{ "type": "server", "timestamp": "2021-02-26T14:27:22,976Z", "level": "DEBUG", "component": "c.f.s.a.RestAuthenticationProcessor", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Checking authdomain AuthenticationDomain [backend=com.floragunn.searchguard.authtoken.AuthTokenAuthenticationBackend@5c30997f, httpAuthenticator=com.floragunn.searchguard.authtoken.AuthTokenHttpJwtAuthenticator@32fb4be0, order=0, challenge=false] (total: 4)", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:22,976Z", "level": "DEBUG", "component": "c.f.s.a.AuthTokenHttpJwtAuthenticator", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Unsupported authentication scheme Basic", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:22,976Z", "level": "DEBUG", "component": "c.f.s.a.RestAuthenticationProcessor", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Checking authdomain AuthenticationDomain [backend=com.floragunn.searchguard.auth.internal.InternalAuthenticationBackend@38176ed3, httpAuthenticator=com.floragunn.searchguard.http.HTTPBasicAuthenticator@624363e9, order=1, challenge=false] (total: 4)", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:22,977Z", "level": "DEBUG", "component": "c.f.s.a.RestAuthenticationProcessor", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Authcz successful for User [name=admin, backend_roles=[admin], requestedTenant=null] on AuthenticationDomain [backend=com.floragunn.searchguard.auth.internal.InternalAuthenticationBackend@38176ed3, httpAuthenticator=com.floragunn.searchguard.http.HTTPBasicAuthenticator@624363e9, order=1, challenge=false]", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:22,977Z", "level": "DEBUG", "component": "c.f.s.p.PrivilegesEvaluator", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "### evaluate permissions for User [name=admin, backend_roles=[admin], requestedTenant=null] on elk-es-master-0", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:22,977Z", "level": "DEBUG", "component": "c.f.s.p.PrivilegesEvaluator", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "action: cluster:monitor/main (MainRequest)", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:22,977Z", "level": "DEBUG", "component": "c.f.s.r.IndexResolverReplacer", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Resolve aliases, indices and types from MainRequest", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:22,977Z", "level": "DEBUG", "component": "c.f.s.p.PrivilegesEvaluator", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "requestedResolved : Resolved [aliases=[*], indices=[*], allIndices=[*], types=[*], originalRequested=[], remoteIndices=[]]", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:22,977Z", "level": "DEBUG", "component": "c.f.s.s.C.SgRoles", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "No masked fields found for User [name=admin, backend_roles=[admin], requestedTenant=null] in 2 sg roles", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:22,977Z", "level": "DEBUG", "component": "c.f.s.s.C.SgRoles", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "No fls or dls found for User [name=admin, backend_roles=[admin], requestedTenant=null] in 2 sg roles", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:22,977Z", "level": "DEBUG", "component": "c.f.s.c.PrivilegesInterceptorImpl", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "raw requestedTenant: 'null'", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:22,977Z", "level": "DEBUG", "component": "c.f.s.p.PrivilegesEvaluator", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Result from privileges interceptor for cluster perm: null", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:22,978Z", "level": "DEBUG", "component": "c.f.s.p.PrivilegesEvaluator", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Allowed because we have cluster permissions for cluster:monitor/main", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:22,978Z", "level": "DEBUG", "component": "c.f.s.f.SearchGuardFilter", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "PrivEvalResponse [allowed=true, missingPrivileges=[], allowedFlsFields=null, maskedFields=null, queries=null]", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:32,988Z", "level": "DEBUG", "component": "c.f.s.a.RestAuthenticationProcessor", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Checking authdomain AuthenticationDomain [backend=com.floragunn.searchguard.authtoken.AuthTokenAuthenticationBackend@5c30997f, httpAuthenticator=com.floragunn.searchguard.authtoken.AuthTokenHttpJwtAuthenticator@32fb4be0, order=0, challenge=false] (total: 4)", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:32,988Z", "level": "DEBUG", "component": "c.f.s.a.AuthTokenHttpJwtAuthenticator", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Unsupported authentication scheme Basic", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:32,988Z", "level": "DEBUG", "component": "c.f.s.a.RestAuthenticationProcessor", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Checking authdomain AuthenticationDomain [backend=com.floragunn.searchguard.auth.internal.InternalAuthenticationBackend@38176ed3, httpAuthenticator=com.floragunn.searchguard.http.HTTPBasicAuthenticator@624363e9, order=1, challenge=false] (total: 4)", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:32,988Z", "level": "DEBUG", "component": "c.f.s.a.RestAuthenticationProcessor", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Authcz successful for User [name=admin, backend_roles=[admin], requestedTenant=null] on AuthenticationDomain [backend=com.floragunn.searchguard.auth.internal.InternalAuthenticationBackend@38176ed3, httpAuthenticator=com.floragunn.searchguard.http.HTTPBasicAuthenticator@624363e9, order=1, challenge=false]", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:32,988Z", "level": "DEBUG", "component": "c.f.s.p.PrivilegesEvaluator", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "### evaluate permissions for User [name=admin, backend_roles=[admin], requestedTenant=null] on elk-es-master-0", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:32,989Z", "level": "DEBUG", "component": "c.f.s.p.PrivilegesEvaluator", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "action: cluster:monitor/main (MainRequest)", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:32,989Z", "level": "DEBUG", "component": "c.f.s.r.IndexResolverReplacer", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Resolve aliases, indices and types from MainRequest", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:32,989Z", "level": "DEBUG", "component": "c.f.s.p.PrivilegesEvaluator", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "requestedResolved : Resolved [aliases=[*], indices=[*], allIndices=[*], types=[*], originalRequested=[], remoteIndices=[]]", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:32,989Z", "level": "DEBUG", "component": "c.f.s.s.C.SgRoles", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "No masked fields found for User [name=admin, backend_roles=[admin], requestedTenant=null] in 2 sg roles", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:32,989Z", "level": "DEBUG", "component": "c.f.s.s.C.SgRoles", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "No fls or dls found for User [name=admin, backend_roles=[admin], requestedTenant=null] in 2 sg roles", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:32,989Z", "level": "DEBUG", "component": "c.f.s.c.PrivilegesInterceptorImpl", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "raw requestedTenant: 'null'", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:32,989Z", "level": "DEBUG", "component": "c.f.s.p.PrivilegesEvaluator", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Result from privileges interceptor for cluster perm: null", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:32,989Z", "level": "DEBUG", "component": "c.f.s.p.PrivilegesEvaluator", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Allowed because we have cluster permissions for cluster:monitor/main", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:32,989Z", "level": "DEBUG", "component": "c.f.s.f.SearchGuardFilter", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "PrivEvalResponse [allowed=true, missingPrivileges=[], allowedFlsFields=null, maskedFields=null, queries=null]", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:43,023Z", "level": "DEBUG", "component": "c.f.s.a.RestAuthenticationProcessor", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Checking authdomain AuthenticationDomain [backend=com.floragunn.searchguard.authtoken.AuthTokenAuthenticationBackend@5c30997f, httpAuthenticator=com.floragunn.searchguard.authtoken.AuthTokenHttpJwtAuthenticator@32fb4be0, order=0, challenge=false] (total: 4)", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:43,023Z", "level": "DEBUG", "component": "c.f.s.a.AuthTokenHttpJwtAuthenticator", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Unsupported authentication scheme Basic", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:43,023Z", "level": "DEBUG", "component": "c.f.s.a.RestAuthenticationProcessor", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Checking authdomain AuthenticationDomain [backend=com.floragunn.searchguard.auth.internal.InternalAuthenticationBackend@38176ed3, httpAuthenticator=com.floragunn.searchguard.http.HTTPBasicAuthenticator@624363e9, order=1, challenge=false] (total: 4)", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:43,024Z", "level": "DEBUG", "component": "c.f.s.a.RestAuthenticationProcessor", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Authcz successful for User [name=admin, backend_roles=[admin], requestedTenant=null] on AuthenticationDomain [backend=com.floragunn.searchguard.auth.internal.InternalAuthenticationBackend@38176ed3, httpAuthenticator=com.floragunn.searchguard.http.HTTPBasicAuthenticator@624363e9, order=1, challenge=false]", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:43,024Z", "level": "DEBUG", "component": "c.f.s.p.PrivilegesEvaluator", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "### evaluate permissions for User [name=admin, backend_roles=[admin], requestedTenant=null] on elk-es-master-0", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:43,024Z", "level": "DEBUG", "component": "c.f.s.p.PrivilegesEvaluator", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "action: cluster:monitor/main (MainRequest)", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:43,024Z", "level": "DEBUG", "component": "c.f.s.r.IndexResolverReplacer", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Resolve aliases, indices and types from MainRequest", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:43,024Z", "level": "DEBUG", "component": "c.f.s.p.PrivilegesEvaluator", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "requestedResolved : Resolved [aliases=[*], indices=[*], allIndices=[*], types=[*], originalRequested=[], remoteIndices=[]]", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:43,024Z", "level": "DEBUG", "component": "c.f.s.s.C.SgRoles", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "No masked fields found for User [name=admin, backend_roles=[admin], requestedTenant=null] in 2 sg roles", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:43,024Z", "level": "DEBUG", "component": "c.f.s.s.C.SgRoles", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "No fls or dls found for User [name=admin, backend_roles=[admin], requestedTenant=null] in 2 sg roles", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:43,025Z", "level": "DEBUG", "component": "c.f.s.c.PrivilegesInterceptorImpl", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "raw requestedTenant: 'null'", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:43,025Z", "level": "DEBUG", "component": "c.f.s.p.PrivilegesEvaluator", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Result from privileges interceptor for cluster perm: null", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:43,025Z", "level": "DEBUG", "component": "c.f.s.p.PrivilegesEvaluator", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Allowed because we have cluster permissions for cluster:monitor/main", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:43,025Z", "level": "DEBUG", "component": "c.f.s.f.SearchGuardFilter", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "PrivEvalResponse [allowed=true, missingPrivileges=[], allowedFlsFields=null, maskedFields=null, queries=null]", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:48,516Z", "level": "DEBUG", "component": "c.f.s.a.BackendRegistry", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Transport authentication request from 127.0.0.1:57792", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:49,420Z", "level": "DEBUG", "component": "c.f.s.a.BackendRegistry", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Transport authentication request from 127.0.0.1:57818", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:49,425Z", "level": "DEBUG", "component": "c.f.s.a.BackendRegistry", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Transport authentication request from 127.0.0.1:57820", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:49,427Z", "level": "DEBUG", "component": "c.f.s.a.BackendRegistry", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Transport authentication request from 127.0.0.1:57822", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:49,614Z", "level": "DEBUG", "component": "c.f.s.a.BackendRegistry", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Transport authentication request from 127.0.0.1:57824", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:49,624Z", "level": "DEBUG", "component": "c.f.s.a.BackendRegistry", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Transport authentication request from 127.0.0.1:57826", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:49,629Z", "level": "DEBUG", "component": "c.f.s.a.BackendRegistry", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Transport authentication request from 127.0.0.1:57816", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:49,717Z", "level": "DEBUG", "component": "c.f.s.a.BackendRegistry", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Transport authentication request from 127.0.0.1:57818", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:49,830Z", "level": "DEBUG", "component": "c.f.s.a.BackendRegistry", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Transport authentication request from 127.0.0.1:57820", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:50,596Z", "level": "DEBUG", "component": "c.f.s.a.BackendRegistry", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Transport authentication request from 127.0.0.1:57822", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:51,309Z", "level": "DEBUG", "component": "c.f.s.a.BackendRegistry", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Transport authentication request from 127.0.0.1:57824", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:51,990Z", "level": "DEBUG", "component": "c.f.s.a.BackendRegistry", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Transport authentication request from 127.0.0.1:57826", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:52,631Z", "level": "DEBUG", "component": "c.f.s.a.BackendRegistry", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Transport authentication request from 127.0.0.1:57816", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:53,000Z", "level": "DEBUG", "component": "c.f.s.a.RestAuthenticationProcessor", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Checking authdomain AuthenticationDomain [backend=com.floragunn.searchguard.authtoken.AuthTokenAuthenticationBackend@5c30997f, httpAuthenticator=com.floragunn.searchguard.authtoken.AuthTokenHttpJwtAuthenticator@32fb4be0, order=0, challenge=false] (total: 4)", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:53,000Z", "level": "DEBUG", "component": "c.f.s.a.AuthTokenHttpJwtAuthenticator", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Unsupported authentication scheme Basic", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:53,000Z", "level": "DEBUG", "component": "c.f.s.a.RestAuthenticationProcessor", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Checking authdomain AuthenticationDomain [backend=com.floragunn.searchguard.auth.internal.InternalAuthenticationBackend@38176ed3, httpAuthenticator=com.floragunn.searchguard.http.HTTPBasicAuthenticator@624363e9, order=1, challenge=false] (total: 4)", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:53,001Z", "level": "DEBUG", "component": "c.f.s.a.RestAuthenticationProcessor", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Authcz successful for User [name=admin, backend_roles=[admin], requestedTenant=null] on AuthenticationDomain [backend=com.floragunn.searchguard.auth.internal.InternalAuthenticationBackend@38176ed3, httpAuthenticator=com.floragunn.searchguard.http.HTTPBasicAuthenticator@624363e9, order=1, challenge=false]", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:53,001Z", "level": "DEBUG", "component": "c.f.s.p.PrivilegesEvaluator", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "### evaluate permissions for User [name=admin, backend_roles=[admin], requestedTenant=null] on elk-es-master-0", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:53,001Z", "level": "DEBUG", "component": "c.f.s.p.PrivilegesEvaluator", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "action: cluster:monitor/main (MainRequest)", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:53,001Z", "level": "DEBUG", "component": "c.f.s.r.IndexResolverReplacer", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Resolve aliases, indices and types from MainRequest", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:53,001Z", "level": "DEBUG", "component": "c.f.s.p.PrivilegesEvaluator", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "requestedResolved : Resolved [aliases=[*], indices=[*], allIndices=[*], types=[*], originalRequested=[], remoteIndices=[]]", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:53,001Z", "level": "DEBUG", "component": "c.f.s.s.C.SgRoles", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "No masked fields found for User [name=admin, backend_roles=[admin], requestedTenant=null] in 2 sg roles", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:53,001Z", "level": "DEBUG", "component": "c.f.s.s.C.SgRoles", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "No fls or dls found for User [name=admin, backend_roles=[admin], requestedTenant=null] in 2 sg roles", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:53,001Z", "level": "DEBUG", "component": "c.f.s.c.PrivilegesInterceptorImpl", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "raw requestedTenant: 'null'", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:53,001Z", "level": "DEBUG", "component": "c.f.s.p.PrivilegesEvaluator", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Result from privileges interceptor for cluster perm: null", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:53,002Z", "level": "DEBUG", "component": "c.f.s.p.PrivilegesEvaluator", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Allowed because we have cluster permissions for cluster:monitor/main", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:53,002Z", "level": "DEBUG", "component": "c.f.s.f.SearchGuardFilter", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "PrivEvalResponse [allowed=true, missingPrivileges=[], allowedFlsFields=null, maskedFields=null, queries=null]", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:53,099Z", "level": "DEBUG", "component": "c.f.s.a.BackendRegistry", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Transport authentication request from 127.0.0.1:57956", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:53,263Z", "level": "DEBUG", "component": "c.f.s.a.BackendRegistry", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Transport authentication request from 127.0.0.1:57818", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:54,158Z", "level": "DEBUG", "component": "c.f.s.a.BackendRegistry", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Transport authentication request from 127.0.0.1:57820", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:54,768Z", "level": "DEBUG", "component": "c.f.s.a.BackendRegistry", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Transport authentication request from 127.0.0.1:57822", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:54,769Z", "level": "DEBUG", "component": "c.f.s.c.ConfigurationRepository", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "sg index exists and was created with ES 7 (new layout)", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:56,527Z", "level": "DEBUG", "component": "c.f.s.s.i.SgDynamicConfiguration", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Load INTERNALUSERS with version 2", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:56,528Z", "level": "DEBUG", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Received config for internalusers (of [INTERNALUSERS, TENANTS, BLOCKS, ROLES, CONFIG, ROLESMAPPING, ACTIONGROUPS]) with current latch value=6", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:56,528Z", "level": "DEBUG", "component": "c.f.s.s.i.SgDynamicConfiguration", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Load TENANTS with version 2", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:56,529Z", "level": "DEBUG", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Received config for tenants (of [INTERNALUSERS, TENANTS, BLOCKS, ROLES, CONFIG, ROLESMAPPING, ACTIONGROUPS]) with current latch value=5", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:56,529Z", "level": "DEBUG", "component": "c.f.s.s.i.SgDynamicConfiguration", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Load BLOCKS with version 2", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:56,529Z", "level": "DEBUG", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Received config for blocks (of [INTERNALUSERS, TENANTS, BLOCKS, ROLES, CONFIG, ROLESMAPPING, ACTIONGROUPS]) with current latch value=4", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:56,530Z", "level": "DEBUG", "component": "c.f.s.s.i.SgDynamicConfiguration", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Load ROLES with version 2", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:56,530Z", "level": "DEBUG", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Received config for roles (of [INTERNALUSERS, TENANTS, BLOCKS, ROLES, CONFIG, ROLESMAPPING, ACTIONGROUPS]) with current latch value=3", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:56,531Z", "level": "DEBUG", "component": "c.f.s.s.i.SgDynamicConfiguration", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Load CONFIG with version 2", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:56,532Z", "level": "DEBUG", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Received config for config (of [INTERNALUSERS, TENANTS, BLOCKS, ROLES, CONFIG, ROLESMAPPING, ACTIONGROUPS]) with current latch value=2", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:56,533Z", "level": "DEBUG", "component": "c.f.s.s.i.SgDynamicConfiguration", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Load ROLESMAPPING with version 2", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:56,533Z", "level": "DEBUG", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Received config for rolesmapping (of [INTERNALUSERS, TENANTS, BLOCKS, ROLES, CONFIG, ROLESMAPPING, ACTIONGROUPS]) with current latch value=1", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:56,534Z", "level": "DEBUG", "component": "c.f.s.s.i.SgDynamicConfiguration", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Load ACTIONGROUPS with version 2", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:56,534Z", "level": "DEBUG", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Received config for actiongroups (of [INTERNALUSERS, TENANTS, BLOCKS, ROLES, CONFIG, ROLESMAPPING, ACTIONGROUPS]) with current latch value=0", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:56,534Z", "level": "DEBUG", "component": "c.f.s.c.ConfigurationRepository", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Notify com.floragunn.searchguard.sgconf.DynamicConfigFactory@530468ed listener about change configuration with type {}", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:56,537Z", "level": "DEBUG", "component": "c.f.s.s.DynamicConfigFactory", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "current config (because of [INTERNALUSERS, TENANTS, BLOCKS, ROLES, CONFIG, ROLESMAPPING, ACTIONGROUPS])\n actionGroups: class com.floragunn.searchguard.sgconf.impl.v7.ActionGroupsV7 with 0 entries\n config: class com.floragunn.searchguard.sgconf.impl.v7.ConfigV7 with 1 entries\n internalusers: class com.floragunn.searchguard.sgconf.impl.v7.InternalUserV7 with 6 entries\n roles: class com.floragunn.searchguard.sgconf.impl.v7.RoleV7 with 1 entries\n rolesmapping: class com.floragunn.searchguard.sgconf.impl.v7.RoleMappingsV7 with 8 entries\n tenants: class com.floragunn.searchguard.sgconf.impl.v7.TenantV7 with 1 entries \n blocks: class com.floragunn.searchguard.sgconf.impl.v7.BlocksV7 with 0 entries \n", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:56,539Z", "level": "DEBUG", "component": "c.f.s.s.StaticSgConfig", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "11 static roles loaded", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:56,540Z", "level": "DEBUG", "component": "c.f.s.s.StaticSgConfig", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "37 static actiongroups loaded", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:56,540Z", "level": "DEBUG", "component": "c.f.s.s.StaticSgConfig", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "1 static tenants loaded", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:56,540Z", "level": "DEBUG", "component": "c.f.s.s.DynamicConfigFactory", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Static configuration loaded (total roles: 12/total action groups: 37/total tenants: 2)", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:56,541Z", "level": "DEBUG", "component": "c.f.s.s.ReflectionHelper", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Loaded module Module [type=LDAP_AUTHORIZATION_BACKEND, implementing class=com.floragunn.dlic.auth.ldap.backend.LDAPAuthorizationBackend]", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:56,542Z", "level": "DEBUG", "component": "c.f.s.s.ReflectionHelper", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Loaded module Module [type=NOOP_AUTHENTICATION_BACKEND, implementing class=com.floragunn.searchguard.auth.internal.NoOpAuthenticationBackend]", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:56,543Z", "level": "DEBUG", "component": "c.f.s.s.PemKeyReader", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Path is is null", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:56,543Z", "level": "DEBUG", "component": "c.f.s.s.PemKeyReader", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Path is is certs/host/ca-bundle.crt", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:56,543Z", "level": "DEBUG", "component": "c.f.s.s.PemKeyReader", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Resolved certs/host/ca-bundle.crt to /usr/share/elasticsearch/config/certs/host/ca-bundle.crt against /usr/share/elasticsearch/config", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:56,926Z", "level": "DEBUG", "component": "c.f.s.s.PemKeyReader", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Path is is null", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:56,926Z", "level": "DEBUG", "component": "c.f.s.s.PemKeyReader", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Path is is null", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:57,278Z", "level": "INFO", "component": "o.o.s.m.r.i.AbstractReloadingMetadataResolver", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Metadata Resolver SamlHTTPMetadataResolver com.floragunn.dlic.auth.http.saml.HTTPSamlAuthenticator_4: New metadata successfully loaded for 'https://ifs.example.com/FederationMetadata/2007-06/FederationMetadata.xml'", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:57,278Z", "level": "INFO", "component": "o.o.s.m.r.i.AbstractReloadingMetadataResolver", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Metadata Resolver SamlHTTPMetadataResolver com.floragunn.dlic.auth.http.saml.HTTPSamlAuthenticator_4: Next refresh cycle for metadata provider 'https://ifs.example.com/FederationMetadata/2007-06/FederationMetadata.xml' will occur on '2021-02-26T17:27:57.017Z' ('2021-02-26T17:27:57.017Z' local time)", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:57,279Z", "level": "DEBUG", "component": "c.f.s.s.ReflectionHelper", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Loaded module Module [type=SAML_AUTHENTICATION_BACKEND, implementing class=com.floragunn.dlic.auth.http.saml.HTTPSamlAuthenticator]", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:57,279Z", "level": "DEBUG", "component": "c.f.s.s.ReflectionHelper", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Loaded module Module [type=INTERNAL_USERS_AUTHENTICATION_BACKEND, implementing class=com.floragunn.searchguard.auth.internal.InternalAuthenticationBackend]", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:57,280Z", "level": "DEBUG", "component": "c.f.s.s.ReflectionHelper", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Loaded module Module [type=HTTP_BASIC_AUTHENTICATOR, implementing class=com.floragunn.searchguard.http.HTTPBasicAuthenticator]", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:57,280Z", "level": "DEBUG", "component": "c.f.s.s.ReflectionHelper", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Loaded module Module [type=AUTH_TOKEN_AUTHENTICATION_BACKEND, implementing class=com.floragunn.searchguard.authtoken.AuthTokenAuthenticationBackend]", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:57,281Z", "level": "DEBUG", "component": "c.f.s.s.ReflectionHelper", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Loaded module Module [type=AUTH_TOKEN_HTTP_AUTHENTICATOR, implementing class=com.floragunn.searchguard.authtoken.AuthTokenHttpJwtAuthenticator]", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:57,281Z", "level": "DEBUG", "component": "c.f.s.s.ReflectionHelper", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Loaded module Module [type=LDAP_AUTHENTICATION_BACKEND, implementing class=com.floragunn.dlic.auth.ldap.backend.LDAPAuthenticationBackend]", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:57,282Z", "level": "DEBUG", "component": "c.f.s.s.ReflectionHelper", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Loaded module Module [type=HTTP_BASIC_AUTHENTICATOR, implementing class=com.floragunn.searchguard.http.HTTPBasicAuthenticator]", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:57,302Z", "level": "DEBUG", "component": "c.f.s.a.BackendRegistry", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Clear user cache for admin due to EXPLICIT", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:57,302Z", "level": "DEBUG", "component": "c.f.s.a.BackendRegistry", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Clear user cache for User [name=admin, backend_roles=[admin], requestedTenant=null] due to EXPLICIT", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:57,303Z", "level": "DEBUG", "component": "c.f.s.c.CompatConfig", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "dynamicSgConfig updated?: true", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:57,303Z", "level": "DEBUG", "component": "c.f.s.m.SearchGuardModulesRegistry", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "New configuration for com.floragunn.searchguard.authtoken.AuthTokenModule@15c7ad51: com.floragunn.searchguard.authtoken.AuthTokenServiceConfig@31762242", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:57,307Z", "level": "INFO", "component": "c.f.s.c.ComplianceConfig", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Compliance features are disabled. To enable them you need a special license. Please contact support for this.", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:57,307Z", "level": "INFO", "component": "c.f.s.c.ConfigurationRepository", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Search Guard License Info: SearchGuardLicense [uid=A0655B18-1F41-4CFF-84D2-E09A41140416, type=FULL, features=[], issueDate=2020-03-22, expiryDate=2021-04-10, issuedTo=My Company Name, issuer=floragunn GmbH, startDate=2020-04-10, majorVersion=7, clusterName=*, allowedNodeCount=32768, msgs=[], expiresInDays=43, isExpired=false, valid=true, action=, prodUsage=Yes, one cluster with all commercial features and unlimited nodes per cluster., clusterService=org.elasticsearch.cluster.service.ClusterService@66d983f9, getMsgs()=[], getExpiresInDays()=43, isExpired()=false, isValid()=true, getAction()=, getProdUsage()=Yes, one cluster with all commercial features and unlimited nodes per cluster.]", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:57,307Z", "level": "INFO", "component": "c.f.s.c.ConfigurationRepository", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Search Guard License Type: FULL, valid", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:27:58,136Z", "level": "DEBUG", "component": "c.f.s.a.BackendRegistry", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Transport authentication request from 127.0.0.1:58088", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:28:02,988Z", "level": "DEBUG", "component": "c.f.s.a.RestAuthenticationProcessor", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Checking authdomain AuthenticationDomain [backend=com.floragunn.searchguard.authtoken.AuthTokenAuthenticationBackend@5c30997f, httpAuthenticator=com.floragunn.searchguard.authtoken.AuthTokenHttpJwtAuthenticator@32fb4be0, order=0, challenge=false] (total: 4)", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:28:02,989Z", "level": "DEBUG", "component": "c.f.s.a.AuthTokenHttpJwtAuthenticator", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Unsupported authentication scheme Basic", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:28:02,989Z", "level": "DEBUG", "component": "c.f.s.a.RestAuthenticationProcessor", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Checking authdomain AuthenticationDomain [backend=com.floragunn.searchguard.auth.internal.InternalAuthenticationBackend@2a11c549, httpAuthenticator=com.floragunn.searchguard.http.HTTPBasicAuthenticator@102d040d, order=1, challenge=false] (total: 4)", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:28:03,286Z", "level": "DEBUG", "component": "c.f.s.a.AuthorizationProcessor", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Skipped authorization of user admin", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:28:03,286Z", "level": "DEBUG", "component": "c.f.s.a.RestAuthenticationProcessor", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Authcz successful for User [name=admin, backend_roles=[admin], requestedTenant=null] on AuthenticationDomain [backend=com.floragunn.searchguard.auth.internal.InternalAuthenticationBackend@2a11c549, httpAuthenticator=com.floragunn.searchguard.http.HTTPBasicAuthenticator@102d040d, order=1, challenge=false]", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:28:03,286Z", "level": "DEBUG", "component": "c.f.s.p.PrivilegesEvaluator", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "### evaluate permissions for User [name=admin, backend_roles=[admin], requestedTenant=null] on elk-es-master-0", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:28:03,287Z", "level": "DEBUG", "component": "c.f.s.p.PrivilegesEvaluator", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "action: cluster:monitor/main (MainRequest)", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:28:03,287Z", "level": "DEBUG", "component": "c.f.s.r.IndexResolverReplacer", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Resolve aliases, indices and types from MainRequest", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:28:03,287Z", "level": "DEBUG", "component": "c.f.s.p.PrivilegesEvaluator", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "requestedResolved : Resolved [aliases=[*], indices=[*], allIndices=[*], types=[*], originalRequested=[], remoteIndices=[]]", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:28:03,287Z", "level": "DEBUG", "component": "c.f.s.s.C.SgRoles", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "No masked fields found for User [name=admin, backend_roles=[admin], requestedTenant=null] in 2 sg roles", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:28:03,287Z", "level": "DEBUG", "component": "c.f.s.s.C.SgRoles", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "No fls or dls found for User [name=admin, backend_roles=[admin], requestedTenant=null] in 2 sg roles", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:28:03,287Z", "level": "DEBUG", "component": "c.f.s.c.PrivilegesInterceptorImpl", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "raw requestedTenant: 'null'", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:28:03,287Z", "level": "DEBUG", "component": "c.f.s.p.PrivilegesEvaluator", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Result from privileges interceptor for cluster perm: null", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:28:03,287Z", "level": "DEBUG", "component": "c.f.s.p.PrivilegesEvaluator", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "Allowed because we have cluster permissions for cluster:monitor/main", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" } { "type": "server", "timestamp": "2021-02-26T14:28:03,287Z", "level": "DEBUG", "component": "c.f.s.f.SearchGuardFilter", "cluster.name": "elk-es-dev", "node.name": "elk-es-master-0", "message": "PrivEvalResponse [allowed=true, missingPrivileges=[], allowedFlsFields=null, maskedFields=null, queries=null]", "cluster.uuid": "YgzlFBvxQm--yeQRS3V_CQ", "node.id": "cnUjA2cuSXSukBepaXgc5Q" }