
[2017-10-23T16:35:02,486][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_public=>[IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:02,490][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http basic
[2017-10-23T16:35:02,490][DEBUG][c.f.s.a.BackendRegistry  ] User 'kibanaserver' is in cache? true (cache size: 5)
[2017-10-23T16:35:02,490][DEBUG][c.f.s.a.BackendRegistry  ] User 'User [name=kibanaserver, roles=[]]' is authenticated
[2017-10-23T16:35:02,491][DEBUG][c.f.s.a.BackendRegistry  ] sg_tenant 'null'
[2017-10-23T16:35:02,491][DEBUG][c.f.s.c.PrivilegesEvaluator] evaluate permissions for User [name=kibanaserver, roles=[]]
[2017-10-23T16:35:02,491][DEBUG][c.f.s.c.PrivilegesEvaluator] requested cluster:monitor/health from 10.70.124.111:39398
[2017-10-23T16:35:02,491][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolve [.kibana] from class org.elasticsearch.action.admin.cluster.health.ClusterHealthRequest
[2017-10-23T16:35:02,491][DEBUG][c.f.s.c.PrivilegesEvaluator] indicesOptions IndicesOptions[id=7, ignore_unavailable=true, allow_no_indices=true, expand_wildcards_open=true, expand_wildcards_closed=false, allow_alisases_to_multiple_indices=true, forbid_closed_indices=false]
[2017-10-23T16:35:02,491][DEBUG][c.f.s.c.PrivilegesEvaluator] 1 raw indices [.kibana]
[2017-10-23T16:35:02,491][DEBUG][c.f.s.c.PrivilegesEvaluator] No date math indices found
[2017-10-23T16:35:02,491][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolved [.kibana] to [.kibana]
[2017-10-23T16:35:02,491][DEBUG][c.f.s.c.PrivilegesEvaluator] requested resolved indextypes: [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:02,491][DEBUG][c.f.s.c.PrivilegesEvaluator] mapped roles for kibanaserver: [sg_all_access, sg_kibana_server, sg_own_index, sg_public]
[2017-10-23T16:35:02,491][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_all_access
[2017-10-23T16:35:02,491][DEBUG][c.f.s.c.PrivilegesEvaluator]   resolved cluster actions:[*]
[2017-10-23T16:35:02,491][DEBUG][c.f.s.c.PrivilegesEvaluator]   found a match for 'sg_all_access' and cluster:monitor/health, skip other roles
[2017-10-23T16:35:02,493][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http basic
[2017-10-23T16:35:02,494][DEBUG][c.f.s.a.BackendRegistry  ] User 'kibanaserver' is in cache? true (cache size: 5)
[2017-10-23T16:35:02,494][DEBUG][c.f.s.a.BackendRegistry  ] User 'User [name=kibanaserver, roles=[]]' is authenticated
[2017-10-23T16:35:02,494][DEBUG][c.f.s.a.BackendRegistry  ] sg_tenant 'null'
[2017-10-23T16:35:02,494][DEBUG][c.f.s.c.PrivilegesEvaluator] evaluate permissions for User [name=kibanaserver, roles=[]]
[2017-10-23T16:35:02,494][DEBUG][c.f.s.c.PrivilegesEvaluator] requested indices:admin/get from 10.70.124.111:39442
[2017-10-23T16:35:02,494][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolve [.kibana] from class org.elasticsearch.action.admin.indices.get.GetIndexRequest
[2017-10-23T16:35:02,494][DEBUG][c.f.s.c.PrivilegesEvaluator] indicesOptions IndicesOptions[id=6, ignore_unavailable=false, allow_no_indices=true, expand_wildcards_open=true, expand_wildcards_closed=false, allow_alisases_to_multiple_indices=true, forbid_closed_indices=false]
[2017-10-23T16:35:02,494][DEBUG][c.f.s.c.PrivilegesEvaluator] 1 raw indices [.kibana]
[2017-10-23T16:35:02,494][DEBUG][c.f.s.c.PrivilegesEvaluator] No date math indices found
[2017-10-23T16:35:02,494][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolved [.kibana] to [.kibana]
[2017-10-23T16:35:02,494][DEBUG][c.f.s.c.PrivilegesEvaluator] requested resolved indextypes: [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:02,494][DEBUG][c.f.s.c.PrivilegesEvaluator] mapped roles for kibanaserver: [sg_all_access, sg_kibana_server, sg_own_index, sg_public]
[2017-10-23T16:35:02,494][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_all_access
[2017-10-23T16:35:02,494][DEBUG][c.f.s.c.PrivilegesEvaluator]   Try wildcard match for *
[2017-10-23T16:35:02,494][DEBUG][c.f.s.c.PrivilegesEvaluator]   Wildcard match for *: [.kibana]
[2017-10-23T16:35:02,494][DEBUG][c.f.s.c.PrivilegesEvaluator]   matches for *, will check now types [*]
[2017-10-23T16:35:02,494][DEBUG][c.f.s.c.PrivilegesEvaluator]     match requested action indices:admin/get against */*: [*]
[2017-10-23T16:35:02,494][DEBUG][c.f.s.c.PrivilegesEvaluator]     removed .kibana*
[2017-10-23T16:35:02,494][DEBUG][c.f.s.c.PrivilegesEvaluator] For index * remaining requested indextype: []
[2017-10-23T16:35:02,494][DEBUG][c.f.s.c.PrivilegesEvaluator] found a match for 'sg_all_access.*', evaluate other roles
[2017-10-23T16:35:02,494][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_all_access=>[]
[2017-10-23T16:35:02,494][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_kibana_server
[2017-10-23T16:35:02,494][DEBUG][c.f.s.c.PrivilegesEvaluator]   Try wildcard match for watcher*
[2017-10-23T16:35:02,495][DEBUG][c.f.s.c.PrivilegesEvaluator]   No wildcard match found for watcher*
[2017-10-23T16:35:02,495][DEBUG][c.f.s.c.PrivilegesEvaluator] For index watcher* remaining requested indextype: [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:02,495][DEBUG][c.f.s.c.PrivilegesEvaluator]   Try wildcard match for ?kibana
[2017-10-23T16:35:02,495][DEBUG][c.f.s.c.PrivilegesEvaluator]   Wildcard match for ?kibana: [.kibana]
[2017-10-23T16:35:02,495][DEBUG][c.f.s.c.PrivilegesEvaluator]   matches for ?kibana, will check now types [*]
[2017-10-23T16:35:02,495][DEBUG][c.f.s.c.PrivilegesEvaluator]     match requested action indices:admin/get against ?kibana/*: [indices:*]
[2017-10-23T16:35:02,495][DEBUG][c.f.s.c.PrivilegesEvaluator]     removed .kibana*
[2017-10-23T16:35:02,495][DEBUG][c.f.s.c.PrivilegesEvaluator] For index ?kibana remaining requested indextype: []
[2017-10-23T16:35:02,495][DEBUG][c.f.s.c.PrivilegesEvaluator] found a match for 'sg_kibana_server.?kibana', evaluate other roles
[2017-10-23T16:35:02,495][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_kibana_server=>[]
[2017-10-23T16:35:02,495][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_own_index
[2017-10-23T16:35:02,495][DEBUG][c.f.s.c.PrivilegesEvaluator]   Resolve and match kibanaserver
[2017-10-23T16:35:02,495][DEBUG][c.f.s.c.PrivilegesEvaluator] no permittedAliasesIndex 'kibanaserver' found for  'indices:admin/get'
[2017-10-23T16:35:02,495][DEBUG][c.f.s.c.PrivilegesEvaluator] permittedAliasesIndices '{kibanaserver=org.elasticsearch.common.settings.Settings@37b8cba5}' -> '{*.0=INDICES_ALL}'
[2017-10-23T16:35:02,495][DEBUG][c.f.s.c.PrivilegesEvaluator] requestedResolvedIndexTypes '[IndexType [index=.kibana, type=*]]'
[2017-10-23T16:35:02,495][DEBUG][c.f.s.c.PrivilegesEvaluator]   resolved permitted aliases indices for kibanaserver: [kibanaserver]
[2017-10-23T16:35:02,495][DEBUG][c.f.s.c.PrivilegesEvaluator]   matches for kibanaserver, will check now types [*]
[2017-10-23T16:35:02,495][DEBUG][c.f.s.c.PrivilegesEvaluator]     match requested action indices:admin/get against kibanaserver/*: [indices:*]
[2017-10-23T16:35:02,495][DEBUG][c.f.s.c.PrivilegesEvaluator]     no match kibanaserver* in [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:02,495][DEBUG][c.f.s.c.PrivilegesEvaluator] For index kibanaserver remaining requested indextype: [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:02,495][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_own_index=>[IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:02,495][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_public
[2017-10-23T16:35:02,495][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_public=>[IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:02,498][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http basic
[2017-10-23T16:35:02,498][DEBUG][c.f.s.a.BackendRegistry  ] User 'kibanaserver' is in cache? true (cache size: 5)
[2017-10-23T16:35:02,498][DEBUG][c.f.s.a.BackendRegistry  ] User 'User [name=kibanaserver, roles=[]]' is authenticated
[2017-10-23T16:35:02,498][DEBUG][c.f.s.a.BackendRegistry  ] sg_tenant 'null'
[2017-10-23T16:35:02,498][DEBUG][c.f.s.c.PrivilegesEvaluator] evaluate permissions for User [name=kibanaserver, roles=[]]
[2017-10-23T16:35:02,498][DEBUG][c.f.s.c.PrivilegesEvaluator] requested indices:data/read/search from 10.70.124.111:39398
[2017-10-23T16:35:02,498][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolve [.kibana] from class org.elasticsearch.action.search.SearchRequest
[2017-10-23T16:35:02,498][DEBUG][c.f.s.c.PrivilegesEvaluator] indicesOptions IndicesOptions[id=38, ignore_unavailable=false, allow_no_indices=true, expand_wildcards_open=true, expand_wildcards_closed=false, allow_alisases_to_multiple_indices=true, forbid_closed_indices=true]
[2017-10-23T16:35:02,498][DEBUG][c.f.s.c.PrivilegesEvaluator] 1 raw indices [.kibana]
[2017-10-23T16:35:02,498][DEBUG][c.f.s.c.PrivilegesEvaluator] No date math indices found
[2017-10-23T16:35:02,498][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolved [.kibana] to [.kibana]
[2017-10-23T16:35:02,498][DEBUG][c.f.s.c.PrivilegesEvaluator] requested resolved indextypes: [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:02,499][DEBUG][c.f.s.c.PrivilegesEvaluator] mapped roles for kibanaserver: [sg_all_access, sg_kibana_server, sg_own_index, sg_public]
[2017-10-23T16:35:02,499][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_all_access
[2017-10-23T16:35:02,499][DEBUG][c.f.s.c.PrivilegesEvaluator]   Try wildcard match for *
[2017-10-23T16:35:02,499][DEBUG][c.f.s.c.PrivilegesEvaluator]   Wildcard match for *: [.kibana]
[2017-10-23T16:35:02,499][DEBUG][c.f.s.c.PrivilegesEvaluator]   matches for *, will check now types [*]
[2017-10-23T16:35:02,499][DEBUG][c.f.s.c.PrivilegesEvaluator]     match requested action indices:data/read/search against */*: [*]
[2017-10-23T16:35:02,499][DEBUG][c.f.s.c.PrivilegesEvaluator]     removed .kibana*
[2017-10-23T16:35:02,499][DEBUG][c.f.s.c.PrivilegesEvaluator] For index * remaining requested indextype: []
[2017-10-23T16:35:02,499][DEBUG][c.f.s.c.PrivilegesEvaluator] found a match for 'sg_all_access.*', evaluate other roles
[2017-10-23T16:35:02,499][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_all_access=>[]
[2017-10-23T16:35:02,499][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_kibana_server
[2017-10-23T16:35:02,499][DEBUG][c.f.s.c.PrivilegesEvaluator]   Try wildcard match for watcher*
[2017-10-23T16:35:02,499][DEBUG][c.f.s.c.PrivilegesEvaluator]   No wildcard match found for watcher*
[2017-10-23T16:35:02,499][DEBUG][c.f.s.c.PrivilegesEvaluator] For index watcher* remaining requested indextype: [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:02,499][DEBUG][c.f.s.c.PrivilegesEvaluator]   Try wildcard match for ?kibana
[2017-10-23T16:35:02,499][DEBUG][c.f.s.c.PrivilegesEvaluator]   Wildcard match for ?kibana: [.kibana]
[2017-10-23T16:35:02,499][DEBUG][c.f.s.c.PrivilegesEvaluator]   matches for ?kibana, will check now types [*]
[2017-10-23T16:35:02,499][DEBUG][c.f.s.c.PrivilegesEvaluator]     match requested action indices:data/read/search against ?kibana/*: [indices:*]
[2017-10-23T16:35:02,499][DEBUG][c.f.s.c.PrivilegesEvaluator]     removed .kibana*
[2017-10-23T16:35:02,499][DEBUG][c.f.s.c.PrivilegesEvaluator] For index ?kibana remaining requested indextype: []
[2017-10-23T16:35:02,499][DEBUG][c.f.s.c.PrivilegesEvaluator] found a match for 'sg_kibana_server.?kibana', evaluate other roles
[2017-10-23T16:35:02,499][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_kibana_server=>[]
[2017-10-23T16:35:02,499][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_own_index
[2017-10-23T16:35:02,499][DEBUG][c.f.s.c.PrivilegesEvaluator]   Resolve and match kibanaserver
[2017-10-23T16:35:02,499][DEBUG][c.f.s.c.PrivilegesEvaluator] no permittedAliasesIndex 'kibanaserver' found for  'indices:data/read/search'
[2017-10-23T16:35:02,499][DEBUG][c.f.s.c.PrivilegesEvaluator] permittedAliasesIndices '{kibanaserver=org.elasticsearch.common.settings.Settings@37b8cba5}' -> '{*.0=INDICES_ALL}'
[2017-10-23T16:35:02,499][DEBUG][c.f.s.c.PrivilegesEvaluator] requestedResolvedIndexTypes '[IndexType [index=.kibana, type=*]]'
[2017-10-23T16:35:02,499][DEBUG][c.f.s.c.PrivilegesEvaluator]   resolved permitted aliases indices for kibanaserver: [kibanaserver]
[2017-10-23T16:35:02,499][DEBUG][c.f.s.c.PrivilegesEvaluator]   matches for kibanaserver, will check now types [*]
[2017-10-23T16:35:02,499][DEBUG][c.f.s.c.PrivilegesEvaluator]     match requested action indices:data/read/search against kibanaserver/*: [indices:*]
[2017-10-23T16:35:02,500][DEBUG][c.f.s.c.PrivilegesEvaluator]     no match kibanaserver* in [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:02,500][DEBUG][c.f.s.c.PrivilegesEvaluator] For index kibanaserver remaining requested indextype: [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:02,500][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_own_index=>[IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:02,500][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_public
[2017-10-23T16:35:02,500][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_public=>[IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:02,505][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http basic
[2017-10-23T16:35:02,505][DEBUG][c.f.s.a.BackendRegistry  ] User 'kibanaserver' is in cache? true (cache size: 5)
[2017-10-23T16:35:02,505][DEBUG][c.f.s.a.BackendRegistry  ] User 'User [name=kibanaserver, roles=[]]' is authenticated
[2017-10-23T16:35:02,505][DEBUG][c.f.s.a.BackendRegistry  ] sg_tenant 'null'
[2017-10-23T16:35:02,505][DEBUG][c.f.s.c.PrivilegesEvaluator] evaluate permissions for User [name=kibanaserver, roles=[]]
[2017-10-23T16:35:02,505][DEBUG][c.f.s.c.PrivilegesEvaluator] requested cluster:monitor/state from 10.70.124.111:41228
[2017-10-23T16:35:02,505][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolve [] from class org.elasticsearch.action.admin.cluster.state.ClusterStateRequest
[2017-10-23T16:35:02,505][DEBUG][c.f.s.c.PrivilegesEvaluator] indicesOptions IndicesOptions[id=7, ignore_unavailable=true, allow_no_indices=true, expand_wildcards_open=true, expand_wildcards_closed=false, allow_alisases_to_multiple_indices=true, forbid_closed_indices=false]
[2017-10-23T16:35:02,505][DEBUG][c.f.s.c.PrivilegesEvaluator] 0 raw indices []
[2017-10-23T16:35:02,505][DEBUG][c.f.s.c.PrivilegesEvaluator] No indices found in request, assume _all
[2017-10-23T16:35:02,505][DEBUG][c.f.s.c.PrivilegesEvaluator] requested resolved indextypes: [IndexType [index=logstash-2015.05.18, type=*], IndexType [index=logstash-2015.05.19, type=*], IndexType [index=mos-2017.10.17, type=*], IndexType [index=.kibana_1853788673_admemtsevs, type=*], IndexType [index=twitter, type=*], IndexType [index=watcher, type=*], IndexType [index=sentinl_users, type=*], IndexType [index=shakespeare, type=*], IndexType [index=logstash-2015.05.20, type=*], IndexType [index=searchguard, type=*], IndexType [index=bank, type=*], IndexType [index=watcher_alarms-2017.10.20, type=*], IndexType [index=.kibana, type=*], IndexType [index=.kibana_1378793996_emtsevs, type=*], IndexType [index=watcher_alarms, type=*]]
[2017-10-23T16:35:02,505][DEBUG][c.f.s.c.PrivilegesEvaluator] mapped roles for kibanaserver: [sg_all_access, sg_kibana_server, sg_own_index, sg_public]
[2017-10-23T16:35:02,505][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_all_access
[2017-10-23T16:35:02,505][DEBUG][c.f.s.c.PrivilegesEvaluator]   resolved cluster actions:[*]
[2017-10-23T16:35:02,505][DEBUG][c.f.s.c.PrivilegesEvaluator]   found a match for 'sg_all_access' and cluster:monitor/state, skip other roles
[2017-10-23T16:35:03,584][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http basic
[2017-10-23T16:35:03,584][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http spnego
[2017-10-23T16:35:03,595][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http basic
[2017-10-23T16:35:03,595][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http spnego
[2017-10-23T16:35:03,857][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http basic
[2017-10-23T16:35:03,857][DEBUG][c.f.s.a.BackendRegistry  ] User 'admin' is in cache? true (cache size: 5)
[2017-10-23T16:35:03,857][DEBUG][c.f.s.a.BackendRegistry  ] User 'User [name=admin, roles=[]]' is authenticated
[2017-10-23T16:35:03,857][DEBUG][c.f.s.a.BackendRegistry  ] sg_tenant 'null'
[2017-10-23T16:35:03,857][DEBUG][c.f.s.c.PrivilegesEvaluator] evaluate permissions for User [name=admin, roles=[]]
[2017-10-23T16:35:03,857][DEBUG][c.f.s.c.PrivilegesEvaluator] requested cluster:monitor/main from 10.70.124.113:40912
[2017-10-23T16:35:03,857][DEBUG][c.f.s.c.PrivilegesEvaluator] class org.elasticsearch.action.main.MainRequest is not an IndicesRequest
[2017-10-23T16:35:03,857][DEBUG][c.f.s.c.PrivilegesEvaluator] requested resolved indextypes: [IndexType [index=_all, type=*]]
[2017-10-23T16:35:03,858][DEBUG][c.f.s.c.PrivilegesEvaluator] mapped roles for admin: [sg_all_access, sg_own_index, sg_public]
[2017-10-23T16:35:03,858][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_all_access
[2017-10-23T16:35:03,858][DEBUG][c.f.s.c.PrivilegesEvaluator]   resolved cluster actions:[*]
[2017-10-23T16:35:03,858][DEBUG][c.f.s.c.PrivilegesEvaluator]   found a match for 'sg_all_access' and cluster:monitor/main, skip other roles
[2017-10-23T16:35:03,860][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http basic
[2017-10-23T16:35:03,860][DEBUG][c.f.s.a.BackendRegistry  ] User 'admin' is in cache? true (cache size: 5)
[2017-10-23T16:35:03,860][DEBUG][c.f.s.a.BackendRegistry  ] User 'User [name=admin, roles=[]]' is authenticated
[2017-10-23T16:35:03,860][DEBUG][c.f.s.a.BackendRegistry  ] sg_tenant 'null'
[2017-10-23T16:35:03,860][DEBUG][c.f.s.c.PrivilegesEvaluator] evaluate permissions for User [name=admin, roles=[]]
[2017-10-23T16:35:03,860][DEBUG][c.f.s.c.PrivilegesEvaluator] requested cluster:monitor/nodes/info from 10.70.124.113:40912
[2017-10-23T16:35:03,860][DEBUG][c.f.s.c.PrivilegesEvaluator] class org.elasticsearch.action.admin.cluster.node.info.NodesInfoRequest is not an IndicesRequest
[2017-10-23T16:35:03,860][DEBUG][c.f.s.c.PrivilegesEvaluator] requested resolved indextypes: [IndexType [index=_all, type=*]]
[2017-10-23T16:35:03,861][DEBUG][c.f.s.c.PrivilegesEvaluator] mapped roles for admin: [sg_all_access, sg_own_index, sg_public]
[2017-10-23T16:35:03,861][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_all_access
[2017-10-23T16:35:03,861][DEBUG][c.f.s.c.PrivilegesEvaluator]   resolved cluster actions:[*]
[2017-10-23T16:35:03,861][DEBUG][c.f.s.c.PrivilegesEvaluator]   found a match for 'sg_all_access' and cluster:monitor/nodes/info, skip other roles
[2017-10-23T16:35:03,867][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http basic
[2017-10-23T16:35:03,867][DEBUG][c.f.s.a.BackendRegistry  ] User 'admin' is in cache? true (cache size: 5)
[2017-10-23T16:35:03,867][DEBUG][c.f.s.a.BackendRegistry  ] User 'User [name=admin, roles=[]]' is authenticated
[2017-10-23T16:35:03,868][DEBUG][c.f.s.a.BackendRegistry  ] sg_tenant 'null'
[2017-10-23T16:35:03,868][DEBUG][c.f.s.c.PrivilegesEvaluator] evaluate permissions for User [name=admin, roles=[]]
[2017-10-23T16:35:03,868][DEBUG][c.f.s.c.PrivilegesEvaluator] requested cluster:monitor/nodes/info from 10.70.124.113:40912
[2017-10-23T16:35:03,868][DEBUG][c.f.s.c.PrivilegesEvaluator] class org.elasticsearch.action.admin.cluster.node.info.NodesInfoRequest is not an IndicesRequest
[2017-10-23T16:35:03,868][DEBUG][c.f.s.c.PrivilegesEvaluator] requested resolved indextypes: [IndexType [index=_all, type=*]]
[2017-10-23T16:35:03,868][DEBUG][c.f.s.c.PrivilegesEvaluator] mapped roles for admin: [sg_all_access, sg_own_index, sg_public]
[2017-10-23T16:35:03,868][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_all_access
[2017-10-23T16:35:03,868][DEBUG][c.f.s.c.PrivilegesEvaluator]   resolved cluster actions:[*]
[2017-10-23T16:35:03,868][DEBUG][c.f.s.c.PrivilegesEvaluator]   found a match for 'sg_all_access' and cluster:monitor/nodes/info, skip other roles
[2017-10-23T16:35:03,871][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http basic
[2017-10-23T16:35:03,871][DEBUG][c.f.s.a.BackendRegistry  ] User 'admin' is in cache? true (cache size: 5)
[2017-10-23T16:35:03,871][DEBUG][c.f.s.a.BackendRegistry  ] User 'User [name=admin, roles=[]]' is authenticated
[2017-10-23T16:35:03,871][DEBUG][c.f.s.a.BackendRegistry  ] sg_tenant 'null'
[2017-10-23T16:35:03,871][DEBUG][c.f.s.c.PrivilegesEvaluator] evaluate permissions for User [name=admin, roles=[]]
[2017-10-23T16:35:03,871][DEBUG][c.f.s.c.PrivilegesEvaluator] requested indices:data/read/mget from 10.70.124.113:40912
[2017-10-23T16:35:03,871][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolve [.kibana] from class org.elasticsearch.action.get.MultiGetRequest$Item
[2017-10-23T16:35:03,872][DEBUG][c.f.s.c.PrivilegesEvaluator] indicesOptions IndicesOptions[id=48, ignore_unavailable=false, allow_no_indices=false, expand_wildcards_open=false, expand_wildcards_closed=false, allow_alisases_to_multiple_indices=false, forbid_closed_indices=true]
[2017-10-23T16:35:03,872][DEBUG][c.f.s.c.PrivilegesEvaluator] 1 raw indices [.kibana]
[2017-10-23T16:35:03,872][DEBUG][c.f.s.c.PrivilegesEvaluator] No date math indices found
[2017-10-23T16:35:03,872][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolved [.kibana] to [.kibana]
[2017-10-23T16:35:03,872][DEBUG][c.f.s.c.PrivilegesEvaluator] requested resolved indextypes: [IndexType [index=.kibana, type=config]]
[2017-10-23T16:35:03,872][DEBUG][c.f.s.c.PrivilegesEvaluator] mapped roles for admin: [sg_all_access, sg_own_index, sg_public]
[2017-10-23T16:35:03,872][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_all_access
[2017-10-23T16:35:03,872][DEBUG][c.f.s.c.PrivilegesEvaluator]   resolved cluster actions:[*]
[2017-10-23T16:35:03,872][DEBUG][c.f.s.c.PrivilegesEvaluator]   found a match for 'sg_all_access' and indices:data/read/mget, skip other roles
[2017-10-23T16:35:03,872][DEBUG][c.f.s.c.PrivilegesEvaluator] evaluate permissions for User [name=admin, roles=[]]
[2017-10-23T16:35:03,872][DEBUG][c.f.s.c.PrivilegesEvaluator] requested indices:data/read/mget[shard] from 10.70.124.113:40912
[2017-10-23T16:35:03,872][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolve [.kibana] from class org.elasticsearch.action.get.MultiGetShardRequest
[2017-10-23T16:35:03,872][DEBUG][c.f.s.c.PrivilegesEvaluator] indicesOptions IndicesOptions[id=48, ignore_unavailable=false, allow_no_indices=false, expand_wildcards_open=false, expand_wildcards_closed=false, allow_alisases_to_multiple_indices=false, forbid_closed_indices=true]
[2017-10-23T16:35:03,872][DEBUG][c.f.s.c.PrivilegesEvaluator] 1 raw indices [.kibana]
[2017-10-23T16:35:03,872][DEBUG][c.f.s.c.PrivilegesEvaluator] No date math indices found
[2017-10-23T16:35:03,872][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolved [.kibana] to [.kibana]
[2017-10-23T16:35:03,872][DEBUG][c.f.s.c.PrivilegesEvaluator] requested resolved indextypes: [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:03,873][DEBUG][c.f.s.c.PrivilegesEvaluator] mapped roles for admin: [sg_all_access, sg_own_index, sg_public]
[2017-10-23T16:35:03,873][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_all_access
[2017-10-23T16:35:03,873][DEBUG][c.f.s.c.PrivilegesEvaluator]   Try wildcard match for *
[2017-10-23T16:35:03,873][DEBUG][c.f.s.c.PrivilegesEvaluator]   Wildcard match for *: [.kibana]
[2017-10-23T16:35:03,873][DEBUG][c.f.s.c.PrivilegesEvaluator]   matches for *, will check now types [*]
[2017-10-23T16:35:03,873][DEBUG][c.f.s.c.PrivilegesEvaluator]     match requested action indices:data/read/mget[shard] against */*: [*]
[2017-10-23T16:35:03,873][DEBUG][c.f.s.c.PrivilegesEvaluator]     removed .kibana*
[2017-10-23T16:35:03,873][DEBUG][c.f.s.c.PrivilegesEvaluator] For index * remaining requested indextype: []
[2017-10-23T16:35:03,873][DEBUG][c.f.s.c.PrivilegesEvaluator] found a match for 'sg_all_access.*', evaluate other roles
[2017-10-23T16:35:03,873][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_all_access=>[]
[2017-10-23T16:35:03,873][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_own_index
[2017-10-23T16:35:03,873][DEBUG][c.f.s.c.PrivilegesEvaluator]   Resolve and match admin
[2017-10-23T16:35:03,873][DEBUG][c.f.s.c.PrivilegesEvaluator] no permittedAliasesIndex 'admin' found for  'indices:data/read/mget[shard]'
[2017-10-23T16:35:03,873][DEBUG][c.f.s.c.PrivilegesEvaluator] permittedAliasesIndices '{admin=org.elasticsearch.common.settings.Settings@37b8cba5}' -> '{*.0=INDICES_ALL}'
[2017-10-23T16:35:03,873][DEBUG][c.f.s.c.PrivilegesEvaluator] requestedResolvedIndexTypes '[IndexType [index=.kibana, type=*]]'
[2017-10-23T16:35:03,873][DEBUG][c.f.s.c.PrivilegesEvaluator]   resolved permitted aliases indices for admin: [admin]
[2017-10-23T16:35:03,873][DEBUG][c.f.s.c.PrivilegesEvaluator]   matches for admin, will check now types [*]
[2017-10-23T16:35:03,873][DEBUG][c.f.s.c.PrivilegesEvaluator]     match requested action indices:data/read/mget[shard] against admin/*: [indices:*]
[2017-10-23T16:35:03,873][DEBUG][c.f.s.c.PrivilegesEvaluator]     no match admin* in [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:03,873][DEBUG][c.f.s.c.PrivilegesEvaluator] For index admin remaining requested indextype: [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:03,873][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_own_index=>[IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:03,873][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_public
[2017-10-23T16:35:03,873][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_public=>[IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:03,877][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http basic
[2017-10-23T16:35:03,877][DEBUG][c.f.s.a.BackendRegistry  ] User 'admin' is in cache? true (cache size: 5)
[2017-10-23T16:35:03,877][DEBUG][c.f.s.a.BackendRegistry  ] User 'User [name=admin, roles=[]]' is authenticated
[2017-10-23T16:35:03,877][DEBUG][c.f.s.a.BackendRegistry  ] sg_tenant 'null'
[2017-10-23T16:35:03,877][DEBUG][c.f.s.c.PrivilegesEvaluator] evaluate permissions for User [name=admin, roles=[]]
[2017-10-23T16:35:03,877][DEBUG][c.f.s.c.PrivilegesEvaluator] requested cluster:monitor/health from 10.70.124.113:40912
[2017-10-23T16:35:03,877][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolve [.kibana] from class org.elasticsearch.action.admin.cluster.health.ClusterHealthRequest
[2017-10-23T16:35:03,877][DEBUG][c.f.s.c.PrivilegesEvaluator] indicesOptions IndicesOptions[id=7, ignore_unavailable=true, allow_no_indices=true, expand_wildcards_open=true, expand_wildcards_closed=false, allow_alisases_to_multiple_indices=true, forbid_closed_indices=false]
[2017-10-23T16:35:03,877][DEBUG][c.f.s.c.PrivilegesEvaluator] 1 raw indices [.kibana]
[2017-10-23T16:35:03,877][DEBUG][c.f.s.c.PrivilegesEvaluator] No date math indices found
[2017-10-23T16:35:03,877][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolved [.kibana] to [.kibana]
[2017-10-23T16:35:03,877][DEBUG][c.f.s.c.PrivilegesEvaluator] requested resolved indextypes: [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:03,877][DEBUG][c.f.s.c.PrivilegesEvaluator] mapped roles for admin: [sg_all_access, sg_own_index, sg_public]
[2017-10-23T16:35:03,878][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_all_access
[2017-10-23T16:35:03,878][DEBUG][c.f.s.c.PrivilegesEvaluator]   resolved cluster actions:[*]
[2017-10-23T16:35:03,878][DEBUG][c.f.s.c.PrivilegesEvaluator]   found a match for 'sg_all_access' and cluster:monitor/health, skip other roles
[2017-10-23T16:35:03,880][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http basic
[2017-10-23T16:35:03,880][DEBUG][c.f.s.a.BackendRegistry  ] User 'admin' is in cache? true (cache size: 5)
[2017-10-23T16:35:03,880][DEBUG][c.f.s.a.BackendRegistry  ] User 'User [name=admin, roles=[]]' is authenticated
[2017-10-23T16:35:03,880][DEBUG][c.f.s.a.BackendRegistry  ] sg_tenant 'null'
[2017-10-23T16:35:03,880][DEBUG][c.f.s.c.PrivilegesEvaluator] evaluate permissions for User [name=admin, roles=[]]
[2017-10-23T16:35:03,880][DEBUG][c.f.s.c.PrivilegesEvaluator] requested indices:admin/get from 10.70.124.113:40912
[2017-10-23T16:35:03,880][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolve [.kibana] from class org.elasticsearch.action.admin.indices.get.GetIndexRequest
[2017-10-23T16:35:03,880][DEBUG][c.f.s.c.PrivilegesEvaluator] indicesOptions IndicesOptions[id=6, ignore_unavailable=false, allow_no_indices=true, expand_wildcards_open=true, expand_wildcards_closed=false, allow_alisases_to_multiple_indices=true, forbid_closed_indices=false]
[2017-10-23T16:35:03,880][DEBUG][c.f.s.c.PrivilegesEvaluator] 1 raw indices [.kibana]
[2017-10-23T16:35:03,880][DEBUG][c.f.s.c.PrivilegesEvaluator] No date math indices found
[2017-10-23T16:35:03,880][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolved [.kibana] to [.kibana]
[2017-10-23T16:35:03,880][DEBUG][c.f.s.c.PrivilegesEvaluator] requested resolved indextypes: [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:03,880][DEBUG][c.f.s.c.PrivilegesEvaluator] mapped roles for admin: [sg_all_access, sg_own_index, sg_public]
[2017-10-23T16:35:03,880][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_all_access
[2017-10-23T16:35:03,881][DEBUG][c.f.s.c.PrivilegesEvaluator]   Try wildcard match for *
[2017-10-23T16:35:03,881][DEBUG][c.f.s.c.PrivilegesEvaluator]   Wildcard match for *: [.kibana]
[2017-10-23T16:35:03,881][DEBUG][c.f.s.c.PrivilegesEvaluator]   matches for *, will check now types [*]
[2017-10-23T16:35:03,881][DEBUG][c.f.s.c.PrivilegesEvaluator]     match requested action indices:admin/get against */*: [*]
[2017-10-23T16:35:03,881][DEBUG][c.f.s.c.PrivilegesEvaluator]     removed .kibana*
[2017-10-23T16:35:03,881][DEBUG][c.f.s.c.PrivilegesEvaluator] For index * remaining requested indextype: []
[2017-10-23T16:35:03,881][DEBUG][c.f.s.c.PrivilegesEvaluator] found a match for 'sg_all_access.*', evaluate other roles
[2017-10-23T16:35:03,881][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_all_access=>[]
[2017-10-23T16:35:03,881][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_own_index
[2017-10-23T16:35:03,881][DEBUG][c.f.s.c.PrivilegesEvaluator]   Resolve and match admin
[2017-10-23T16:35:03,881][DEBUG][c.f.s.c.PrivilegesEvaluator] no permittedAliasesIndex 'admin' found for  'indices:admin/get'
[2017-10-23T16:35:03,881][DEBUG][c.f.s.c.PrivilegesEvaluator] permittedAliasesIndices '{admin=org.elasticsearch.common.settings.Settings@37b8cba5}' -> '{*.0=INDICES_ALL}'
[2017-10-23T16:35:03,881][DEBUG][c.f.s.c.PrivilegesEvaluator] requestedResolvedIndexTypes '[IndexType [index=.kibana, type=*]]'
[2017-10-23T16:35:03,881][DEBUG][c.f.s.c.PrivilegesEvaluator]   resolved permitted aliases indices for admin: [admin]
[2017-10-23T16:35:03,881][DEBUG][c.f.s.c.PrivilegesEvaluator]   matches for admin, will check now types [*]
[2017-10-23T16:35:03,881][DEBUG][c.f.s.c.PrivilegesEvaluator]     match requested action indices:admin/get against admin/*: [indices:*]
[2017-10-23T16:35:03,881][DEBUG][c.f.s.c.PrivilegesEvaluator]     no match admin* in [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:03,881][DEBUG][c.f.s.c.PrivilegesEvaluator] For index admin remaining requested indextype: [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:03,881][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_own_index=>[IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:03,881][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_public
[2017-10-23T16:35:03,881][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_public=>[IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:03,884][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http basic
[2017-10-23T16:35:03,884][DEBUG][c.f.s.a.BackendRegistry  ] User 'admin' is in cache? true (cache size: 5)
[2017-10-23T16:35:03,884][DEBUG][c.f.s.a.BackendRegistry  ] User 'User [name=admin, roles=[]]' is authenticated
[2017-10-23T16:35:03,884][DEBUG][c.f.s.a.BackendRegistry  ] sg_tenant 'null'
[2017-10-23T16:35:03,884][DEBUG][c.f.s.c.PrivilegesEvaluator] evaluate permissions for User [name=admin, roles=[]]
[2017-10-23T16:35:03,884][DEBUG][c.f.s.c.PrivilegesEvaluator] requested indices:data/read/search from 10.70.124.113:40912
[2017-10-23T16:35:03,884][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolve [.kibana] from class org.elasticsearch.action.search.SearchRequest
[2017-10-23T16:35:03,885][DEBUG][c.f.s.c.PrivilegesEvaluator] indicesOptions IndicesOptions[id=38, ignore_unavailable=false, allow_no_indices=true, expand_wildcards_open=true, expand_wildcards_closed=false, allow_alisases_to_multiple_indices=true, forbid_closed_indices=true]
[2017-10-23T16:35:03,885][DEBUG][c.f.s.c.PrivilegesEvaluator] 1 raw indices [.kibana]
[2017-10-23T16:35:03,885][DEBUG][c.f.s.c.PrivilegesEvaluator] No date math indices found
[2017-10-23T16:35:03,885][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolved [.kibana] to [.kibana]
[2017-10-23T16:35:03,885][DEBUG][c.f.s.c.PrivilegesEvaluator] requested resolved indextypes: [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:03,885][DEBUG][c.f.s.c.PrivilegesEvaluator] mapped roles for admin: [sg_all_access, sg_own_index, sg_public]
[2017-10-23T16:35:03,885][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_all_access
[2017-10-23T16:35:03,885][DEBUG][c.f.s.c.PrivilegesEvaluator]   Try wildcard match for *
[2017-10-23T16:35:03,885][DEBUG][c.f.s.c.PrivilegesEvaluator]   Wildcard match for *: [.kibana]
[2017-10-23T16:35:03,885][DEBUG][c.f.s.c.PrivilegesEvaluator]   matches for *, will check now types [*]
[2017-10-23T16:35:03,885][DEBUG][c.f.s.c.PrivilegesEvaluator]     match requested action indices:data/read/search against */*: [*]
[2017-10-23T16:35:03,885][DEBUG][c.f.s.c.PrivilegesEvaluator]     removed .kibana*
[2017-10-23T16:35:03,885][DEBUG][c.f.s.c.PrivilegesEvaluator] For index * remaining requested indextype: []
[2017-10-23T16:35:03,885][DEBUG][c.f.s.c.PrivilegesEvaluator] found a match for 'sg_all_access.*', evaluate other roles
[2017-10-23T16:35:03,885][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_all_access=>[]
[2017-10-23T16:35:03,885][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_own_index
[2017-10-23T16:35:03,885][DEBUG][c.f.s.c.PrivilegesEvaluator]   Resolve and match admin
[2017-10-23T16:35:03,885][DEBUG][c.f.s.c.PrivilegesEvaluator] no permittedAliasesIndex 'admin' found for  'indices:data/read/search'
[2017-10-23T16:35:03,885][DEBUG][c.f.s.c.PrivilegesEvaluator] permittedAliasesIndices '{admin=org.elasticsearch.common.settings.Settings@37b8cba5}' -> '{*.0=INDICES_ALL}'
[2017-10-23T16:35:03,885][DEBUG][c.f.s.c.PrivilegesEvaluator] requestedResolvedIndexTypes '[IndexType [index=.kibana, type=*]]'
[2017-10-23T16:35:03,885][DEBUG][c.f.s.c.PrivilegesEvaluator]   resolved permitted aliases indices for admin: [admin]
[2017-10-23T16:35:03,885][DEBUG][c.f.s.c.PrivilegesEvaluator]   matches for admin, will check now types [*]
[2017-10-23T16:35:03,886][DEBUG][c.f.s.c.PrivilegesEvaluator]     match requested action indices:data/read/search against admin/*: [indices:*]
[2017-10-23T16:35:03,886][DEBUG][c.f.s.c.PrivilegesEvaluator]     no match admin* in [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:03,886][DEBUG][c.f.s.c.PrivilegesEvaluator] For index admin remaining requested indextype: [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:03,886][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_own_index=>[IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:03,886][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_public
[2017-10-23T16:35:03,886][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_public=>[IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:03,891][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http basic
[2017-10-23T16:35:03,891][DEBUG][c.f.s.a.BackendRegistry  ] User 'admin' is in cache? true (cache size: 5)
[2017-10-23T16:35:03,891][DEBUG][c.f.s.a.BackendRegistry  ] User 'User [name=admin, roles=[]]' is authenticated
[2017-10-23T16:35:03,891][DEBUG][c.f.s.a.BackendRegistry  ] sg_tenant 'null'
[2017-10-23T16:35:03,891][DEBUG][c.f.s.c.PrivilegesEvaluator] evaluate permissions for User [name=admin, roles=[]]
[2017-10-23T16:35:03,891][DEBUG][c.f.s.c.PrivilegesEvaluator] requested cluster:monitor/state from 10.70.124.113:40916
[2017-10-23T16:35:03,891][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolve [] from class org.elasticsearch.action.admin.cluster.state.ClusterStateRequest
[2017-10-23T16:35:03,891][DEBUG][c.f.s.c.PrivilegesEvaluator] indicesOptions IndicesOptions[id=7, ignore_unavailable=true, allow_no_indices=true, expand_wildcards_open=true, expand_wildcards_closed=false, allow_alisases_to_multiple_indices=true, forbid_closed_indices=false]
[2017-10-23T16:35:03,891][DEBUG][c.f.s.c.PrivilegesEvaluator] 0 raw indices []
[2017-10-23T16:35:03,891][DEBUG][c.f.s.c.PrivilegesEvaluator] No indices found in request, assume _all
[2017-10-23T16:35:03,891][DEBUG][c.f.s.c.PrivilegesEvaluator] requested resolved indextypes: [IndexType [index=logstash-2015.05.18, type=*], IndexType [index=logstash-2015.05.19, type=*], IndexType [index=mos-2017.10.17, type=*], IndexType [index=.kibana_1853788673_admemtsevs, type=*], IndexType [index=twitter, type=*], IndexType [index=watcher, type=*], IndexType [index=sentinl_users, type=*], IndexType [index=shakespeare, type=*], IndexType [index=logstash-2015.05.20, type=*], IndexType [index=searchguard, type=*], IndexType [index=bank, type=*], IndexType [index=watcher_alarms-2017.10.20, type=*], IndexType [index=.kibana, type=*], IndexType [index=.kibana_1378793996_emtsevs, type=*], IndexType [index=watcher_alarms, type=*]]
[2017-10-23T16:35:03,892][DEBUG][c.f.s.c.PrivilegesEvaluator] mapped roles for admin: [sg_all_access, sg_own_index, sg_public]
[2017-10-23T16:35:03,892][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_all_access
[2017-10-23T16:35:03,892][DEBUG][c.f.s.c.PrivilegesEvaluator]   resolved cluster actions:[*]
[2017-10-23T16:35:03,892][DEBUG][c.f.s.c.PrivilegesEvaluator]   found a match for 'sg_all_access' and cluster:monitor/state, skip other roles
[2017-10-23T16:35:04,709][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http basic
[2017-10-23T16:35:04,709][DEBUG][c.f.s.a.BackendRegistry  ] User 'kibanaserver' is in cache? true (cache size: 5)
[2017-10-23T16:35:04,709][DEBUG][c.f.s.a.BackendRegistry  ] User 'User [name=kibanaserver, roles=[]]' is authenticated
[2017-10-23T16:35:04,709][DEBUG][c.f.s.a.BackendRegistry  ] sg_tenant 'null'
[2017-10-23T16:35:04,709][DEBUG][c.f.s.c.PrivilegesEvaluator] evaluate permissions for User [name=kibanaserver, roles=[]]
[2017-10-23T16:35:04,709][DEBUG][c.f.s.c.PrivilegesEvaluator] requested cluster:monitor/main from 10.70.124.115:59972
[2017-10-23T16:35:04,709][DEBUG][c.f.s.c.PrivilegesEvaluator] class org.elasticsearch.action.main.MainRequest is not an IndicesRequest
[2017-10-23T16:35:04,709][DEBUG][c.f.s.c.PrivilegesEvaluator] requested resolved indextypes: [IndexType [index=_all, type=*]]
[2017-10-23T16:35:04,709][DEBUG][c.f.s.c.PrivilegesEvaluator] mapped roles for kibanaserver: [sg_all_access, sg_kibana_server, sg_own_index, sg_public]
[2017-10-23T16:35:04,710][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_all_access
[2017-10-23T16:35:04,710][DEBUG][c.f.s.c.PrivilegesEvaluator]   resolved cluster actions:[*]
[2017-10-23T16:35:04,710][DEBUG][c.f.s.c.PrivilegesEvaluator]   found a match for 'sg_all_access' and cluster:monitor/main, skip other roles
[2017-10-23T16:35:04,751][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http basic
[2017-10-23T16:35:04,751][DEBUG][c.f.s.a.BackendRegistry  ] User 'kibanaserver' is in cache? true (cache size: 5)
[2017-10-23T16:35:04,751][DEBUG][c.f.s.a.BackendRegistry  ] User 'User [name=kibanaserver, roles=[]]' is authenticated
[2017-10-23T16:35:04,751][DEBUG][c.f.s.a.BackendRegistry  ] sg_tenant 'null'
[2017-10-23T16:35:04,752][DEBUG][c.f.s.c.PrivilegesEvaluator] evaluate permissions for User [name=kibanaserver, roles=[]]
[2017-10-23T16:35:04,752][DEBUG][c.f.s.c.PrivilegesEvaluator] requested cluster:monitor/nodes/info from 10.70.124.115:60006
[2017-10-23T16:35:04,752][DEBUG][c.f.s.c.PrivilegesEvaluator] class org.elasticsearch.action.admin.cluster.node.info.NodesInfoRequest is not an IndicesRequest
[2017-10-23T16:35:04,752][DEBUG][c.f.s.c.PrivilegesEvaluator] requested resolved indextypes: [IndexType [index=_all, type=*]]
[2017-10-23T16:35:04,752][DEBUG][c.f.s.c.PrivilegesEvaluator] mapped roles for kibanaserver: [sg_all_access, sg_kibana_server, sg_own_index, sg_public]
[2017-10-23T16:35:04,752][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_all_access
[2017-10-23T16:35:04,752][DEBUG][c.f.s.c.PrivilegesEvaluator]   resolved cluster actions:[*]
[2017-10-23T16:35:04,752][DEBUG][c.f.s.c.PrivilegesEvaluator]   found a match for 'sg_all_access' and cluster:monitor/nodes/info, skip other roles
[2017-10-23T16:35:04,758][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http basic
[2017-10-23T16:35:04,758][DEBUG][c.f.s.a.BackendRegistry  ] User 'kibanaserver' is in cache? true (cache size: 5)
[2017-10-23T16:35:04,758][DEBUG][c.f.s.a.BackendRegistry  ] User 'User [name=kibanaserver, roles=[]]' is authenticated
[2017-10-23T16:35:04,758][DEBUG][c.f.s.a.BackendRegistry  ] sg_tenant 'null'
[2017-10-23T16:35:04,758][DEBUG][c.f.s.c.PrivilegesEvaluator] evaluate permissions for User [name=kibanaserver, roles=[]]
[2017-10-23T16:35:04,758][DEBUG][c.f.s.c.PrivilegesEvaluator] requested cluster:monitor/nodes/info from 10.70.124.115:59972
[2017-10-23T16:35:04,758][DEBUG][c.f.s.c.PrivilegesEvaluator] class org.elasticsearch.action.admin.cluster.node.info.NodesInfoRequest is not an IndicesRequest
[2017-10-23T16:35:04,758][DEBUG][c.f.s.c.PrivilegesEvaluator] requested resolved indextypes: [IndexType [index=_all, type=*]]
[2017-10-23T16:35:04,759][DEBUG][c.f.s.c.PrivilegesEvaluator] mapped roles for kibanaserver: [sg_all_access, sg_kibana_server, sg_own_index, sg_public]
[2017-10-23T16:35:04,759][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_all_access
[2017-10-23T16:35:04,759][DEBUG][c.f.s.c.PrivilegesEvaluator]   resolved cluster actions:[*]
[2017-10-23T16:35:04,759][DEBUG][c.f.s.c.PrivilegesEvaluator]   found a match for 'sg_all_access' and cluster:monitor/nodes/info, skip other roles
[2017-10-23T16:35:04,762][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http basic
[2017-10-23T16:35:04,762][DEBUG][c.f.s.a.BackendRegistry  ] User 'kibanaserver' is in cache? true (cache size: 5)
[2017-10-23T16:35:04,762][DEBUG][c.f.s.a.BackendRegistry  ] User 'User [name=kibanaserver, roles=[]]' is authenticated
[2017-10-23T16:35:04,762][DEBUG][c.f.s.a.BackendRegistry  ] sg_tenant 'null'
[2017-10-23T16:35:04,763][DEBUG][c.f.s.c.PrivilegesEvaluator] evaluate permissions for User [name=kibanaserver, roles=[]]
[2017-10-23T16:35:04,763][DEBUG][c.f.s.c.PrivilegesEvaluator] requested indices:data/read/mget from 10.70.124.115:60006
[2017-10-23T16:35:04,763][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolve [.kibana] from class org.elasticsearch.action.get.MultiGetRequest$Item
[2017-10-23T16:35:04,763][DEBUG][c.f.s.c.PrivilegesEvaluator] indicesOptions IndicesOptions[id=48, ignore_unavailable=false, allow_no_indices=false, expand_wildcards_open=false, expand_wildcards_closed=false, allow_alisases_to_multiple_indices=false, forbid_closed_indices=true]
[2017-10-23T16:35:04,763][DEBUG][c.f.s.c.PrivilegesEvaluator] 1 raw indices [.kibana]
[2017-10-23T16:35:04,763][DEBUG][c.f.s.c.PrivilegesEvaluator] No date math indices found
[2017-10-23T16:35:04,763][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolved [.kibana] to [.kibana]
[2017-10-23T16:35:04,763][DEBUG][c.f.s.c.PrivilegesEvaluator] requested resolved indextypes: [IndexType [index=.kibana, type=config]]
[2017-10-23T16:35:04,763][DEBUG][c.f.s.c.PrivilegesEvaluator] mapped roles for kibanaserver: [sg_all_access, sg_kibana_server, sg_own_index, sg_public]
[2017-10-23T16:35:04,763][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_all_access
[2017-10-23T16:35:04,763][DEBUG][c.f.s.c.PrivilegesEvaluator]   resolved cluster actions:[*]
[2017-10-23T16:35:04,763][DEBUG][c.f.s.c.PrivilegesEvaluator]   found a match for 'sg_all_access' and indices:data/read/mget, skip other roles
[2017-10-23T16:35:04,763][DEBUG][c.f.s.c.PrivilegesEvaluator] evaluate permissions for User [name=kibanaserver, roles=[]]
[2017-10-23T16:35:04,763][DEBUG][c.f.s.c.PrivilegesEvaluator] requested indices:data/read/mget[shard] from 10.70.124.115:60006
[2017-10-23T16:35:04,763][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolve [.kibana] from class org.elasticsearch.action.get.MultiGetShardRequest
[2017-10-23T16:35:04,763][DEBUG][c.f.s.c.PrivilegesEvaluator] indicesOptions IndicesOptions[id=48, ignore_unavailable=false, allow_no_indices=false, expand_wildcards_open=false, expand_wildcards_closed=false, allow_alisases_to_multiple_indices=false, forbid_closed_indices=true]
[2017-10-23T16:35:04,763][DEBUG][c.f.s.c.PrivilegesEvaluator] 1 raw indices [.kibana]
[2017-10-23T16:35:04,763][DEBUG][c.f.s.c.PrivilegesEvaluator] No date math indices found
[2017-10-23T16:35:04,763][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolved [.kibana] to [.kibana]
[2017-10-23T16:35:04,763][DEBUG][c.f.s.c.PrivilegesEvaluator] requested resolved indextypes: [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:04,764][DEBUG][c.f.s.c.PrivilegesEvaluator] mapped roles for kibanaserver: [sg_all_access, sg_kibana_server, sg_own_index, sg_public]
[2017-10-23T16:35:04,764][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_all_access
[2017-10-23T16:35:04,764][DEBUG][c.f.s.c.PrivilegesEvaluator]   Try wildcard match for *
[2017-10-23T16:35:04,764][DEBUG][c.f.s.c.PrivilegesEvaluator]   Wildcard match for *: [.kibana]
[2017-10-23T16:35:04,764][DEBUG][c.f.s.c.PrivilegesEvaluator]   matches for *, will check now types [*]
[2017-10-23T16:35:04,764][DEBUG][c.f.s.c.PrivilegesEvaluator]     match requested action indices:data/read/mget[shard] against */*: [*]
[2017-10-23T16:35:04,764][DEBUG][c.f.s.c.PrivilegesEvaluator]     removed .kibana*
[2017-10-23T16:35:04,764][DEBUG][c.f.s.c.PrivilegesEvaluator] For index * remaining requested indextype: []
[2017-10-23T16:35:04,764][DEBUG][c.f.s.c.PrivilegesEvaluator] found a match for 'sg_all_access.*', evaluate other roles
[2017-10-23T16:35:04,764][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_all_access=>[]
[2017-10-23T16:35:04,764][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_kibana_server
[2017-10-23T16:35:04,764][DEBUG][c.f.s.c.PrivilegesEvaluator]   Try wildcard match for watcher*
[2017-10-23T16:35:04,764][DEBUG][c.f.s.c.PrivilegesEvaluator]   No wildcard match found for watcher*
[2017-10-23T16:35:04,764][DEBUG][c.f.s.c.PrivilegesEvaluator] For index watcher* remaining requested indextype: [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:04,764][DEBUG][c.f.s.c.PrivilegesEvaluator]   Try wildcard match for ?kibana
[2017-10-23T16:35:04,764][DEBUG][c.f.s.c.PrivilegesEvaluator]   Wildcard match for ?kibana: [.kibana]
[2017-10-23T16:35:04,764][DEBUG][c.f.s.c.PrivilegesEvaluator]   matches for ?kibana, will check now types [*]
[2017-10-23T16:35:04,764][DEBUG][c.f.s.c.PrivilegesEvaluator]     match requested action indices:data/read/mget[shard] against ?kibana/*: [indices:*]
[2017-10-23T16:35:04,764][DEBUG][c.f.s.c.PrivilegesEvaluator]     removed .kibana*
[2017-10-23T16:35:04,764][DEBUG][c.f.s.c.PrivilegesEvaluator] For index ?kibana remaining requested indextype: []
[2017-10-23T16:35:04,764][DEBUG][c.f.s.c.PrivilegesEvaluator] found a match for 'sg_kibana_server.?kibana', evaluate other roles
[2017-10-23T16:35:04,764][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_kibana_server=>[]
[2017-10-23T16:35:04,764][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_own_index
[2017-10-23T16:35:04,764][DEBUG][c.f.s.c.PrivilegesEvaluator]   Resolve and match kibanaserver
[2017-10-23T16:35:04,764][DEBUG][c.f.s.c.PrivilegesEvaluator] no permittedAliasesIndex 'kibanaserver' found for  'indices:data/read/mget[shard]'
[2017-10-23T16:35:04,764][DEBUG][c.f.s.c.PrivilegesEvaluator] permittedAliasesIndices '{kibanaserver=org.elasticsearch.common.settings.Settings@37b8cba5}' -> '{*.0=INDICES_ALL}'
[2017-10-23T16:35:04,764][DEBUG][c.f.s.c.PrivilegesEvaluator] requestedResolvedIndexTypes '[IndexType [index=.kibana, type=*]]'
[2017-10-23T16:35:04,764][DEBUG][c.f.s.c.PrivilegesEvaluator]   resolved permitted aliases indices for kibanaserver: [kibanaserver]
[2017-10-23T16:35:04,764][DEBUG][c.f.s.c.PrivilegesEvaluator]   matches for kibanaserver, will check now types [*]
[2017-10-23T16:35:04,764][DEBUG][c.f.s.c.PrivilegesEvaluator]     match requested action indices:data/read/mget[shard] against kibanaserver/*: [indices:*]
[2017-10-23T16:35:04,764][DEBUG][c.f.s.c.PrivilegesEvaluator]     no match kibanaserver* in [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:04,764][DEBUG][c.f.s.c.PrivilegesEvaluator] For index kibanaserver remaining requested indextype: [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:04,764][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_own_index=>[IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:04,765][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_public
[2017-10-23T16:35:04,765][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_public=>[IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:04,768][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http basic
[2017-10-23T16:35:04,768][DEBUG][c.f.s.a.BackendRegistry  ] User 'kibanaserver' is in cache? true (cache size: 5)
[2017-10-23T16:35:04,768][DEBUG][c.f.s.a.BackendRegistry  ] User 'User [name=kibanaserver, roles=[]]' is authenticated
[2017-10-23T16:35:04,768][DEBUG][c.f.s.a.BackendRegistry  ] sg_tenant 'null'
[2017-10-23T16:35:04,769][DEBUG][c.f.s.c.PrivilegesEvaluator] evaluate permissions for User [name=kibanaserver, roles=[]]
[2017-10-23T16:35:04,769][DEBUG][c.f.s.c.PrivilegesEvaluator] requested cluster:monitor/health from 10.70.124.115:59972
[2017-10-23T16:35:04,769][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolve [.kibana] from class org.elasticsearch.action.admin.cluster.health.ClusterHealthRequest
[2017-10-23T16:35:04,769][DEBUG][c.f.s.c.PrivilegesEvaluator] indicesOptions IndicesOptions[id=7, ignore_unavailable=true, allow_no_indices=true, expand_wildcards_open=true, expand_wildcards_closed=false, allow_alisases_to_multiple_indices=true, forbid_closed_indices=false]
[2017-10-23T16:35:04,769][DEBUG][c.f.s.c.PrivilegesEvaluator] 1 raw indices [.kibana]
[2017-10-23T16:35:04,769][DEBUG][c.f.s.c.PrivilegesEvaluator] No date math indices found
[2017-10-23T16:35:04,769][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolved [.kibana] to [.kibana]
[2017-10-23T16:35:04,769][DEBUG][c.f.s.c.PrivilegesEvaluator] requested resolved indextypes: [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:04,769][DEBUG][c.f.s.c.PrivilegesEvaluator] mapped roles for kibanaserver: [sg_all_access, sg_kibana_server, sg_own_index, sg_public]
[2017-10-23T16:35:04,769][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_all_access
[2017-10-23T16:35:04,769][DEBUG][c.f.s.c.PrivilegesEvaluator]   resolved cluster actions:[*]
[2017-10-23T16:35:04,769][DEBUG][c.f.s.c.PrivilegesEvaluator]   found a match for 'sg_all_access' and cluster:monitor/health, skip other roles
[2017-10-23T16:35:04,771][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http basic
[2017-10-23T16:35:04,771][DEBUG][c.f.s.a.BackendRegistry  ] User 'kibanaserver' is in cache? true (cache size: 5)
[2017-10-23T16:35:04,771][DEBUG][c.f.s.a.BackendRegistry  ] User 'User [name=kibanaserver, roles=[]]' is authenticated
[2017-10-23T16:35:04,771][DEBUG][c.f.s.a.BackendRegistry  ] sg_tenant 'null'
[2017-10-23T16:35:04,771][DEBUG][c.f.s.c.PrivilegesEvaluator] evaluate permissions for User [name=kibanaserver, roles=[]]
[2017-10-23T16:35:04,771][DEBUG][c.f.s.c.PrivilegesEvaluator] requested indices:admin/get from 10.70.124.115:60006
[2017-10-23T16:35:04,771][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolve [.kibana] from class org.elasticsearch.action.admin.indices.get.GetIndexRequest
[2017-10-23T16:35:04,771][DEBUG][c.f.s.c.PrivilegesEvaluator] indicesOptions IndicesOptions[id=6, ignore_unavailable=false, allow_no_indices=true, expand_wildcards_open=true, expand_wildcards_closed=false, allow_alisases_to_multiple_indices=true, forbid_closed_indices=false]
[2017-10-23T16:35:04,771][DEBUG][c.f.s.c.PrivilegesEvaluator] 1 raw indices [.kibana]
[2017-10-23T16:35:04,771][DEBUG][c.f.s.c.PrivilegesEvaluator] No date math indices found
[2017-10-23T16:35:04,771][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolved [.kibana] to [.kibana]
[2017-10-23T16:35:04,771][DEBUG][c.f.s.c.PrivilegesEvaluator] requested resolved indextypes: [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:04,771][DEBUG][c.f.s.c.PrivilegesEvaluator] mapped roles for kibanaserver: [sg_all_access, sg_kibana_server, sg_own_index, sg_public]
[2017-10-23T16:35:04,772][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_all_access
[2017-10-23T16:35:04,772][DEBUG][c.f.s.c.PrivilegesEvaluator]   Try wildcard match for *
[2017-10-23T16:35:04,772][DEBUG][c.f.s.c.PrivilegesEvaluator]   Wildcard match for *: [.kibana]
[2017-10-23T16:35:04,772][DEBUG][c.f.s.c.PrivilegesEvaluator]   matches for *, will check now types [*]
[2017-10-23T16:35:04,772][DEBUG][c.f.s.c.PrivilegesEvaluator]     match requested action indices:admin/get against */*: [*]
[2017-10-23T16:35:04,772][DEBUG][c.f.s.c.PrivilegesEvaluator]     removed .kibana*
[2017-10-23T16:35:04,772][DEBUG][c.f.s.c.PrivilegesEvaluator] For index * remaining requested indextype: []
[2017-10-23T16:35:04,772][DEBUG][c.f.s.c.PrivilegesEvaluator] found a match for 'sg_all_access.*', evaluate other roles
[2017-10-23T16:35:04,772][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_all_access=>[]
[2017-10-23T16:35:04,772][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_kibana_server
[2017-10-23T16:35:04,772][DEBUG][c.f.s.c.PrivilegesEvaluator]   Try wildcard match for watcher*
[2017-10-23T16:35:04,772][DEBUG][c.f.s.c.PrivilegesEvaluator]   No wildcard match found for watcher*
[2017-10-23T16:35:04,772][DEBUG][c.f.s.c.PrivilegesEvaluator] For index watcher* remaining requested indextype: [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:04,772][DEBUG][c.f.s.c.PrivilegesEvaluator]   Try wildcard match for ?kibana
[2017-10-23T16:35:04,772][DEBUG][c.f.s.c.PrivilegesEvaluator]   Wildcard match for ?kibana: [.kibana]
[2017-10-23T16:35:04,772][DEBUG][c.f.s.c.PrivilegesEvaluator]   matches for ?kibana, will check now types [*]
[2017-10-23T16:35:04,772][DEBUG][c.f.s.c.PrivilegesEvaluator]     match requested action indices:admin/get against ?kibana/*: [indices:*]
[2017-10-23T16:35:04,772][DEBUG][c.f.s.c.PrivilegesEvaluator]     removed .kibana*
[2017-10-23T16:35:04,772][DEBUG][c.f.s.c.PrivilegesEvaluator] For index ?kibana remaining requested indextype: []
[2017-10-23T16:35:04,772][DEBUG][c.f.s.c.PrivilegesEvaluator] found a match for 'sg_kibana_server.?kibana', evaluate other roles
[2017-10-23T16:35:04,772][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_kibana_server=>[]
[2017-10-23T16:35:04,772][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_own_index
[2017-10-23T16:35:04,772][DEBUG][c.f.s.c.PrivilegesEvaluator]   Resolve and match kibanaserver
[2017-10-23T16:35:04,772][DEBUG][c.f.s.c.PrivilegesEvaluator] no permittedAliasesIndex 'kibanaserver' found for  'indices:admin/get'
[2017-10-23T16:35:04,772][DEBUG][c.f.s.c.PrivilegesEvaluator] permittedAliasesIndices '{kibanaserver=org.elasticsearch.common.settings.Settings@37b8cba5}' -> '{*.0=INDICES_ALL}'
[2017-10-23T16:35:04,772][DEBUG][c.f.s.c.PrivilegesEvaluator] requestedResolvedIndexTypes '[IndexType [index=.kibana, type=*]]'
[2017-10-23T16:35:04,772][DEBUG][c.f.s.c.PrivilegesEvaluator]   resolved permitted aliases indices for kibanaserver: [kibanaserver]
[2017-10-23T16:35:04,772][DEBUG][c.f.s.c.PrivilegesEvaluator]   matches for kibanaserver, will check now types [*]
[2017-10-23T16:35:04,772][DEBUG][c.f.s.c.PrivilegesEvaluator]     match requested action indices:admin/get against kibanaserver/*: [indices:*]
[2017-10-23T16:35:04,772][DEBUG][c.f.s.c.PrivilegesEvaluator]     no match kibanaserver* in [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:04,772][DEBUG][c.f.s.c.PrivilegesEvaluator] For index kibanaserver remaining requested indextype: [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:04,772][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_own_index=>[IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:04,772][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_public
[2017-10-23T16:35:04,772][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_public=>[IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:04,785][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http basic
[2017-10-23T16:35:04,785][DEBUG][c.f.s.a.BackendRegistry  ] User 'kibanaserver' is in cache? true (cache size: 5)
[2017-10-23T16:35:04,785][DEBUG][c.f.s.a.BackendRegistry  ] User 'User [name=kibanaserver, roles=[]]' is authenticated
[2017-10-23T16:35:04,785][DEBUG][c.f.s.a.BackendRegistry  ] sg_tenant 'null'
[2017-10-23T16:35:04,786][DEBUG][c.f.s.c.PrivilegesEvaluator] evaluate permissions for User [name=kibanaserver, roles=[]]
[2017-10-23T16:35:04,786][DEBUG][c.f.s.c.PrivilegesEvaluator] requested indices:data/read/search from 10.70.124.115:59972
[2017-10-23T16:35:04,786][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolve [.kibana] from class org.elasticsearch.action.search.SearchRequest
[2017-10-23T16:35:04,786][DEBUG][c.f.s.c.PrivilegesEvaluator] indicesOptions IndicesOptions[id=38, ignore_unavailable=false, allow_no_indices=true, expand_wildcards_open=true, expand_wildcards_closed=false, allow_alisases_to_multiple_indices=true, forbid_closed_indices=true]
[2017-10-23T16:35:04,786][DEBUG][c.f.s.c.PrivilegesEvaluator] 1 raw indices [.kibana]
[2017-10-23T16:35:04,786][DEBUG][c.f.s.c.PrivilegesEvaluator] No date math indices found
[2017-10-23T16:35:04,786][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolved [.kibana] to [.kibana]
[2017-10-23T16:35:04,786][DEBUG][c.f.s.c.PrivilegesEvaluator] requested resolved indextypes: [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:04,786][DEBUG][c.f.s.c.PrivilegesEvaluator] mapped roles for kibanaserver: [sg_all_access, sg_kibana_server, sg_own_index, sg_public]
[2017-10-23T16:35:04,786][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_all_access
[2017-10-23T16:35:04,786][DEBUG][c.f.s.c.PrivilegesEvaluator]   Try wildcard match for *
[2017-10-23T16:35:04,786][DEBUG][c.f.s.c.PrivilegesEvaluator]   Wildcard match for *: [.kibana]
[2017-10-23T16:35:04,786][DEBUG][c.f.s.c.PrivilegesEvaluator]   matches for *, will check now types [*]
[2017-10-23T16:35:04,786][DEBUG][c.f.s.c.PrivilegesEvaluator]     match requested action indices:data/read/search against */*: [*]
[2017-10-23T16:35:04,786][DEBUG][c.f.s.c.PrivilegesEvaluator]     removed .kibana*
[2017-10-23T16:35:04,786][DEBUG][c.f.s.c.PrivilegesEvaluator] For index * remaining requested indextype: []
[2017-10-23T16:35:04,786][DEBUG][c.f.s.c.PrivilegesEvaluator] found a match for 'sg_all_access.*', evaluate other roles
[2017-10-23T16:35:04,786][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_all_access=>[]
[2017-10-23T16:35:04,786][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_kibana_server
[2017-10-23T16:35:04,786][DEBUG][c.f.s.c.PrivilegesEvaluator]   Try wildcard match for watcher*
[2017-10-23T16:35:04,786][DEBUG][c.f.s.c.PrivilegesEvaluator]   No wildcard match found for watcher*
[2017-10-23T16:35:04,786][DEBUG][c.f.s.c.PrivilegesEvaluator] For index watcher* remaining requested indextype: [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:04,786][DEBUG][c.f.s.c.PrivilegesEvaluator]   Try wildcard match for ?kibana
[2017-10-23T16:35:04,786][DEBUG][c.f.s.c.PrivilegesEvaluator]   Wildcard match for ?kibana: [.kibana]
[2017-10-23T16:35:04,787][DEBUG][c.f.s.c.PrivilegesEvaluator]   matches for ?kibana, will check now types [*]
[2017-10-23T16:35:04,787][DEBUG][c.f.s.c.PrivilegesEvaluator]     match requested action indices:data/read/search against ?kibana/*: [indices:*]
[2017-10-23T16:35:04,787][DEBUG][c.f.s.c.PrivilegesEvaluator]     removed .kibana*
[2017-10-23T16:35:04,787][DEBUG][c.f.s.c.PrivilegesEvaluator] For index ?kibana remaining requested indextype: []
[2017-10-23T16:35:04,787][DEBUG][c.f.s.c.PrivilegesEvaluator] found a match for 'sg_kibana_server.?kibana', evaluate other roles
[2017-10-23T16:35:04,787][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_kibana_server=>[]
[2017-10-23T16:35:04,787][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_own_index
[2017-10-23T16:35:04,787][DEBUG][c.f.s.c.PrivilegesEvaluator]   Resolve and match kibanaserver
[2017-10-23T16:35:04,787][DEBUG][c.f.s.c.PrivilegesEvaluator] no permittedAliasesIndex 'kibanaserver' found for  'indices:data/read/search'
[2017-10-23T16:35:04,787][DEBUG][c.f.s.c.PrivilegesEvaluator] permittedAliasesIndices '{kibanaserver=org.elasticsearch.common.settings.Settings@37b8cba5}' -> '{*.0=INDICES_ALL}'
[2017-10-23T16:35:04,787][DEBUG][c.f.s.c.PrivilegesEvaluator] requestedResolvedIndexTypes '[IndexType [index=.kibana, type=*]]'
[2017-10-23T16:35:04,787][DEBUG][c.f.s.c.PrivilegesEvaluator]   resolved permitted aliases indices for kibanaserver: [kibanaserver]
[2017-10-23T16:35:04,787][DEBUG][c.f.s.c.PrivilegesEvaluator]   matches for kibanaserver, will check now types [*]
[2017-10-23T16:35:04,787][DEBUG][c.f.s.c.PrivilegesEvaluator]     match requested action indices:data/read/search against kibanaserver/*: [indices:*]
[2017-10-23T16:35:04,787][DEBUG][c.f.s.c.PrivilegesEvaluator]     no match kibanaserver* in [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:04,787][DEBUG][c.f.s.c.PrivilegesEvaluator] For index kibanaserver remaining requested indextype: [IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:04,787][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_own_index=>[IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:04,787][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_public
[2017-10-23T16:35:04,787][DEBUG][c.f.s.c.PrivilegesEvaluator] Added to leftovers sg_public=>[IndexType [index=.kibana, type=*]]
[2017-10-23T16:35:04,792][DEBUG][c.f.s.a.BackendRegistry  ] Try to extract auth creds from http basic
[2017-10-23T16:35:04,792][DEBUG][c.f.s.a.BackendRegistry  ] User 'kibanaserver' is in cache? true (cache size: 5)
[2017-10-23T16:35:04,793][DEBUG][c.f.s.a.BackendRegistry  ] User 'User [name=kibanaserver, roles=[]]' is authenticated
[2017-10-23T16:35:04,793][DEBUG][c.f.s.a.BackendRegistry  ] sg_tenant 'null'
[2017-10-23T16:35:04,793][DEBUG][c.f.s.c.PrivilegesEvaluator] evaluate permissions for User [name=kibanaserver, roles=[]]
[2017-10-23T16:35:04,793][DEBUG][c.f.s.c.PrivilegesEvaluator] requested cluster:monitor/state from 10.70.124.115:33476
[2017-10-23T16:35:04,793][DEBUG][c.f.s.c.PrivilegesEvaluator] Resolve [] from class org.elasticsearch.action.admin.cluster.state.ClusterStateRequest
[2017-10-23T16:35:04,793][DEBUG][c.f.s.c.PrivilegesEvaluator] indicesOptions IndicesOptions[id=7, ignore_unavailable=true, allow_no_indices=true, expand_wildcards_open=true, expand_wildcards_closed=false, allow_alisases_to_multiple_indices=true, forbid_closed_indices=false]
[2017-10-23T16:35:04,793][DEBUG][c.f.s.c.PrivilegesEvaluator] 0 raw indices []
[2017-10-23T16:35:04,793][DEBUG][c.f.s.c.PrivilegesEvaluator] No indices found in request, assume _all
[2017-10-23T16:35:04,793][DEBUG][c.f.s.c.PrivilegesEvaluator] requested resolved indextypes: [IndexType [index=logstash-2015.05.18, type=*], IndexType [index=logstash-2015.05.19, type=*], IndexType [index=mos-2017.10.17, type=*], IndexType [index=.kibana_1853788673_admemtsevs, type=*], IndexType [index=twitter, type=*], IndexType [index=watcher, type=*], IndexType [index=sentinl_users, type=*], IndexType [index=shakespeare, type=*], IndexType [index=logstash-2015.05.20, type=*], IndexType [index=searchguard, type=*], IndexType [index=bank, type=*], IndexType [index=watcher_alarms-2017.10.20, type=*], IndexType [index=.kibana, type=*], IndexType [index=.kibana_1378793996_emtsevs, type=*], IndexType [index=watcher_alarms, type=*]]
[2017-10-23T16:35:04,793][DEBUG][c.f.s.c.PrivilegesEvaluator] mapped roles for kibanaserver: [sg_all_access, sg_kibana_server, sg_own_index, sg_public]
[2017-10-23T16:35:04,793][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_all_access
[2017-10-23T16:35:04,797][DEBUG][c.f.s.c.PrivilegesEvaluator]   resolved cluster actions:[*]
[2017-10-23T16:35:04,797][DEBUG][c.f.s.c.PrivilegesEvaluator]   found a match for 'sg_all_access' and cluster:monitor/state, skip other roles