[2017-07-13T02:50:46,746][WARN ][c.f.s.h.SearchGuardHttpServerTransport] [ec58ciD] Someone (/184.105.247.195:61676) speaks http plaintext instead of ssl, will close the channel [2017-07-13T06:06:09,146][INFO ][o.e.n.Node ] [ec58ciD] stopping ... [2017-07-13T06:06:09,179][INFO ][o.e.n.Node ] [ec58ciD] stopped [2017-07-13T06:06:09,179][INFO ][o.e.n.Node ] [ec58ciD] closing ... [2017-07-13T06:06:09,190][INFO ][o.e.n.Node ] [ec58ciD] closed [2017-07-13T06:06:10,851][INFO ][o.e.n.Node ] [] initializing ... [2017-07-13T06:06:10,944][INFO ][o.e.e.NodeEnvironment ] [ec58ciD] using [1] data paths, mounts [[/ (/dev/sda1)]], net usable_space [25.7gb], net total_space [29.4gb], spins? [possibly], types [ext4] [2017-07-13T06:06:10,944][INFO ][o.e.e.NodeEnvironment ] [ec58ciD] heap size [1.9gb], compressed ordinary object pointers [true] [2017-07-13T06:06:10,961][INFO ][o.e.n.Node ] node name [ec58ciD] derived from node ID [ec58ciDFTFmlJKHRbDgq5A]; set [node.name] to override [2017-07-13T06:06:10,962][INFO ][o.e.n.Node ] version[5.5.0], pid[51987], build[260387d/2017-06-30T23:16:05.735Z], OS[Linux/4.4.0-83-generic/amd64], JVM[Oracle Corporation/Java HotSpot(TM) 64-Bit Server VM/1.8.0_131/25.131-b11] [2017-07-13T06:06:10,962][INFO ][o.e.n.Node ] JVM arguments [-Xms2g, -Xmx2g, -XX:+UseConcMarkSweepGC, -XX:CMSInitiatingOccupancyFraction=75, -XX:+UseCMSInitiatingOccupancyOnly, -XX:+DisableExplicitGC, -XX:+AlwaysPreTouch, -Xss1m, -Djava.awt.headless=true, -Dfile.encoding=UTF-8, -Djna.nosys=true, -Djdk.io.permissionsUseCanonicalPath=true, -Dio.netty.noUnsafe=true, -Dio.netty.noKeySetOptimization=true, -Dio.netty.recycler.maxCapacityPerThread=0, -Dlog4j.shutdownHookEnabled=false, -Dlog4j2.disable.jmx=true, -Dlog4j.skipJansi=true, -XX:+HeapDumpOnOutOfMemoryError, -Des.path.home=/usr/share/elasticsearch] [2017-07-13T06:06:11,820][INFO ][c.f.s.SearchGuardPlugin ] Clustername: searchguard_demo [2017-07-13T06:06:11,821][WARN ][c.f.s.SearchGuardPlugin ] ### LICENSE NOTICE Search Guard ### If you use one or more of the following features in production make sure you have a valid Search Guard license (See https://floragunn.com/searchguard-validate-license) * Kibana Multitenancy * LDAP authentication/authorization * Active Directory authentication/authorization * REST Management API * JSON Web Token (JWT) authentication/authorization * Kerberos authentication/authorization * Document- and Fieldlevel Security (DLS/FLS) * Auditlogging In case of any doubt mail to ################################### [2017-07-13T06:06:11,852][INFO ][c.f.s.SearchGuardPlugin ] Node [ec58ciD] is a transportClient: false/tribeNode: false/tribeNodeClient: false [2017-07-13T06:06:11,852][INFO ][c.f.s.SearchGuardPlugin ] FLS/DLS module not available [2017-07-13T06:06:11,862][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] Open SSL not available (this is not an error, we simply fallback to built-in JDK SSL) because of java.lang.ClassNotFoundException: io.netty.internal.tcnative.SSL [2017-07-13T06:06:11,863][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.version: 1.8.0_131 [2017-07-13T06:06:11,863][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.vendor: Oracle Corporation [2017-07-13T06:06:11,863][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.vm.specification.version: 1.8 [2017-07-13T06:06:11,863][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.vm.specification.vendor: Oracle Corporation [2017-07-13T06:06:11,863][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.vm.specification.name: Java Virtual Machine Specification [2017-07-13T06:06:11,863][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.vm.name: Java HotSpot(TM) 64-Bit Server VM [2017-07-13T06:06:11,863][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.vm.vendor: Oracle Corporation [2017-07-13T06:06:11,863][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.specification.version: 1.8 [2017-07-13T06:06:11,863][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.specification.vendor: Oracle Corporation [2017-07-13T06:06:11,863][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.specification.name: Java Platform API Specification [2017-07-13T06:06:11,863][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] os.name: Linux [2017-07-13T06:06:11,863][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] os.arch: amd64 [2017-07-13T06:06:11,864][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] os.version: 4.4.0-83-generic [2017-07-13T06:06:12,078][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] JVM supports the following 57 ciphers for https [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV, TLS_DH_anon_WITH_AES_128_GCM_SHA256, TLS_DH_anon_WITH_AES_128_CBC_SHA256, TLS_ECDH_anon_WITH_AES_128_CBC_SHA, TLS_DH_anon_WITH_AES_128_CBC_SHA, TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA, SSL_DH_anon_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_DH_anon_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA, TLS_RSA_WITH_NULL_SHA256, TLS_ECDHE_ECDSA_WITH_NULL_SHA, TLS_ECDHE_RSA_WITH_NULL_SHA, SSL_RSA_WITH_NULL_SHA, TLS_ECDH_ECDSA_WITH_NULL_SHA, TLS_ECDH_RSA_WITH_NULL_SHA, TLS_ECDH_anon_WITH_NULL_SHA, SSL_RSA_WITH_NULL_MD5, TLS_KRB5_WITH_3DES_EDE_CBC_SHA, TLS_KRB5_WITH_3DES_EDE_CBC_MD5, TLS_KRB5_WITH_DES_CBC_SHA, TLS_KRB5_WITH_DES_CBC_MD5, TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA, TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5] [2017-07-13T06:06:12,085][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] JVM supports the following 57 ciphers for transport [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV, TLS_DH_anon_WITH_AES_128_GCM_SHA256, TLS_DH_anon_WITH_AES_128_CBC_SHA256, TLS_ECDH_anon_WITH_AES_128_CBC_SHA, TLS_DH_anon_WITH_AES_128_CBC_SHA, TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA, SSL_DH_anon_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_DH_anon_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA, TLS_RSA_WITH_NULL_SHA256, TLS_ECDHE_ECDSA_WITH_NULL_SHA, TLS_ECDHE_RSA_WITH_NULL_SHA, SSL_RSA_WITH_NULL_SHA, TLS_ECDH_ECDSA_WITH_NULL_SHA, TLS_ECDH_RSA_WITH_NULL_SHA, TLS_ECDH_anon_WITH_NULL_SHA, SSL_RSA_WITH_NULL_MD5, TLS_KRB5_WITH_3DES_EDE_CBC_SHA, TLS_KRB5_WITH_3DES_EDE_CBC_MD5, TLS_KRB5_WITH_DES_CBC_SHA, TLS_KRB5_WITH_DES_CBC_MD5, TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA, TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5] [2017-07-13T06:06:12,089][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] Config directory is /etc/elasticsearch/, from there the key- and truststore files are resolved relatively [2017-07-13T06:06:12,095][INFO ][c.f.s.s.u.SSLCertificateHelper] No alias given, use the firs one: node-0 [2017-07-13T06:06:12,096][WARN ][c.f.s.s.u.SSLCertificateHelper] Certificate chain for alias node-0 contains a root certificate [2017-07-13T06:06:12,116][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] HTTPS client auth mode OPTIONAL [2017-07-13T06:06:12,116][INFO ][c.f.s.s.u.SSLCertificateHelper] No alias given, use the firs one: node-0 [2017-07-13T06:06:12,116][WARN ][c.f.s.s.u.SSLCertificateHelper] Certificate chain for alias node-0 contains a root certificate [2017-07-13T06:06:12,120][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] AES-256 not supported, max key length for AES is 128 bit.. That is not an issue, it just limits possible encryption strength. To enable AES 256 install 'Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files' [2017-07-13T06:06:12,120][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] sslTransportClientProvider:JDK with ciphers [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256] [2017-07-13T06:06:12,121][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] sslTransportServerProvider:JDK with ciphers [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256] [2017-07-13T06:06:12,121][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] sslHTTPProvider:JDK with ciphers [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256] [2017-07-13T06:06:12,121][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] sslTransport protocols [TLSv1.2, TLSv1.1] [2017-07-13T06:06:12,121][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] sslHTTP protocols [TLSv1.2, TLSv1.1] [2017-07-13T06:06:12,124][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [aggs-matrix-stats] [2017-07-13T06:06:12,124][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [ingest-common] [2017-07-13T06:06:12,124][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [lang-expression] [2017-07-13T06:06:12,124][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [lang-groovy] [2017-07-13T06:06:12,124][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [lang-mustache] [2017-07-13T06:06:12,124][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [lang-painless] [2017-07-13T06:06:12,124][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [parent-join] [2017-07-13T06:06:12,124][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [percolator] [2017-07-13T06:06:12,124][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [reindex] [2017-07-13T06:06:12,124][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [transport-netty3] [2017-07-13T06:06:12,124][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [transport-netty4] [2017-07-13T06:06:12,124][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded plugin [search-guard-5] [2017-07-13T06:06:13,807][DEBUG][o.e.a.ActionModule ] Using REST wrapper from plugin com.floragunn.searchguard.SearchGuardPlugin [2017-07-13T06:06:13,840][INFO ][c.f.s.SearchGuardPlugin ] FLS/DLS valve not bound (noop) due to java.lang.ClassNotFoundException: com.floragunn.searchguard.configuration.DlsFlsValveImpl [2017-07-13T06:06:13,840][INFO ][c.f.s.SearchGuardPlugin ] Auditlog not available due to java.lang.ClassNotFoundException: com.floragunn.searchguard.auditlog.impl.AuditLogImpl [2017-07-13T06:06:13,841][INFO ][c.f.s.SearchGuardPlugin ] Privileges interceptor not bound (noop) due to java.lang.ClassNotFoundException: com.floragunn.searchguard.configuration.PrivilegesInterceptorImpl [2017-07-13T06:06:13,983][INFO ][o.e.d.DiscoveryModule ] [ec58ciD] using discovery type [zen] [2017-07-13T06:06:14,557][INFO ][o.e.n.Node ] initialized [2017-07-13T06:06:14,557][INFO ][o.e.n.Node ] [ec58ciD] starting ... [2017-07-13T06:06:14,688][INFO ][o.e.t.TransportService ] [ec58ciD] publish_address {10.0.0.4:9300}, bound_addresses {[::]:9300} [2017-07-13T06:06:14,698][INFO ][o.e.b.BootstrapChecks ] [ec58ciD] bound or publishing to a non-loopback or non-link-local address, enforcing bootstrap checks [2017-07-13T06:06:14,707][INFO ][c.f.s.c.IndexBaseConfigurationRepository] Check if searchguard index exists ... [2017-07-13T06:06:14,714][DEBUG][o.e.a.a.i.e.i.TransportIndicesExistsAction] [ec58ciD] no known master node, scheduling a retry [2017-07-13T06:06:17,783][INFO ][o.e.c.s.ClusterService ] [ec58ciD] new_master {ec58ciD}{ec58ciDFTFmlJKHRbDgq5A}{GqEk9lBjTtqdH46KHKih1A}{10.0.0.4}{10.0.0.4:9300}, reason: zen-disco-elected-as-master ([0] nodes joined) [2017-07-13T06:06:17,810][INFO ][c.f.s.h.SearchGuardHttpServerTransport] [ec58ciD] publish_address {10.0.0.4:9200}, bound_addresses {[::]:9200} [2017-07-13T06:06:17,810][INFO ][o.e.n.Node ] [ec58ciD] started [2017-07-13T06:06:17,990][INFO ][o.e.g.GatewayService ] [ec58ciD] recovered [2] indices into cluster_state [2017-07-13T06:06:18,275][INFO ][o.e.c.r.a.AllocationService] [ec58ciD] Cluster health status changed from [RED] to [YELLOW] (reason: [shards started [[human_resources][0], [human_resources][2], [searchguard][0]] ...]). [2017-07-13T06:06:18,383][INFO ][c.f.s.c.IndexBaseConfigurationRepository] Node 'ec58ciD' initialized [2017-07-13T07:12:57,835][INFO ][o.e.n.Node ] [ec58ciD] stopping ... [2017-07-13T07:12:57,873][INFO ][o.e.n.Node ] [ec58ciD] stopped [2017-07-13T07:12:57,874][INFO ][o.e.n.Node ] [ec58ciD] closing ... [2017-07-13T07:12:57,882][INFO ][o.e.n.Node ] [ec58ciD] closed [2017-07-13T07:12:59,371][INFO ][o.e.n.Node ] [] initializing ... [2017-07-13T07:12:59,484][INFO ][o.e.e.NodeEnvironment ] [ec58ciD] using [1] data paths, mounts [[/ (/dev/sda1)]], net usable_space [25.7gb], net total_space [29.4gb], spins? [possibly], types [ext4] [2017-07-13T07:12:59,485][INFO ][o.e.e.NodeEnvironment ] [ec58ciD] heap size [1.9gb], compressed ordinary object pointers [true] [2017-07-13T07:12:59,500][INFO ][o.e.n.Node ] node name [ec58ciD] derived from node ID [ec58ciDFTFmlJKHRbDgq5A]; set [node.name] to override [2017-07-13T07:12:59,501][INFO ][o.e.n.Node ] version[5.5.0], pid[54017], build[260387d/2017-06-30T23:16:05.735Z], OS[Linux/4.4.0-83-generic/amd64], JVM[Oracle Corporation/Java HotSpot(TM) 64-Bit Server VM/1.8.0_131/25.131-b11] [2017-07-13T07:12:59,501][INFO ][o.e.n.Node ] JVM arguments [-Xms2g, -Xmx2g, -XX:+UseConcMarkSweepGC, -XX:CMSInitiatingOccupancyFraction=75, -XX:+UseCMSInitiatingOccupancyOnly, -XX:+DisableExplicitGC, -XX:+AlwaysPreTouch, -Xss1m, -Djava.awt.headless=true, -Dfile.encoding=UTF-8, -Djna.nosys=true, -Djdk.io.permissionsUseCanonicalPath=true, -Dio.netty.noUnsafe=true, -Dio.netty.noKeySetOptimization=true, -Dio.netty.recycler.maxCapacityPerThread=0, -Dlog4j.shutdownHookEnabled=false, -Dlog4j2.disable.jmx=true, -Dlog4j.skipJansi=true, -XX:+HeapDumpOnOutOfMemoryError, -Des.path.home=/usr/share/elasticsearch] [2017-07-13T07:13:00,371][INFO ][c.f.s.SearchGuardPlugin ] Clustername: searchguard_demo [2017-07-13T07:13:00,372][WARN ][c.f.s.SearchGuardPlugin ] ### LICENSE NOTICE Search Guard ### If you use one or more of the following features in production make sure you have a valid Search Guard license (See https://floragunn.com/searchguard-validate-license) * Kibana Multitenancy * LDAP authentication/authorization * Active Directory authentication/authorization * REST Management API * JSON Web Token (JWT) authentication/authorization * Kerberos authentication/authorization * Document- and Fieldlevel Security (DLS/FLS) * Auditlogging In case of any doubt mail to ################################### [2017-07-13T07:13:00,404][INFO ][c.f.s.SearchGuardPlugin ] Node [ec58ciD] is a transportClient: false/tribeNode: false/tribeNodeClient: false [2017-07-13T07:13:00,404][INFO ][c.f.s.SearchGuardPlugin ] FLS/DLS module not available [2017-07-13T07:13:00,414][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] Open SSL not available (this is not an error, we simply fallback to built-in JDK SSL) because of java.lang.ClassNotFoundException: io.netty.internal.tcnative.SSL [2017-07-13T07:13:00,415][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.version: 1.8.0_131 [2017-07-13T07:13:00,415][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.vendor: Oracle Corporation [2017-07-13T07:13:00,415][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.vm.specification.version: 1.8 [2017-07-13T07:13:00,415][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.vm.specification.vendor: Oracle Corporation [2017-07-13T07:13:00,415][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.vm.specification.name: Java Virtual Machine Specification [2017-07-13T07:13:00,415][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.vm.name: Java HotSpot(TM) 64-Bit Server VM [2017-07-13T07:13:00,415][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.vm.vendor: Oracle Corporation [2017-07-13T07:13:00,415][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.specification.version: 1.8 [2017-07-13T07:13:00,415][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.specification.vendor: Oracle Corporation [2017-07-13T07:13:00,415][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.specification.name: Java Platform API Specification [2017-07-13T07:13:00,416][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] os.name: Linux [2017-07-13T07:13:00,416][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] os.arch: amd64 [2017-07-13T07:13:00,416][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] os.version: 4.4.0-83-generic [2017-07-13T07:13:00,633][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] JVM supports the following 57 ciphers for https [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV, TLS_DH_anon_WITH_AES_128_GCM_SHA256, TLS_DH_anon_WITH_AES_128_CBC_SHA256, TLS_ECDH_anon_WITH_AES_128_CBC_SHA, TLS_DH_anon_WITH_AES_128_CBC_SHA, TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA, SSL_DH_anon_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_DH_anon_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA, TLS_RSA_WITH_NULL_SHA256, TLS_ECDHE_ECDSA_WITH_NULL_SHA, TLS_ECDHE_RSA_WITH_NULL_SHA, SSL_RSA_WITH_NULL_SHA, TLS_ECDH_ECDSA_WITH_NULL_SHA, TLS_ECDH_RSA_WITH_NULL_SHA, TLS_ECDH_anon_WITH_NULL_SHA, SSL_RSA_WITH_NULL_MD5, TLS_KRB5_WITH_3DES_EDE_CBC_SHA, TLS_KRB5_WITH_3DES_EDE_CBC_MD5, TLS_KRB5_WITH_DES_CBC_SHA, TLS_KRB5_WITH_DES_CBC_MD5, TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA, TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5] [2017-07-13T07:13:00,640][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] JVM supports the following 57 ciphers for transport [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV, TLS_DH_anon_WITH_AES_128_GCM_SHA256, TLS_DH_anon_WITH_AES_128_CBC_SHA256, TLS_ECDH_anon_WITH_AES_128_CBC_SHA, TLS_DH_anon_WITH_AES_128_CBC_SHA, TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA, SSL_DH_anon_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_DH_anon_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA, TLS_RSA_WITH_NULL_SHA256, TLS_ECDHE_ECDSA_WITH_NULL_SHA, TLS_ECDHE_RSA_WITH_NULL_SHA, SSL_RSA_WITH_NULL_SHA, TLS_ECDH_ECDSA_WITH_NULL_SHA, TLS_ECDH_RSA_WITH_NULL_SHA, TLS_ECDH_anon_WITH_NULL_SHA, SSL_RSA_WITH_NULL_MD5, TLS_KRB5_WITH_3DES_EDE_CBC_SHA, TLS_KRB5_WITH_3DES_EDE_CBC_MD5, TLS_KRB5_WITH_DES_CBC_SHA, TLS_KRB5_WITH_DES_CBC_MD5, TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA, TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5] [2017-07-13T07:13:00,645][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] Config directory is /etc/elasticsearch/, from there the key- and truststore files are resolved relatively [2017-07-13T07:13:00,648][INFO ][c.f.s.s.u.SSLCertificateHelper] No alias given, use the firs one: node-0 [2017-07-13T07:13:00,649][WARN ][c.f.s.s.u.SSLCertificateHelper] Certificate chain for alias node-0 contains a root certificate [2017-07-13T07:13:00,674][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] HTTPS client auth mode OPTIONAL [2017-07-13T07:13:00,674][INFO ][c.f.s.s.u.SSLCertificateHelper] No alias given, use the firs one: node-0 [2017-07-13T07:13:00,674][WARN ][c.f.s.s.u.SSLCertificateHelper] Certificate chain for alias node-0 contains a root certificate [2017-07-13T07:13:00,681][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] AES-256 not supported, max key length for AES is 128 bit.. That is not an issue, it just limits possible encryption strength. To enable AES 256 install 'Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files' [2017-07-13T07:13:00,681][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] sslTransportClientProvider:JDK with ciphers [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256] [2017-07-13T07:13:00,681][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] sslTransportServerProvider:JDK with ciphers [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256] [2017-07-13T07:13:00,681][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] sslHTTPProvider:JDK with ciphers [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256] [2017-07-13T07:13:00,681][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] sslTransport protocols [TLSv1.2, TLSv1.1] [2017-07-13T07:13:00,682][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] sslHTTP protocols [TLSv1.2, TLSv1.1] [2017-07-13T07:13:00,688][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [aggs-matrix-stats] [2017-07-13T07:13:00,689][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [ingest-common] [2017-07-13T07:13:00,689][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [lang-expression] [2017-07-13T07:13:00,689][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [lang-groovy] [2017-07-13T07:13:00,689][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [lang-mustache] [2017-07-13T07:13:00,689][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [lang-painless] [2017-07-13T07:13:00,689][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [parent-join] [2017-07-13T07:13:00,689][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [percolator] [2017-07-13T07:13:00,689][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [reindex] [2017-07-13T07:13:00,690][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [transport-netty3] [2017-07-13T07:13:00,690][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [transport-netty4] [2017-07-13T07:13:00,690][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded plugin [search-guard-5] [2017-07-13T07:13:02,529][DEBUG][o.e.a.ActionModule ] Using REST wrapper from plugin com.floragunn.searchguard.SearchGuardPlugin [2017-07-13T07:13:02,570][INFO ][c.f.s.SearchGuardPlugin ] FLS/DLS valve not bound (noop) due to java.lang.ClassNotFoundException: com.floragunn.searchguard.configuration.DlsFlsValveImpl [2017-07-13T07:13:02,571][INFO ][c.f.s.SearchGuardPlugin ] Auditlog not available due to java.lang.ClassNotFoundException: com.floragunn.searchguard.auditlog.impl.AuditLogImpl [2017-07-13T07:13:02,572][INFO ][c.f.s.SearchGuardPlugin ] Privileges interceptor not bound (noop) due to java.lang.ClassNotFoundException: com.floragunn.searchguard.configuration.PrivilegesInterceptorImpl [2017-07-13T07:13:02,732][INFO ][o.e.d.DiscoveryModule ] [ec58ciD] using discovery type [zen] [2017-07-13T07:13:03,250][INFO ][o.e.n.Node ] initialized [2017-07-13T07:13:03,251][INFO ][o.e.n.Node ] [ec58ciD] starting ... [2017-07-13T07:13:03,373][INFO ][o.e.t.TransportService ] [ec58ciD] publish_address {10.0.0.4:9300}, bound_addresses {[::]:9300} [2017-07-13T07:13:03,383][INFO ][o.e.b.BootstrapChecks ] [ec58ciD] bound or publishing to a non-loopback or non-link-local address, enforcing bootstrap checks [2017-07-13T07:13:03,388][INFO ][c.f.s.c.IndexBaseConfigurationRepository] Check if searchguard index exists ... [2017-07-13T07:13:03,393][DEBUG][o.e.a.a.i.e.i.TransportIndicesExistsAction] [ec58ciD] no known master node, scheduling a retry [2017-07-13T07:13:06,437][INFO ][o.e.c.s.ClusterService ] [ec58ciD] new_master {ec58ciD}{ec58ciDFTFmlJKHRbDgq5A}{2Nh_0_lrTLmzR9DpmHIS_A}{10.0.0.4}{10.0.0.4:9300}, reason: zen-disco-elected-as-master ([0] nodes joined) [2017-07-13T07:13:06,479][INFO ][c.f.s.h.SearchGuardHttpServerTransport] [ec58ciD] publish_address {10.0.0.4:9200}, bound_addresses {[::]:9200} [2017-07-13T07:13:06,479][INFO ][o.e.n.Node ] [ec58ciD] started [2017-07-13T07:13:06,689][INFO ][o.e.g.GatewayService ] [ec58ciD] recovered [2] indices into cluster_state [2017-07-13T07:13:06,976][INFO ][o.e.c.r.a.AllocationService] [ec58ciD] Cluster health status changed from [RED] to [YELLOW] (reason: [shards started [[human_resources][1], [human_resources][2], [searchguard][0]] ...]). [2017-07-13T07:13:07,067][INFO ][c.f.s.c.IndexBaseConfigurationRepository] Node 'ec58ciD' initialized [2017-07-13T07:17:57,594][INFO ][o.e.n.Node ] [ec58ciD] stopping ... [2017-07-13T07:17:57,644][INFO ][o.e.n.Node ] [ec58ciD] stopped [2017-07-13T07:17:57,644][INFO ][o.e.n.Node ] [ec58ciD] closing ... [2017-07-13T07:17:57,657][INFO ][o.e.n.Node ] [ec58ciD] closed [2017-07-13T07:17:59,314][INFO ][o.e.n.Node ] [] initializing ... [2017-07-13T07:17:59,410][INFO ][o.e.e.NodeEnvironment ] [ec58ciD] using [1] data paths, mounts [[/ (/dev/sda1)]], net usable_space [25.7gb], net total_space [29.4gb], spins? [possibly], types [ext4] [2017-07-13T07:17:59,411][INFO ][o.e.e.NodeEnvironment ] [ec58ciD] heap size [1.9gb], compressed ordinary object pointers [true] [2017-07-13T07:17:59,421][INFO ][o.e.n.Node ] node name [ec58ciD] derived from node ID [ec58ciDFTFmlJKHRbDgq5A]; set [node.name] to override [2017-07-13T07:17:59,422][INFO ][o.e.n.Node ] version[5.5.0], pid[54462], build[260387d/2017-06-30T23:16:05.735Z], OS[Linux/4.4.0-83-generic/amd64], JVM[Oracle Corporation/Java HotSpot(TM) 64-Bit Server VM/1.8.0_131/25.131-b11] [2017-07-13T07:17:59,422][INFO ][o.e.n.Node ] JVM arguments [-Xms2g, -Xmx2g, -XX:+UseConcMarkSweepGC, -XX:CMSInitiatingOccupancyFraction=75, -XX:+UseCMSInitiatingOccupancyOnly, -XX:+DisableExplicitGC, -XX:+AlwaysPreTouch, -Xss1m, -Djava.awt.headless=true, -Dfile.encoding=UTF-8, -Djna.nosys=true, -Djdk.io.permissionsUseCanonicalPath=true, -Dio.netty.noUnsafe=true, -Dio.netty.noKeySetOptimization=true, -Dio.netty.recycler.maxCapacityPerThread=0, -Dlog4j.shutdownHookEnabled=false, -Dlog4j2.disable.jmx=true, -Dlog4j.skipJansi=true, -XX:+HeapDumpOnOutOfMemoryError, -Des.path.home=/usr/share/elasticsearch] [2017-07-13T07:18:00,416][INFO ][c.f.s.SearchGuardPlugin ] Clustername: searchguard_demo [2017-07-13T07:18:00,417][WARN ][c.f.s.SearchGuardPlugin ] ### LICENSE NOTICE Search Guard ### If you use one or more of the following features in production make sure you have a valid Search Guard license (See https://floragunn.com/searchguard-validate-license) * Kibana Multitenancy * LDAP authentication/authorization * Active Directory authentication/authorization * REST Management API * JSON Web Token (JWT) authentication/authorization * Kerberos authentication/authorization * Document- and Fieldlevel Security (DLS/FLS) * Auditlogging In case of any doubt mail to ################################### [2017-07-13T07:18:00,446][INFO ][c.f.s.SearchGuardPlugin ] Node [ec58ciD] is a transportClient: false/tribeNode: false/tribeNodeClient: false [2017-07-13T07:18:00,446][INFO ][c.f.s.SearchGuardPlugin ] FLS/DLS module not available [2017-07-13T07:18:00,457][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] Open SSL not available (this is not an error, we simply fallback to built-in JDK SSL) because of java.lang.ClassNotFoundException: io.netty.internal.tcnative.SSL [2017-07-13T07:18:00,457][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.version: 1.8.0_131 [2017-07-13T07:18:00,457][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.vendor: Oracle Corporation [2017-07-13T07:18:00,457][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.vm.specification.version: 1.8 [2017-07-13T07:18:00,457][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.vm.specification.vendor: Oracle Corporation [2017-07-13T07:18:00,457][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.vm.specification.name: Java Virtual Machine Specification [2017-07-13T07:18:00,457][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.vm.name: Java HotSpot(TM) 64-Bit Server VM [2017-07-13T07:18:00,458][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.vm.vendor: Oracle Corporation [2017-07-13T07:18:00,458][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.specification.version: 1.8 [2017-07-13T07:18:00,458][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.specification.vendor: Oracle Corporation [2017-07-13T07:18:00,458][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.specification.name: Java Platform API Specification [2017-07-13T07:18:00,458][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] os.name: Linux [2017-07-13T07:18:00,458][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] os.arch: amd64 [2017-07-13T07:18:00,458][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] os.version: 4.4.0-83-generic [2017-07-13T07:18:00,657][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] JVM supports the following 57 ciphers for https [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV, TLS_DH_anon_WITH_AES_128_GCM_SHA256, TLS_DH_anon_WITH_AES_128_CBC_SHA256, TLS_ECDH_anon_WITH_AES_128_CBC_SHA, TLS_DH_anon_WITH_AES_128_CBC_SHA, TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA, SSL_DH_anon_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_DH_anon_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA, TLS_RSA_WITH_NULL_SHA256, TLS_ECDHE_ECDSA_WITH_NULL_SHA, TLS_ECDHE_RSA_WITH_NULL_SHA, SSL_RSA_WITH_NULL_SHA, TLS_ECDH_ECDSA_WITH_NULL_SHA, TLS_ECDH_RSA_WITH_NULL_SHA, TLS_ECDH_anon_WITH_NULL_SHA, SSL_RSA_WITH_NULL_MD5, TLS_KRB5_WITH_3DES_EDE_CBC_SHA, TLS_KRB5_WITH_3DES_EDE_CBC_MD5, TLS_KRB5_WITH_DES_CBC_SHA, TLS_KRB5_WITH_DES_CBC_MD5, TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA, TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5] [2017-07-13T07:18:00,663][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] JVM supports the following 57 ciphers for transport [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV, TLS_DH_anon_WITH_AES_128_GCM_SHA256, TLS_DH_anon_WITH_AES_128_CBC_SHA256, TLS_ECDH_anon_WITH_AES_128_CBC_SHA, TLS_DH_anon_WITH_AES_128_CBC_SHA, TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA, SSL_DH_anon_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_DH_anon_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA, TLS_RSA_WITH_NULL_SHA256, TLS_ECDHE_ECDSA_WITH_NULL_SHA, TLS_ECDHE_RSA_WITH_NULL_SHA, SSL_RSA_WITH_NULL_SHA, TLS_ECDH_ECDSA_WITH_NULL_SHA, TLS_ECDH_RSA_WITH_NULL_SHA, TLS_ECDH_anon_WITH_NULL_SHA, SSL_RSA_WITH_NULL_MD5, TLS_KRB5_WITH_3DES_EDE_CBC_SHA, TLS_KRB5_WITH_3DES_EDE_CBC_MD5, TLS_KRB5_WITH_DES_CBC_SHA, TLS_KRB5_WITH_DES_CBC_MD5, TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA, TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5] [2017-07-13T07:18:00,668][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] Config directory is /etc/elasticsearch/, from there the key- and truststore files are resolved relatively [2017-07-13T07:18:00,672][INFO ][c.f.s.s.u.SSLCertificateHelper] No alias given, use the firs one: node-0 [2017-07-13T07:18:00,673][WARN ][c.f.s.s.u.SSLCertificateHelper] Certificate chain for alias node-0 contains a root certificate [2017-07-13T07:18:00,697][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] HTTPS client auth mode OPTIONAL [2017-07-13T07:18:00,697][INFO ][c.f.s.s.u.SSLCertificateHelper] No alias given, use the firs one: node-0 [2017-07-13T07:18:00,698][WARN ][c.f.s.s.u.SSLCertificateHelper] Certificate chain for alias node-0 contains a root certificate [2017-07-13T07:18:00,704][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] AES-256 not supported, max key length for AES is 128 bit.. That is not an issue, it just limits possible encryption strength. To enable AES 256 install 'Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files' [2017-07-13T07:18:00,704][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] sslTransportClientProvider:JDK with ciphers [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256] [2017-07-13T07:18:00,705][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] sslTransportServerProvider:JDK with ciphers [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256] [2017-07-13T07:18:00,705][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] sslHTTPProvider:JDK with ciphers [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256] [2017-07-13T07:18:00,705][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] sslTransport protocols [TLSv1.2, TLSv1.1] [2017-07-13T07:18:00,705][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] sslHTTP protocols [TLSv1.2, TLSv1.1] [2017-07-13T07:18:00,709][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [aggs-matrix-stats] [2017-07-13T07:18:00,710][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [ingest-common] [2017-07-13T07:18:00,710][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [lang-expression] [2017-07-13T07:18:00,710][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [lang-groovy] [2017-07-13T07:18:00,710][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [lang-mustache] [2017-07-13T07:18:00,710][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [lang-painless] [2017-07-13T07:18:00,710][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [parent-join] [2017-07-13T07:18:00,710][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [percolator] [2017-07-13T07:18:00,711][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [reindex] [2017-07-13T07:18:00,711][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [transport-netty3] [2017-07-13T07:18:00,711][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [transport-netty4] [2017-07-13T07:18:00,712][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded plugin [search-guard-5] [2017-07-13T07:18:02,503][DEBUG][o.e.a.ActionModule ] Using REST wrapper from plugin com.floragunn.searchguard.SearchGuardPlugin [2017-07-13T07:18:02,555][INFO ][c.f.s.SearchGuardPlugin ] FLS/DLS valve not bound (noop) due to java.lang.ClassNotFoundException: com.floragunn.searchguard.configuration.DlsFlsValveImpl [2017-07-13T07:18:02,557][INFO ][c.f.s.SearchGuardPlugin ] Auditlog not available due to java.lang.ClassNotFoundException: com.floragunn.searchguard.auditlog.impl.AuditLogImpl [2017-07-13T07:18:02,558][INFO ][c.f.s.SearchGuardPlugin ] Privileges interceptor not bound (noop) due to java.lang.ClassNotFoundException: com.floragunn.searchguard.configuration.PrivilegesInterceptorImpl [2017-07-13T07:18:02,662][INFO ][o.e.d.DiscoveryModule ] [ec58ciD] using discovery type [zen] [2017-07-13T07:18:03,197][INFO ][o.e.n.Node ] initialized [2017-07-13T07:18:03,197][INFO ][o.e.n.Node ] [ec58ciD] starting ... [2017-07-13T07:18:03,309][INFO ][o.e.t.TransportService ] [ec58ciD] publish_address {10.0.0.4:9300}, bound_addresses {[::]:9300} [2017-07-13T07:18:03,319][INFO ][o.e.b.BootstrapChecks ] [ec58ciD] bound or publishing to a non-loopback or non-link-local address, enforcing bootstrap checks [2017-07-13T07:18:03,325][INFO ][c.f.s.c.IndexBaseConfigurationRepository] Check if searchguard index exists ... [2017-07-13T07:18:03,331][DEBUG][o.e.a.a.i.e.i.TransportIndicesExistsAction] [ec58ciD] no known master node, scheduling a retry [2017-07-13T07:18:06,384][INFO ][o.e.c.s.ClusterService ] [ec58ciD] new_master {ec58ciD}{ec58ciDFTFmlJKHRbDgq5A}{yFM-xyE_T1KqdEVQnzvvhA}{10.0.0.4}{10.0.0.4:9300}, reason: zen-disco-elected-as-master ([0] nodes joined) [2017-07-13T07:18:06,412][INFO ][c.f.s.h.SearchGuardHttpServerTransport] [ec58ciD] publish_address {10.0.0.4:9200}, bound_addresses {[::]:9200} [2017-07-13T07:18:06,412][INFO ][o.e.n.Node ] [ec58ciD] started [2017-07-13T07:18:06,641][INFO ][o.e.g.GatewayService ] [ec58ciD] recovered [2] indices into cluster_state [2017-07-13T07:18:06,911][INFO ][o.e.c.r.a.AllocationService] [ec58ciD] Cluster health status changed from [RED] to [YELLOW] (reason: [shards started [[human_resources][1], [human_resources][2], [searchguard][0]] ...]). [2017-07-13T07:18:06,998][INFO ][c.f.s.c.IndexBaseConfigurationRepository] Node 'ec58ciD' initialized [2017-07-13T07:32:37,198][INFO ][o.e.n.Node ] [ec58ciD] stopping ... [2017-07-13T07:32:37,226][INFO ][o.e.n.Node ] [ec58ciD] stopped [2017-07-13T07:32:37,226][INFO ][o.e.n.Node ] [ec58ciD] closing ... [2017-07-13T07:32:37,234][INFO ][o.e.n.Node ] [ec58ciD] closed [2017-07-13T07:32:38,858][INFO ][o.e.n.Node ] [] initializing ... [2017-07-13T07:32:38,942][INFO ][o.e.e.NodeEnvironment ] [ec58ciD] using [1] data paths, mounts [[/ (/dev/sda1)]], net usable_space [25.7gb], net total_space [29.4gb], spins? [possibly], types [ext4] [2017-07-13T07:32:38,942][INFO ][o.e.e.NodeEnvironment ] [ec58ciD] heap size [1.9gb], compressed ordinary object pointers [true] [2017-07-13T07:32:38,953][INFO ][o.e.n.Node ] node name [ec58ciD] derived from node ID [ec58ciDFTFmlJKHRbDgq5A]; set [node.name] to override [2017-07-13T07:32:38,954][INFO ][o.e.n.Node ] version[5.5.0], pid[54947], build[260387d/2017-06-30T23:16:05.735Z], OS[Linux/4.4.0-83-generic/amd64], JVM[Oracle Corporation/Java HotSpot(TM) 64-Bit Server VM/1.8.0_131/25.131-b11] [2017-07-13T07:32:38,955][INFO ][o.e.n.Node ] JVM arguments [-Xms2g, -Xmx2g, -XX:+UseConcMarkSweepGC, -XX:CMSInitiatingOccupancyFraction=75, -XX:+UseCMSInitiatingOccupancyOnly, -XX:+DisableExplicitGC, -XX:+AlwaysPreTouch, -Xss1m, -Djava.awt.headless=true, -Dfile.encoding=UTF-8, -Djna.nosys=true, -Djdk.io.permissionsUseCanonicalPath=true, -Dio.netty.noUnsafe=true, -Dio.netty.noKeySetOptimization=true, -Dio.netty.recycler.maxCapacityPerThread=0, -Dlog4j.shutdownHookEnabled=false, -Dlog4j2.disable.jmx=true, -Dlog4j.skipJansi=true, -XX:+HeapDumpOnOutOfMemoryError, -Des.path.home=/usr/share/elasticsearch] [2017-07-13T07:32:39,855][INFO ][c.f.s.SearchGuardPlugin ] Clustername: searchguard_demo [2017-07-13T07:32:39,856][WARN ][c.f.s.SearchGuardPlugin ] ### LICENSE NOTICE Search Guard ### If you use one or more of the following features in production make sure you have a valid Search Guard license (See https://floragunn.com/searchguard-validate-license) * Kibana Multitenancy * LDAP authentication/authorization * Active Directory authentication/authorization * REST Management API * JSON Web Token (JWT) authentication/authorization * Kerberos authentication/authorization * Document- and Fieldlevel Security (DLS/FLS) * Auditlogging In case of any doubt mail to ################################### [2017-07-13T07:32:39,884][INFO ][c.f.s.SearchGuardPlugin ] Node [ec58ciD] is a transportClient: false/tribeNode: false/tribeNodeClient: false [2017-07-13T07:32:39,885][INFO ][c.f.s.SearchGuardPlugin ] FLS/DLS module not available [2017-07-13T07:32:39,895][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] Open SSL not available (this is not an error, we simply fallback to built-in JDK SSL) because of java.lang.ClassNotFoundException: io.netty.internal.tcnative.SSL [2017-07-13T07:32:39,896][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.version: 1.8.0_131 [2017-07-13T07:32:39,896][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.vendor: Oracle Corporation [2017-07-13T07:32:39,896][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.vm.specification.version: 1.8 [2017-07-13T07:32:39,896][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.vm.specification.vendor: Oracle Corporation [2017-07-13T07:32:39,896][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.vm.specification.name: Java Virtual Machine Specification [2017-07-13T07:32:39,896][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.vm.name: Java HotSpot(TM) 64-Bit Server VM [2017-07-13T07:32:39,896][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.vm.vendor: Oracle Corporation [2017-07-13T07:32:39,896][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.specification.version: 1.8 [2017-07-13T07:32:39,897][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.specification.vendor: Oracle Corporation [2017-07-13T07:32:39,897][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.specification.name: Java Platform API Specification [2017-07-13T07:32:39,897][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] os.name: Linux [2017-07-13T07:32:39,897][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] os.arch: amd64 [2017-07-13T07:32:39,897][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] os.version: 4.4.0-83-generic [2017-07-13T07:32:40,058][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] JVM supports the following 57 ciphers for https [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV, TLS_DH_anon_WITH_AES_128_GCM_SHA256, TLS_DH_anon_WITH_AES_128_CBC_SHA256, TLS_ECDH_anon_WITH_AES_128_CBC_SHA, TLS_DH_anon_WITH_AES_128_CBC_SHA, TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA, SSL_DH_anon_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_DH_anon_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA, TLS_RSA_WITH_NULL_SHA256, TLS_ECDHE_ECDSA_WITH_NULL_SHA, TLS_ECDHE_RSA_WITH_NULL_SHA, SSL_RSA_WITH_NULL_SHA, TLS_ECDH_ECDSA_WITH_NULL_SHA, TLS_ECDH_RSA_WITH_NULL_SHA, TLS_ECDH_anon_WITH_NULL_SHA, SSL_RSA_WITH_NULL_MD5, TLS_KRB5_WITH_3DES_EDE_CBC_SHA, TLS_KRB5_WITH_3DES_EDE_CBC_MD5, TLS_KRB5_WITH_DES_CBC_SHA, TLS_KRB5_WITH_DES_CBC_MD5, TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA, TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5] [2017-07-13T07:32:40,064][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] JVM supports the following 57 ciphers for transport [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV, TLS_DH_anon_WITH_AES_128_GCM_SHA256, TLS_DH_anon_WITH_AES_128_CBC_SHA256, TLS_ECDH_anon_WITH_AES_128_CBC_SHA, TLS_DH_anon_WITH_AES_128_CBC_SHA, TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA, SSL_DH_anon_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_DH_anon_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA, TLS_RSA_WITH_NULL_SHA256, TLS_ECDHE_ECDSA_WITH_NULL_SHA, TLS_ECDHE_RSA_WITH_NULL_SHA, SSL_RSA_WITH_NULL_SHA, TLS_ECDH_ECDSA_WITH_NULL_SHA, TLS_ECDH_RSA_WITH_NULL_SHA, TLS_ECDH_anon_WITH_NULL_SHA, SSL_RSA_WITH_NULL_MD5, TLS_KRB5_WITH_3DES_EDE_CBC_SHA, TLS_KRB5_WITH_3DES_EDE_CBC_MD5, TLS_KRB5_WITH_DES_CBC_SHA, TLS_KRB5_WITH_DES_CBC_MD5, TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA, TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5] [2017-07-13T07:32:40,068][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] Config directory is /etc/elasticsearch/, from there the key- and truststore files are resolved relatively [2017-07-13T07:32:40,073][INFO ][c.f.s.s.u.SSLCertificateHelper] No alias given, use the firs one: node-0 [2017-07-13T07:32:40,073][WARN ][c.f.s.s.u.SSLCertificateHelper] Certificate chain for alias node-0 contains a root certificate [2017-07-13T07:32:40,099][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] HTTPS client auth mode OPTIONAL [2017-07-13T07:32:40,099][INFO ][c.f.s.s.u.SSLCertificateHelper] No alias given, use the firs one: node-0 [2017-07-13T07:32:40,099][WARN ][c.f.s.s.u.SSLCertificateHelper] Certificate chain for alias node-0 contains a root certificate [2017-07-13T07:32:40,106][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] AES-256 not supported, max key length for AES is 128 bit.. That is not an issue, it just limits possible encryption strength. To enable AES 256 install 'Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files' [2017-07-13T07:32:40,106][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] sslTransportClientProvider:JDK with ciphers [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256] [2017-07-13T07:32:40,107][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] sslTransportServerProvider:JDK with ciphers [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256] [2017-07-13T07:32:40,107][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] sslHTTPProvider:JDK with ciphers [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256] [2017-07-13T07:32:40,107][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] sslTransport protocols [TLSv1.2, TLSv1.1] [2017-07-13T07:32:40,107][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] sslHTTP protocols [TLSv1.2, TLSv1.1] [2017-07-13T07:32:40,111][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [aggs-matrix-stats] [2017-07-13T07:32:40,111][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [ingest-common] [2017-07-13T07:32:40,111][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [lang-expression] [2017-07-13T07:32:40,111][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [lang-groovy] [2017-07-13T07:32:40,111][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [lang-mustache] [2017-07-13T07:32:40,112][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [lang-painless] [2017-07-13T07:32:40,112][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [parent-join] [2017-07-13T07:32:40,112][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [percolator] [2017-07-13T07:32:40,112][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [reindex] [2017-07-13T07:32:40,112][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [transport-netty3] [2017-07-13T07:32:40,113][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [transport-netty4] [2017-07-13T07:32:40,113][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded plugin [search-guard-5] [2017-07-13T07:32:41,815][DEBUG][o.e.a.ActionModule ] Using REST wrapper from plugin com.floragunn.searchguard.SearchGuardPlugin [2017-07-13T07:32:41,864][INFO ][c.f.s.SearchGuardPlugin ] FLS/DLS valve not bound (noop) due to java.lang.ClassNotFoundException: com.floragunn.searchguard.configuration.DlsFlsValveImpl [2017-07-13T07:32:41,924][INFO ][c.f.s.SearchGuardPlugin ] Auditlog not available due to java.lang.ClassNotFoundException: com.floragunn.searchguard.auditlog.impl.AuditLogImpl [2017-07-13T07:32:41,925][INFO ][c.f.s.SearchGuardPlugin ] Privileges interceptor not bound (noop) due to java.lang.ClassNotFoundException: com.floragunn.searchguard.configuration.PrivilegesInterceptorImpl [2017-07-13T07:32:42,026][INFO ][o.e.d.DiscoveryModule ] [ec58ciD] using discovery type [zen] [2017-07-13T07:32:42,482][INFO ][o.e.n.Node ] initialized [2017-07-13T07:32:42,482][INFO ][o.e.n.Node ] [ec58ciD] starting ... [2017-07-13T07:32:42,611][INFO ][o.e.t.TransportService ] [ec58ciD] publish_address {10.0.0.4:9300}, bound_addresses {[::]:9300} [2017-07-13T07:32:42,623][INFO ][o.e.b.BootstrapChecks ] [ec58ciD] bound or publishing to a non-loopback or non-link-local address, enforcing bootstrap checks [2017-07-13T07:32:42,628][INFO ][c.f.s.c.IndexBaseConfigurationRepository] Check if searchguard index exists ... [2017-07-13T07:32:42,636][DEBUG][o.e.a.a.i.e.i.TransportIndicesExistsAction] [ec58ciD] no known master node, scheduling a retry [2017-07-13T07:32:45,694][INFO ][o.e.c.s.ClusterService ] [ec58ciD] new_master {ec58ciD}{ec58ciDFTFmlJKHRbDgq5A}{d5Iny3MrR1imyfStbMO8_Q}{10.0.0.4}{10.0.0.4:9300}, reason: zen-disco-elected-as-master ([0] nodes joined) [2017-07-13T07:32:45,758][INFO ][c.f.s.h.SearchGuardHttpServerTransport] [ec58ciD] publish_address {10.0.0.4:9200}, bound_addresses {[::]:9200} [2017-07-13T07:32:45,758][INFO ][o.e.n.Node ] [ec58ciD] started [2017-07-13T07:32:45,962][INFO ][o.e.g.GatewayService ] [ec58ciD] recovered [2] indices into cluster_state [2017-07-13T07:32:46,278][INFO ][o.e.c.r.a.AllocationService] [ec58ciD] Cluster health status changed from [RED] to [YELLOW] (reason: [shards started [[human_resources][1], [human_resources][2], [searchguard][0]] ...]). [2017-07-13T07:32:46,356][INFO ][c.f.s.c.IndexBaseConfigurationRepository] Node 'ec58ciD' initialized [2017-07-13T07:57:47,171][INFO ][o.e.n.Node ] [ec58ciD] stopping ... [2017-07-13T07:57:47,256][INFO ][o.e.n.Node ] [ec58ciD] stopped [2017-07-13T07:57:47,256][INFO ][o.e.n.Node ] [ec58ciD] closing ... [2017-07-13T07:57:47,264][INFO ][o.e.n.Node ] [ec58ciD] closed [2017-07-13T07:57:48,858][INFO ][o.e.n.Node ] [] initializing ... [2017-07-13T07:57:48,956][INFO ][o.e.e.NodeEnvironment ] [ec58ciD] using [1] data paths, mounts [[/ (/dev/sda1)]], net usable_space [25.7gb], net total_space [29.4gb], spins? [possibly], types [ext4] [2017-07-13T07:57:48,956][INFO ][o.e.e.NodeEnvironment ] [ec58ciD] heap size [1.9gb], compressed ordinary object pointers [true] [2017-07-13T07:57:48,974][INFO ][o.e.n.Node ] node name [ec58ciD] derived from node ID [ec58ciDFTFmlJKHRbDgq5A]; set [node.name] to override [2017-07-13T07:57:48,974][INFO ][o.e.n.Node ] version[5.5.0], pid[55760], build[260387d/2017-06-30T23:16:05.735Z], OS[Linux/4.4.0-83-generic/amd64], JVM[Oracle Corporation/Java HotSpot(TM) 64-Bit Server VM/1.8.0_131/25.131-b11] [2017-07-13T07:57:48,975][INFO ][o.e.n.Node ] JVM arguments [-Xms2g, -Xmx2g, -XX:+UseConcMarkSweepGC, -XX:CMSInitiatingOccupancyFraction=75, -XX:+UseCMSInitiatingOccupancyOnly, -XX:+DisableExplicitGC, -XX:+AlwaysPreTouch, -Xss1m, -Djava.awt.headless=true, -Dfile.encoding=UTF-8, -Djna.nosys=true, -Djdk.io.permissionsUseCanonicalPath=true, -Dio.netty.noUnsafe=true, -Dio.netty.noKeySetOptimization=true, -Dio.netty.recycler.maxCapacityPerThread=0, -Dlog4j.shutdownHookEnabled=false, -Dlog4j2.disable.jmx=true, -Dlog4j.skipJansi=true, -XX:+HeapDumpOnOutOfMemoryError, -Des.path.home=/usr/share/elasticsearch] [2017-07-13T07:57:49,903][INFO ][c.f.s.SearchGuardPlugin ] Clustername: searchguard_demo [2017-07-13T07:57:49,904][WARN ][c.f.s.SearchGuardPlugin ] ### LICENSE NOTICE Search Guard ### If you use one or more of the following features in production make sure you have a valid Search Guard license (See https://floragunn.com/searchguard-validate-license) * Kibana Multitenancy * LDAP authentication/authorization * Active Directory authentication/authorization * REST Management API * JSON Web Token (JWT) authentication/authorization * Kerberos authentication/authorization * Document- and Fieldlevel Security (DLS/FLS) * Auditlogging In case of any doubt mail to ################################### [2017-07-13T07:57:49,937][INFO ][c.f.s.SearchGuardPlugin ] Node [ec58ciD] is a transportClient: false/tribeNode: false/tribeNodeClient: false [2017-07-13T07:57:49,937][INFO ][c.f.s.SearchGuardPlugin ] FLS/DLS module not available [2017-07-13T07:57:49,948][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] Open SSL not available (this is not an error, we simply fallback to built-in JDK SSL) because of java.lang.ClassNotFoundException: io.netty.internal.tcnative.SSL [2017-07-13T07:57:49,948][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.version: 1.8.0_131 [2017-07-13T07:57:49,948][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.vendor: Oracle Corporation [2017-07-13T07:57:49,949][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.vm.specification.version: 1.8 [2017-07-13T07:57:49,949][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.vm.specification.vendor: Oracle Corporation [2017-07-13T07:57:49,949][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.vm.specification.name: Java Virtual Machine Specification [2017-07-13T07:57:49,949][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.vm.name: Java HotSpot(TM) 64-Bit Server VM [2017-07-13T07:57:49,949][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.vm.vendor: Oracle Corporation [2017-07-13T07:57:49,949][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.specification.version: 1.8 [2017-07-13T07:57:49,949][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.specification.vendor: Oracle Corporation [2017-07-13T07:57:49,949][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.specification.name: Java Platform API Specification [2017-07-13T07:57:49,950][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] os.name: Linux [2017-07-13T07:57:49,950][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] os.arch: amd64 [2017-07-13T07:57:49,951][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] os.version: 4.4.0-83-generic [2017-07-13T07:57:50,169][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] JVM supports the following 57 ciphers for https [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV, TLS_DH_anon_WITH_AES_128_GCM_SHA256, TLS_DH_anon_WITH_AES_128_CBC_SHA256, TLS_ECDH_anon_WITH_AES_128_CBC_SHA, TLS_DH_anon_WITH_AES_128_CBC_SHA, TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA, SSL_DH_anon_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_DH_anon_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA, TLS_RSA_WITH_NULL_SHA256, TLS_ECDHE_ECDSA_WITH_NULL_SHA, TLS_ECDHE_RSA_WITH_NULL_SHA, SSL_RSA_WITH_NULL_SHA, TLS_ECDH_ECDSA_WITH_NULL_SHA, TLS_ECDH_RSA_WITH_NULL_SHA, TLS_ECDH_anon_WITH_NULL_SHA, SSL_RSA_WITH_NULL_MD5, TLS_KRB5_WITH_3DES_EDE_CBC_SHA, TLS_KRB5_WITH_3DES_EDE_CBC_MD5, TLS_KRB5_WITH_DES_CBC_SHA, TLS_KRB5_WITH_DES_CBC_MD5, TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA, TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5] [2017-07-13T07:57:50,175][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] JVM supports the following 57 ciphers for transport [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV, TLS_DH_anon_WITH_AES_128_GCM_SHA256, TLS_DH_anon_WITH_AES_128_CBC_SHA256, TLS_ECDH_anon_WITH_AES_128_CBC_SHA, TLS_DH_anon_WITH_AES_128_CBC_SHA, TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA, SSL_DH_anon_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_DH_anon_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA, TLS_RSA_WITH_NULL_SHA256, TLS_ECDHE_ECDSA_WITH_NULL_SHA, TLS_ECDHE_RSA_WITH_NULL_SHA, SSL_RSA_WITH_NULL_SHA, TLS_ECDH_ECDSA_WITH_NULL_SHA, TLS_ECDH_RSA_WITH_NULL_SHA, TLS_ECDH_anon_WITH_NULL_SHA, SSL_RSA_WITH_NULL_MD5, TLS_KRB5_WITH_3DES_EDE_CBC_SHA, TLS_KRB5_WITH_3DES_EDE_CBC_MD5, TLS_KRB5_WITH_DES_CBC_SHA, TLS_KRB5_WITH_DES_CBC_MD5, TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA, TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5] [2017-07-13T07:57:50,180][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] Config directory is /etc/elasticsearch/, from there the key- and truststore files are resolved relatively [2017-07-13T07:57:50,184][INFO ][c.f.s.s.u.SSLCertificateHelper] No alias given, use the firs one: node-0 [2017-07-13T07:57:50,184][WARN ][c.f.s.s.u.SSLCertificateHelper] Certificate chain for alias node-0 contains a root certificate [2017-07-13T07:57:50,210][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] HTTPS client auth mode OPTIONAL [2017-07-13T07:57:50,213][INFO ][c.f.s.s.u.SSLCertificateHelper] No alias given, use the firs one: node-0 [2017-07-13T07:57:50,213][WARN ][c.f.s.s.u.SSLCertificateHelper] Certificate chain for alias node-0 contains a root certificate [2017-07-13T07:57:50,218][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] AES-256 not supported, max key length for AES is 128 bit.. That is not an issue, it just limits possible encryption strength. To enable AES 256 install 'Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files' [2017-07-13T07:57:50,218][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] sslTransportClientProvider:JDK with ciphers [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256] [2017-07-13T07:57:50,218][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] sslTransportServerProvider:JDK with ciphers [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256] [2017-07-13T07:57:50,218][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] sslHTTPProvider:JDK with ciphers [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256] [2017-07-13T07:57:50,219][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] sslTransport protocols [TLSv1.2, TLSv1.1] [2017-07-13T07:57:50,219][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] sslHTTP protocols [TLSv1.2, TLSv1.1] [2017-07-13T07:57:50,223][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [aggs-matrix-stats] [2017-07-13T07:57:50,223][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [ingest-common] [2017-07-13T07:57:50,223][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [lang-expression] [2017-07-13T07:57:50,223][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [lang-groovy] [2017-07-13T07:57:50,223][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [lang-mustache] [2017-07-13T07:57:50,223][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [lang-painless] [2017-07-13T07:57:50,223][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [parent-join] [2017-07-13T07:57:50,223][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [percolator] [2017-07-13T07:57:50,224][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [reindex] [2017-07-13T07:57:50,224][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [transport-netty3] [2017-07-13T07:57:50,224][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [transport-netty4] [2017-07-13T07:57:50,225][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded plugin [search-guard-5] [2017-07-13T07:57:51,907][DEBUG][o.e.a.ActionModule ] Using REST wrapper from plugin com.floragunn.searchguard.SearchGuardPlugin [2017-07-13T07:57:51,940][INFO ][c.f.s.SearchGuardPlugin ] FLS/DLS valve not bound (noop) due to java.lang.ClassNotFoundException: com.floragunn.searchguard.configuration.DlsFlsValveImpl [2017-07-13T07:57:51,941][INFO ][c.f.s.SearchGuardPlugin ] Auditlog not available due to java.lang.ClassNotFoundException: com.floragunn.searchguard.auditlog.impl.AuditLogImpl [2017-07-13T07:57:51,942][INFO ][c.f.s.SearchGuardPlugin ] Privileges interceptor not bound (noop) due to java.lang.ClassNotFoundException: com.floragunn.searchguard.configuration.PrivilegesInterceptorImpl [2017-07-13T07:57:52,103][INFO ][o.e.d.DiscoveryModule ] [ec58ciD] using discovery type [zen] [2017-07-13T07:57:52,587][INFO ][o.e.n.Node ] initialized [2017-07-13T07:57:52,587][INFO ][o.e.n.Node ] [ec58ciD] starting ... [2017-07-13T07:57:52,706][INFO ][o.e.t.TransportService ] [ec58ciD] publish_address {10.0.0.4:9300}, bound_addresses {[::]:9300} [2017-07-13T07:57:52,718][INFO ][o.e.b.BootstrapChecks ] [ec58ciD] bound or publishing to a non-loopback or non-link-local address, enforcing bootstrap checks [2017-07-13T07:57:52,722][INFO ][c.f.s.c.IndexBaseConfigurationRepository] Check if searchguard index exists ... [2017-07-13T07:57:52,728][DEBUG][o.e.a.a.i.e.i.TransportIndicesExistsAction] [ec58ciD] no known master node, scheduling a retry [2017-07-13T07:57:55,800][INFO ][o.e.c.s.ClusterService ] [ec58ciD] new_master {ec58ciD}{ec58ciDFTFmlJKHRbDgq5A}{-ZO-m3i_TWuYaamHYDzC1Q}{10.0.0.4}{10.0.0.4:9300}, reason: zen-disco-elected-as-master ([0] nodes joined) [2017-07-13T07:57:55,864][INFO ][c.f.s.h.SearchGuardHttpServerTransport] [ec58ciD] publish_address {10.0.0.4:9200}, bound_addresses {[::]:9200} [2017-07-13T07:57:55,864][INFO ][o.e.n.Node ] [ec58ciD] started [2017-07-13T07:57:56,059][INFO ][o.e.g.GatewayService ] [ec58ciD] recovered [2] indices into cluster_state [2017-07-13T07:57:56,363][INFO ][o.e.c.r.a.AllocationService] [ec58ciD] Cluster health status changed from [RED] to [YELLOW] (reason: [shards started [[human_resources][1], [human_resources][2], [searchguard][0]] ...]). [2017-07-13T07:57:56,486][INFO ][c.f.s.c.IndexBaseConfigurationRepository] Node 'ec58ciD' initialized [2017-07-13T08:00:12,865][INFO ][o.e.n.Node ] [ec58ciD] stopping ... [2017-07-13T08:00:12,901][INFO ][o.e.n.Node ] [ec58ciD] stopped [2017-07-13T08:00:12,901][INFO ][o.e.n.Node ] [ec58ciD] closing ... [2017-07-13T08:00:12,909][INFO ][o.e.n.Node ] [ec58ciD] closed [2017-07-13T08:00:14,424][INFO ][o.e.n.Node ] [] initializing ... [2017-07-13T08:00:14,510][INFO ][o.e.e.NodeEnvironment ] [ec58ciD] using [1] data paths, mounts [[/ (/dev/sda1)]], net usable_space [25.7gb], net total_space [29.4gb], spins? [possibly], types [ext4] [2017-07-13T08:00:14,511][INFO ][o.e.e.NodeEnvironment ] [ec58ciD] heap size [1.9gb], compressed ordinary object pointers [true] [2017-07-13T08:00:14,530][INFO ][o.e.n.Node ] node name [ec58ciD] derived from node ID [ec58ciDFTFmlJKHRbDgq5A]; set [node.name] to override [2017-07-13T08:00:14,531][INFO ][o.e.n.Node ] version[5.5.0], pid[55958], build[260387d/2017-06-30T23:16:05.735Z], OS[Linux/4.4.0-83-generic/amd64], JVM[Oracle Corporation/Java HotSpot(TM) 64-Bit Server VM/1.8.0_131/25.131-b11] [2017-07-13T08:00:14,531][INFO ][o.e.n.Node ] JVM arguments [-Xms2g, -Xmx2g, -XX:+UseConcMarkSweepGC, -XX:CMSInitiatingOccupancyFraction=75, -XX:+UseCMSInitiatingOccupancyOnly, -XX:+DisableExplicitGC, -XX:+AlwaysPreTouch, -Xss1m, -Djava.awt.headless=true, -Dfile.encoding=UTF-8, -Djna.nosys=true, -Djdk.io.permissionsUseCanonicalPath=true, -Dio.netty.noUnsafe=true, -Dio.netty.noKeySetOptimization=true, -Dio.netty.recycler.maxCapacityPerThread=0, -Dlog4j.shutdownHookEnabled=false, -Dlog4j2.disable.jmx=true, -Dlog4j.skipJansi=true, -XX:+HeapDumpOnOutOfMemoryError, -Des.path.home=/usr/share/elasticsearch] [2017-07-13T08:00:15,465][INFO ][c.f.s.SearchGuardPlugin ] Clustername: searchguard_demo [2017-07-13T08:00:15,466][WARN ][c.f.s.SearchGuardPlugin ] ### LICENSE NOTICE Search Guard ### If you use one or more of the following features in production make sure you have a valid Search Guard license (See https://floragunn.com/searchguard-validate-license) * Kibana Multitenancy * LDAP authentication/authorization * Active Directory authentication/authorization * REST Management API * JSON Web Token (JWT) authentication/authorization * Kerberos authentication/authorization * Document- and Fieldlevel Security (DLS/FLS) * Auditlogging In case of any doubt mail to ################################### [2017-07-13T08:00:15,498][INFO ][c.f.s.SearchGuardPlugin ] Node [ec58ciD] is a transportClient: false/tribeNode: false/tribeNodeClient: false [2017-07-13T08:00:15,499][INFO ][c.f.s.SearchGuardPlugin ] FLS/DLS module not available [2017-07-13T08:00:15,510][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] Open SSL not available (this is not an error, we simply fallback to built-in JDK SSL) because of java.lang.ClassNotFoundException: io.netty.internal.tcnative.SSL [2017-07-13T08:00:15,510][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.version: 1.8.0_131 [2017-07-13T08:00:15,510][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.vendor: Oracle Corporation [2017-07-13T08:00:15,511][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.vm.specification.version: 1.8 [2017-07-13T08:00:15,511][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.vm.specification.vendor: Oracle Corporation [2017-07-13T08:00:15,511][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.vm.specification.name: Java Virtual Machine Specification [2017-07-13T08:00:15,511][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.vm.name: Java HotSpot(TM) 64-Bit Server VM [2017-07-13T08:00:15,511][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.vm.vendor: Oracle Corporation [2017-07-13T08:00:15,511][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.specification.version: 1.8 [2017-07-13T08:00:15,511][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.specification.vendor: Oracle Corporation [2017-07-13T08:00:15,511][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.specification.name: Java Platform API Specification [2017-07-13T08:00:15,512][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] os.name: Linux [2017-07-13T08:00:15,512][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] os.arch: amd64 [2017-07-13T08:00:15,512][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] os.version: 4.4.0-83-generic [2017-07-13T08:00:15,688][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] JVM supports the following 57 ciphers for https [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV, TLS_DH_anon_WITH_AES_128_GCM_SHA256, TLS_DH_anon_WITH_AES_128_CBC_SHA256, TLS_ECDH_anon_WITH_AES_128_CBC_SHA, TLS_DH_anon_WITH_AES_128_CBC_SHA, TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA, SSL_DH_anon_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_DH_anon_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA, TLS_RSA_WITH_NULL_SHA256, TLS_ECDHE_ECDSA_WITH_NULL_SHA, TLS_ECDHE_RSA_WITH_NULL_SHA, SSL_RSA_WITH_NULL_SHA, TLS_ECDH_ECDSA_WITH_NULL_SHA, TLS_ECDH_RSA_WITH_NULL_SHA, TLS_ECDH_anon_WITH_NULL_SHA, SSL_RSA_WITH_NULL_MD5, TLS_KRB5_WITH_3DES_EDE_CBC_SHA, TLS_KRB5_WITH_3DES_EDE_CBC_MD5, TLS_KRB5_WITH_DES_CBC_SHA, TLS_KRB5_WITH_DES_CBC_MD5, TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA, TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5] [2017-07-13T08:00:15,691][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] JVM supports the following 57 ciphers for transport [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV, TLS_DH_anon_WITH_AES_128_GCM_SHA256, TLS_DH_anon_WITH_AES_128_CBC_SHA256, TLS_ECDH_anon_WITH_AES_128_CBC_SHA, TLS_DH_anon_WITH_AES_128_CBC_SHA, TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA, SSL_DH_anon_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_DH_anon_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA, TLS_RSA_WITH_NULL_SHA256, TLS_ECDHE_ECDSA_WITH_NULL_SHA, TLS_ECDHE_RSA_WITH_NULL_SHA, SSL_RSA_WITH_NULL_SHA, TLS_ECDH_ECDSA_WITH_NULL_SHA, TLS_ECDH_RSA_WITH_NULL_SHA, TLS_ECDH_anon_WITH_NULL_SHA, SSL_RSA_WITH_NULL_MD5, TLS_KRB5_WITH_3DES_EDE_CBC_SHA, TLS_KRB5_WITH_3DES_EDE_CBC_MD5, TLS_KRB5_WITH_DES_CBC_SHA, TLS_KRB5_WITH_DES_CBC_MD5, TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA, TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5] [2017-07-13T08:00:15,693][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] Config directory is /etc/elasticsearch/, from there the key- and truststore files are resolved relatively [2017-07-13T08:00:15,696][INFO ][c.f.s.s.u.SSLCertificateHelper] No alias given, use the firs one: node-0 [2017-07-13T08:00:15,697][WARN ][c.f.s.s.u.SSLCertificateHelper] Certificate chain for alias node-0 contains a root certificate [2017-07-13T08:00:15,715][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] HTTPS client auth mode OPTIONAL [2017-07-13T08:00:15,715][INFO ][c.f.s.s.u.SSLCertificateHelper] No alias given, use the firs one: node-0 [2017-07-13T08:00:15,716][WARN ][c.f.s.s.u.SSLCertificateHelper] Certificate chain for alias node-0 contains a root certificate [2017-07-13T08:00:15,720][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] AES-256 not supported, max key length for AES is 128 bit.. That is not an issue, it just limits possible encryption strength. To enable AES 256 install 'Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files' [2017-07-13T08:00:15,720][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] sslTransportClientProvider:JDK with ciphers [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256] [2017-07-13T08:00:15,720][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] sslTransportServerProvider:JDK with ciphers [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256] [2017-07-13T08:00:15,721][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] sslHTTPProvider:JDK with ciphers [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256] [2017-07-13T08:00:15,721][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] sslTransport protocols [TLSv1.2, TLSv1.1] [2017-07-13T08:00:15,721][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] sslHTTP protocols [TLSv1.2, TLSv1.1] [2017-07-13T08:00:15,723][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [aggs-matrix-stats] [2017-07-13T08:00:15,723][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [ingest-common] [2017-07-13T08:00:15,723][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [lang-expression] [2017-07-13T08:00:15,724][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [lang-groovy] [2017-07-13T08:00:15,724][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [lang-mustache] [2017-07-13T08:00:15,724][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [lang-painless] [2017-07-13T08:00:15,724][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [parent-join] [2017-07-13T08:00:15,724][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [percolator] [2017-07-13T08:00:15,724][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [reindex] [2017-07-13T08:00:15,724][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [transport-netty3] [2017-07-13T08:00:15,724][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [transport-netty4] [2017-07-13T08:00:15,725][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded plugin [search-guard-5] [2017-07-13T08:00:17,339][DEBUG][o.e.a.ActionModule ] Using REST wrapper from plugin com.floragunn.searchguard.SearchGuardPlugin [2017-07-13T08:00:17,372][INFO ][c.f.s.SearchGuardPlugin ] FLS/DLS valve not bound (noop) due to java.lang.ClassNotFoundException: com.floragunn.searchguard.configuration.DlsFlsValveImpl [2017-07-13T08:00:17,372][INFO ][c.f.s.SearchGuardPlugin ] Auditlog not available due to java.lang.ClassNotFoundException: com.floragunn.searchguard.auditlog.impl.AuditLogImpl [2017-07-13T08:00:17,374][INFO ][c.f.s.SearchGuardPlugin ] Privileges interceptor not bound (noop) due to java.lang.ClassNotFoundException: com.floragunn.searchguard.configuration.PrivilegesInterceptorImpl [2017-07-13T08:00:17,540][INFO ][o.e.d.DiscoveryModule ] [ec58ciD] using discovery type [zen] [2017-07-13T08:00:18,123][INFO ][o.e.n.Node ] initialized [2017-07-13T08:00:18,124][INFO ][o.e.n.Node ] [ec58ciD] starting ... [2017-07-13T08:00:18,244][INFO ][o.e.t.TransportService ] [ec58ciD] publish_address {10.0.0.4:9300}, bound_addresses {[::]:9300} [2017-07-13T08:00:18,256][INFO ][o.e.b.BootstrapChecks ] [ec58ciD] bound or publishing to a non-loopback or non-link-local address, enforcing bootstrap checks [2017-07-13T08:00:18,265][INFO ][c.f.s.c.IndexBaseConfigurationRepository] Check if searchguard index exists ... [2017-07-13T08:00:18,270][DEBUG][o.e.a.a.i.e.i.TransportIndicesExistsAction] [ec58ciD] no known master node, scheduling a retry [2017-07-13T08:00:21,344][INFO ][o.e.c.s.ClusterService ] [ec58ciD] new_master {ec58ciD}{ec58ciDFTFmlJKHRbDgq5A}{i9A15zRhQWaq5rM74iBBgA}{10.0.0.4}{10.0.0.4:9300}, reason: zen-disco-elected-as-master ([0] nodes joined) [2017-07-13T08:00:21,379][INFO ][c.f.s.h.SearchGuardHttpServerTransport] [ec58ciD] publish_address {10.0.0.4:9200}, bound_addresses {[::]:9200} [2017-07-13T08:00:21,379][INFO ][o.e.n.Node ] [ec58ciD] started [2017-07-13T08:00:21,575][INFO ][o.e.g.GatewayService ] [ec58ciD] recovered [2] indices into cluster_state [2017-07-13T08:00:21,861][INFO ][o.e.c.r.a.AllocationService] [ec58ciD] Cluster health status changed from [RED] to [YELLOW] (reason: [shards started [[human_resources][2], [searchguard][0]] ...]). [2017-07-13T08:00:21,949][INFO ][c.f.s.c.IndexBaseConfigurationRepository] Node 'ec58ciD' initialized [2017-07-13T08:26:43,039][INFO ][o.e.n.Node ] [ec58ciD] stopping ... [2017-07-13T08:26:43,080][INFO ][o.e.n.Node ] [ec58ciD] stopped [2017-07-13T08:26:43,080][INFO ][o.e.n.Node ] [ec58ciD] closing ... [2017-07-13T08:26:43,087][INFO ][o.e.n.Node ] [ec58ciD] closed [2017-07-13T08:26:44,695][INFO ][o.e.n.Node ] [] initializing ... [2017-07-13T08:26:44,790][INFO ][o.e.e.NodeEnvironment ] [ec58ciD] using [1] data paths, mounts [[/ (/dev/sda1)]], net usable_space [25.7gb], net total_space [29.4gb], spins? [possibly], types [ext4] [2017-07-13T08:26:44,791][INFO ][o.e.e.NodeEnvironment ] [ec58ciD] heap size [1.9gb], compressed ordinary object pointers [true] [2017-07-13T08:26:44,805][INFO ][o.e.n.Node ] node name [ec58ciD] derived from node ID [ec58ciDFTFmlJKHRbDgq5A]; set [node.name] to override [2017-07-13T08:26:44,806][INFO ][o.e.n.Node ] version[5.5.0], pid[56697], build[260387d/2017-06-30T23:16:05.735Z], OS[Linux/4.4.0-83-generic/amd64], JVM[Oracle Corporation/Java HotSpot(TM) 64-Bit Server VM/1.8.0_131/25.131-b11] [2017-07-13T08:26:44,806][INFO ][o.e.n.Node ] JVM arguments [-Xms2g, -Xmx2g, -XX:+UseConcMarkSweepGC, -XX:CMSInitiatingOccupancyFraction=75, -XX:+UseCMSInitiatingOccupancyOnly, -XX:+DisableExplicitGC, -XX:+AlwaysPreTouch, -Xss1m, -Djava.awt.headless=true, -Dfile.encoding=UTF-8, -Djna.nosys=true, -Djdk.io.permissionsUseCanonicalPath=true, -Dio.netty.noUnsafe=true, -Dio.netty.noKeySetOptimization=true, -Dio.netty.recycler.maxCapacityPerThread=0, -Dlog4j.shutdownHookEnabled=false, -Dlog4j2.disable.jmx=true, -Dlog4j.skipJansi=true, -XX:+HeapDumpOnOutOfMemoryError, -Des.path.home=/usr/share/elasticsearch] [2017-07-13T08:26:45,706][INFO ][c.f.s.SearchGuardPlugin ] Clustername: searchguard_demo [2017-07-13T08:26:45,707][WARN ][c.f.s.SearchGuardPlugin ] ### LICENSE NOTICE Search Guard ### If you use one or more of the following features in production make sure you have a valid Search Guard license (See https://floragunn.com/searchguard-validate-license) * Kibana Multitenancy * LDAP authentication/authorization * Active Directory authentication/authorization * REST Management API * JSON Web Token (JWT) authentication/authorization * Kerberos authentication/authorization * Document- and Fieldlevel Security (DLS/FLS) * Auditlogging In case of any doubt mail to ################################### [2017-07-13T08:26:45,741][INFO ][c.f.s.SearchGuardPlugin ] Node [ec58ciD] is a transportClient: false/tribeNode: false/tribeNodeClient: false [2017-07-13T08:26:45,742][INFO ][c.f.s.SearchGuardPlugin ] FLS/DLS module not available [2017-07-13T08:26:45,752][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] Open SSL not available (this is not an error, we simply fallback to built-in JDK SSL) because of java.lang.ClassNotFoundException: io.netty.internal.tcnative.SSL [2017-07-13T08:26:45,752][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.version: 1.8.0_131 [2017-07-13T08:26:45,752][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.vendor: Oracle Corporation [2017-07-13T08:26:45,752][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.vm.specification.version: 1.8 [2017-07-13T08:26:45,752][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.vm.specification.vendor: Oracle Corporation [2017-07-13T08:26:45,753][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.vm.specification.name: Java Virtual Machine Specification [2017-07-13T08:26:45,753][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.vm.name: Java HotSpot(TM) 64-Bit Server VM [2017-07-13T08:26:45,753][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.vm.vendor: Oracle Corporation [2017-07-13T08:26:45,753][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.specification.version: 1.8 [2017-07-13T08:26:45,753][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.specification.vendor: Oracle Corporation [2017-07-13T08:26:45,753][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.specification.name: Java Platform API Specification [2017-07-13T08:26:45,753][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] os.name: Linux [2017-07-13T08:26:45,754][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] os.arch: amd64 [2017-07-13T08:26:45,754][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] os.version: 4.4.0-83-generic [2017-07-13T08:26:45,976][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] JVM supports the following 57 ciphers for https [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV, TLS_DH_anon_WITH_AES_128_GCM_SHA256, TLS_DH_anon_WITH_AES_128_CBC_SHA256, TLS_ECDH_anon_WITH_AES_128_CBC_SHA, TLS_DH_anon_WITH_AES_128_CBC_SHA, TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA, SSL_DH_anon_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_DH_anon_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA, TLS_RSA_WITH_NULL_SHA256, TLS_ECDHE_ECDSA_WITH_NULL_SHA, TLS_ECDHE_RSA_WITH_NULL_SHA, SSL_RSA_WITH_NULL_SHA, TLS_ECDH_ECDSA_WITH_NULL_SHA, TLS_ECDH_RSA_WITH_NULL_SHA, TLS_ECDH_anon_WITH_NULL_SHA, SSL_RSA_WITH_NULL_MD5, TLS_KRB5_WITH_3DES_EDE_CBC_SHA, TLS_KRB5_WITH_3DES_EDE_CBC_MD5, TLS_KRB5_WITH_DES_CBC_SHA, TLS_KRB5_WITH_DES_CBC_MD5, TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA, TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5] [2017-07-13T08:26:45,983][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] JVM supports the following 57 ciphers for transport [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV, TLS_DH_anon_WITH_AES_128_GCM_SHA256, TLS_DH_anon_WITH_AES_128_CBC_SHA256, TLS_ECDH_anon_WITH_AES_128_CBC_SHA, TLS_DH_anon_WITH_AES_128_CBC_SHA, TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA, SSL_DH_anon_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_DH_anon_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA, TLS_RSA_WITH_NULL_SHA256, TLS_ECDHE_ECDSA_WITH_NULL_SHA, TLS_ECDHE_RSA_WITH_NULL_SHA, SSL_RSA_WITH_NULL_SHA, TLS_ECDH_ECDSA_WITH_NULL_SHA, TLS_ECDH_RSA_WITH_NULL_SHA, TLS_ECDH_anon_WITH_NULL_SHA, SSL_RSA_WITH_NULL_MD5, TLS_KRB5_WITH_3DES_EDE_CBC_SHA, TLS_KRB5_WITH_3DES_EDE_CBC_MD5, TLS_KRB5_WITH_DES_CBC_SHA, TLS_KRB5_WITH_DES_CBC_MD5, TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA, TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5] [2017-07-13T08:26:45,989][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] Config directory is /etc/elasticsearch/, from there the key- and truststore files are resolved relatively [2017-07-13T08:26:45,995][INFO ][c.f.s.s.u.SSLCertificateHelper] No alias given, use the firs one: node-0 [2017-07-13T08:26:45,996][WARN ][c.f.s.s.u.SSLCertificateHelper] Certificate chain for alias node-0 contains a root certificate [2017-07-13T08:26:46,019][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] HTTPS client auth mode OPTIONAL [2017-07-13T08:26:46,020][INFO ][c.f.s.s.u.SSLCertificateHelper] No alias given, use the firs one: node-0 [2017-07-13T08:26:46,020][WARN ][c.f.s.s.u.SSLCertificateHelper] Certificate chain for alias node-0 contains a root certificate [2017-07-13T08:26:46,024][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] AES-256 not supported, max key length for AES is 128 bit.. That is not an issue, it just limits possible encryption strength. To enable AES 256 install 'Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files' [2017-07-13T08:26:46,024][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] sslTransportClientProvider:JDK with ciphers [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256] [2017-07-13T08:26:46,025][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] sslTransportServerProvider:JDK with ciphers [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256] [2017-07-13T08:26:46,025][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] sslHTTPProvider:JDK with ciphers [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256] [2017-07-13T08:26:46,025][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] sslTransport protocols [TLSv1.2, TLSv1.1] [2017-07-13T08:26:46,025][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] sslHTTP protocols [TLSv1.2, TLSv1.1] [2017-07-13T08:26:46,029][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [aggs-matrix-stats] [2017-07-13T08:26:46,030][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [ingest-common] [2017-07-13T08:26:46,030][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [lang-expression] [2017-07-13T08:26:46,030][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [lang-groovy] [2017-07-13T08:26:46,030][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [lang-mustache] [2017-07-13T08:26:46,030][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [lang-painless] [2017-07-13T08:26:46,030][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [parent-join] [2017-07-13T08:26:46,030][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [percolator] [2017-07-13T08:26:46,031][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [reindex] [2017-07-13T08:26:46,031][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [transport-netty3] [2017-07-13T08:26:46,031][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [transport-netty4] [2017-07-13T08:26:46,032][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded plugin [search-guard-5] [2017-07-13T08:26:47,781][DEBUG][o.e.a.ActionModule ] Using REST wrapper from plugin com.floragunn.searchguard.SearchGuardPlugin [2017-07-13T08:26:47,837][INFO ][c.f.s.SearchGuardPlugin ] FLS/DLS valve not bound (noop) due to java.lang.ClassNotFoundException: com.floragunn.searchguard.configuration.DlsFlsValveImpl [2017-07-13T08:26:47,838][INFO ][c.f.s.SearchGuardPlugin ] Auditlog not available due to java.lang.ClassNotFoundException: com.floragunn.searchguard.auditlog.impl.AuditLogImpl [2017-07-13T08:26:47,839][INFO ][c.f.s.SearchGuardPlugin ] Privileges interceptor not bound (noop) due to java.lang.ClassNotFoundException: com.floragunn.searchguard.configuration.PrivilegesInterceptorImpl [2017-07-13T08:26:47,987][INFO ][o.e.d.DiscoveryModule ] [ec58ciD] using discovery type [zen] [2017-07-13T08:26:48,511][INFO ][o.e.n.Node ] initialized [2017-07-13T08:26:48,512][INFO ][o.e.n.Node ] [ec58ciD] starting ... [2017-07-13T08:26:48,642][INFO ][o.e.t.TransportService ] [ec58ciD] publish_address {10.0.0.4:9300}, bound_addresses {[::]:9300} [2017-07-13T08:26:48,651][INFO ][o.e.b.BootstrapChecks ] [ec58ciD] bound or publishing to a non-loopback or non-link-local address, enforcing bootstrap checks [2017-07-13T08:26:48,656][INFO ][c.f.s.c.IndexBaseConfigurationRepository] Check if searchguard index exists ... [2017-07-13T08:26:48,662][DEBUG][o.e.a.a.i.e.i.TransportIndicesExistsAction] [ec58ciD] no known master node, scheduling a retry [2017-07-13T08:26:51,708][INFO ][o.e.c.s.ClusterService ] [ec58ciD] new_master {ec58ciD}{ec58ciDFTFmlJKHRbDgq5A}{_u0qcYdcSSWIc41926HDiw}{10.0.0.4}{10.0.0.4:9300}, reason: zen-disco-elected-as-master ([0] nodes joined) [2017-07-13T08:26:51,730][INFO ][c.f.s.h.SearchGuardHttpServerTransport] [ec58ciD] publish_address {10.0.0.4:9200}, bound_addresses {[::]:9200} [2017-07-13T08:26:51,730][INFO ][o.e.n.Node ] [ec58ciD] started [2017-07-13T08:26:51,930][INFO ][o.e.g.GatewayService ] [ec58ciD] recovered [2] indices into cluster_state [2017-07-13T08:26:52,206][INFO ][o.e.c.r.a.AllocationService] [ec58ciD] Cluster health status changed from [RED] to [YELLOW] (reason: [shards started [[human_resources][0], [human_resources][2], [searchguard][0]] ...]). [2017-07-13T08:26:52,296][INFO ][c.f.s.c.IndexBaseConfigurationRepository] Node 'ec58ciD' initialized [2017-07-13T08:42:38,020][INFO ][o.e.n.Node ] [ec58ciD] stopping ... [2017-07-13T08:42:38,049][INFO ][o.e.n.Node ] [ec58ciD] stopped [2017-07-13T08:42:38,049][INFO ][o.e.n.Node ] [ec58ciD] closing ... [2017-07-13T08:42:38,057][INFO ][o.e.n.Node ] [ec58ciD] closed [2017-07-13T08:42:39,651][INFO ][o.e.n.Node ] [] initializing ... [2017-07-13T08:42:39,753][INFO ][o.e.e.NodeEnvironment ] [ec58ciD] using [1] data paths, mounts [[/ (/dev/sda1)]], net usable_space [25.7gb], net total_space [29.4gb], spins? [possibly], types [ext4] [2017-07-13T08:42:39,754][INFO ][o.e.e.NodeEnvironment ] [ec58ciD] heap size [1.9gb], compressed ordinary object pointers [true] [2017-07-13T08:42:39,770][INFO ][o.e.n.Node ] node name [ec58ciD] derived from node ID [ec58ciDFTFmlJKHRbDgq5A]; set [node.name] to override [2017-07-13T08:42:39,773][INFO ][o.e.n.Node ] version[5.5.0], pid[57222], build[260387d/2017-06-30T23:16:05.735Z], OS[Linux/4.4.0-83-generic/amd64], JVM[Oracle Corporation/Java HotSpot(TM) 64-Bit Server VM/1.8.0_131/25.131-b11] [2017-07-13T08:42:39,773][INFO ][o.e.n.Node ] JVM arguments [-Xms2g, -Xmx2g, -XX:+UseConcMarkSweepGC, -XX:CMSInitiatingOccupancyFraction=75, -XX:+UseCMSInitiatingOccupancyOnly, -XX:+DisableExplicitGC, -XX:+AlwaysPreTouch, -Xss1m, -Djava.awt.headless=true, -Dfile.encoding=UTF-8, -Djna.nosys=true, -Djdk.io.permissionsUseCanonicalPath=true, -Dio.netty.noUnsafe=true, -Dio.netty.noKeySetOptimization=true, -Dio.netty.recycler.maxCapacityPerThread=0, -Dlog4j.shutdownHookEnabled=false, -Dlog4j2.disable.jmx=true, -Dlog4j.skipJansi=true, -XX:+HeapDumpOnOutOfMemoryError, -Des.path.home=/usr/share/elasticsearch] [2017-07-13T08:42:40,635][INFO ][c.f.s.SearchGuardPlugin ] Clustername: searchguard_demo [2017-07-13T08:42:40,636][WARN ][c.f.s.SearchGuardPlugin ] ### LICENSE NOTICE Search Guard ### If you use one or more of the following features in production make sure you have a valid Search Guard license (See https://floragunn.com/searchguard-validate-license) * Kibana Multitenancy * LDAP authentication/authorization * Active Directory authentication/authorization * REST Management API * JSON Web Token (JWT) authentication/authorization * Kerberos authentication/authorization * Document- and Fieldlevel Security (DLS/FLS) * Auditlogging In case of any doubt mail to ################################### [2017-07-13T08:42:40,665][INFO ][c.f.s.SearchGuardPlugin ] Node [ec58ciD] is a transportClient: false/tribeNode: false/tribeNodeClient: false [2017-07-13T08:42:40,666][INFO ][c.f.s.SearchGuardPlugin ] FLS/DLS module not available [2017-07-13T08:42:40,676][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] Open SSL not available (this is not an error, we simply fallback to built-in JDK SSL) because of java.lang.ClassNotFoundException: io.netty.internal.tcnative.SSL [2017-07-13T08:42:40,676][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.version: 1.8.0_131 [2017-07-13T08:42:40,677][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.vendor: Oracle Corporation [2017-07-13T08:42:40,677][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.vm.specification.version: 1.8 [2017-07-13T08:42:40,677][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.vm.specification.vendor: Oracle Corporation [2017-07-13T08:42:40,677][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.vm.specification.name: Java Virtual Machine Specification [2017-07-13T08:42:40,677][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.vm.name: Java HotSpot(TM) 64-Bit Server VM [2017-07-13T08:42:40,677][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.vm.vendor: Oracle Corporation [2017-07-13T08:42:40,677][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.specification.version: 1.8 [2017-07-13T08:42:40,677][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.specification.vendor: Oracle Corporation [2017-07-13T08:42:40,678][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] java.specification.name: Java Platform API Specification [2017-07-13T08:42:40,678][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] os.name: Linux [2017-07-13T08:42:40,678][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] os.arch: amd64 [2017-07-13T08:42:40,678][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] os.version: 4.4.0-83-generic [2017-07-13T08:42:40,821][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] JVM supports the following 57 ciphers for https [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV, TLS_DH_anon_WITH_AES_128_GCM_SHA256, TLS_DH_anon_WITH_AES_128_CBC_SHA256, TLS_ECDH_anon_WITH_AES_128_CBC_SHA, TLS_DH_anon_WITH_AES_128_CBC_SHA, TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA, SSL_DH_anon_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_DH_anon_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA, TLS_RSA_WITH_NULL_SHA256, TLS_ECDHE_ECDSA_WITH_NULL_SHA, TLS_ECDHE_RSA_WITH_NULL_SHA, SSL_RSA_WITH_NULL_SHA, TLS_ECDH_ECDSA_WITH_NULL_SHA, TLS_ECDH_RSA_WITH_NULL_SHA, TLS_ECDH_anon_WITH_NULL_SHA, SSL_RSA_WITH_NULL_MD5, TLS_KRB5_WITH_3DES_EDE_CBC_SHA, TLS_KRB5_WITH_3DES_EDE_CBC_MD5, TLS_KRB5_WITH_DES_CBC_SHA, TLS_KRB5_WITH_DES_CBC_MD5, TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA, TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5] [2017-07-13T08:42:40,824][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] JVM supports the following 57 ciphers for transport [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV, TLS_DH_anon_WITH_AES_128_GCM_SHA256, TLS_DH_anon_WITH_AES_128_CBC_SHA256, TLS_ECDH_anon_WITH_AES_128_CBC_SHA, TLS_DH_anon_WITH_AES_128_CBC_SHA, TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA, SSL_DH_anon_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_DH_anon_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA, TLS_RSA_WITH_NULL_SHA256, TLS_ECDHE_ECDSA_WITH_NULL_SHA, TLS_ECDHE_RSA_WITH_NULL_SHA, SSL_RSA_WITH_NULL_SHA, TLS_ECDH_ECDSA_WITH_NULL_SHA, TLS_ECDH_RSA_WITH_NULL_SHA, TLS_ECDH_anon_WITH_NULL_SHA, SSL_RSA_WITH_NULL_MD5, TLS_KRB5_WITH_3DES_EDE_CBC_SHA, TLS_KRB5_WITH_3DES_EDE_CBC_MD5, TLS_KRB5_WITH_DES_CBC_SHA, TLS_KRB5_WITH_DES_CBC_MD5, TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA, TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5] [2017-07-13T08:42:40,825][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] Config directory is /etc/elasticsearch/, from there the key- and truststore files are resolved relatively [2017-07-13T08:42:40,829][INFO ][c.f.s.s.u.SSLCertificateHelper] No alias given, use the firs one: node-0 [2017-07-13T08:42:40,829][WARN ][c.f.s.s.u.SSLCertificateHelper] Certificate chain for alias node-0 contains a root certificate [2017-07-13T08:42:40,858][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] HTTPS client auth mode OPTIONAL [2017-07-13T08:42:40,859][INFO ][c.f.s.s.u.SSLCertificateHelper] No alias given, use the firs one: node-0 [2017-07-13T08:42:40,860][WARN ][c.f.s.s.u.SSLCertificateHelper] Certificate chain for alias node-0 contains a root certificate [2017-07-13T08:42:40,867][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] AES-256 not supported, max key length for AES is 128 bit.. That is not an issue, it just limits possible encryption strength. To enable AES 256 install 'Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files' [2017-07-13T08:42:40,867][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] sslTransportClientProvider:JDK with ciphers [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256] [2017-07-13T08:42:40,867][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] sslTransportServerProvider:JDK with ciphers [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256] [2017-07-13T08:42:40,867][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] sslHTTPProvider:JDK with ciphers [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256] [2017-07-13T08:42:40,867][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] sslTransport protocols [TLSv1.2, TLSv1.1] [2017-07-13T08:42:40,868][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] sslHTTP protocols [TLSv1.2, TLSv1.1] [2017-07-13T08:42:40,870][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [aggs-matrix-stats] [2017-07-13T08:42:40,870][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [ingest-common] [2017-07-13T08:42:40,871][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [lang-expression] [2017-07-13T08:42:40,871][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [lang-groovy] [2017-07-13T08:42:40,871][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [lang-mustache] [2017-07-13T08:42:40,871][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [lang-painless] [2017-07-13T08:42:40,871][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [parent-join] [2017-07-13T08:42:40,871][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [percolator] [2017-07-13T08:42:40,872][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [reindex] [2017-07-13T08:42:40,872][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [transport-netty3] [2017-07-13T08:42:40,872][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded module [transport-netty4] [2017-07-13T08:42:40,873][INFO ][o.e.p.PluginsService ] [ec58ciD] loaded plugin [search-guard-5] [2017-07-13T08:42:42,545][DEBUG][o.e.a.ActionModule ] Using REST wrapper from plugin com.floragunn.searchguard.SearchGuardPlugin [2017-07-13T08:42:42,582][INFO ][c.f.s.SearchGuardPlugin ] FLS/DLS valve not bound (noop) due to java.lang.ClassNotFoundException: com.floragunn.searchguard.configuration.DlsFlsValveImpl [2017-07-13T08:42:42,582][INFO ][c.f.s.SearchGuardPlugin ] Auditlog not available due to java.lang.ClassNotFoundException: com.floragunn.searchguard.auditlog.impl.AuditLogImpl [2017-07-13T08:42:42,584][INFO ][c.f.s.SearchGuardPlugin ] Privileges interceptor not bound (noop) due to java.lang.ClassNotFoundException: com.floragunn.searchguard.configuration.PrivilegesInterceptorImpl [2017-07-13T08:42:42,726][INFO ][o.e.d.DiscoveryModule ] [ec58ciD] using discovery type [zen] [2017-07-13T08:42:43,228][INFO ][o.e.n.Node ] initialized [2017-07-13T08:42:43,228][INFO ][o.e.n.Node ] [ec58ciD] starting ... [2017-07-13T08:42:43,348][INFO ][o.e.t.TransportService ] [ec58ciD] publish_address {10.0.0.4:9300}, bound_addresses {[::]:9300} [2017-07-13T08:42:43,357][INFO ][o.e.b.BootstrapChecks ] [ec58ciD] bound or publishing to a non-loopback or non-link-local address, enforcing bootstrap checks [2017-07-13T08:42:43,362][INFO ][c.f.s.c.IndexBaseConfigurationRepository] Check if searchguard index exists ... [2017-07-13T08:42:43,367][DEBUG][o.e.a.a.i.e.i.TransportIndicesExistsAction] [ec58ciD] no known master node, scheduling a retry [2017-07-13T08:42:46,420][INFO ][o.e.c.s.ClusterService ] [ec58ciD] new_master {ec58ciD}{ec58ciDFTFmlJKHRbDgq5A}{UzCIlIIbQUq2zC3DMZWJ5g}{10.0.0.4}{10.0.0.4:9300}, reason: zen-disco-elected-as-master ([0] nodes joined) [2017-07-13T08:42:46,446][INFO ][c.f.s.h.SearchGuardHttpServerTransport] [ec58ciD] publish_address {10.0.0.4:9200}, bound_addresses {[::]:9200} [2017-07-13T08:42:46,446][INFO ][o.e.n.Node ] [ec58ciD] started [2017-07-13T08:42:46,639][INFO ][o.e.g.GatewayService ] [ec58ciD] recovered [2] indices into cluster_state [2017-07-13T08:42:46,909][INFO ][o.e.c.r.a.AllocationService] [ec58ciD] Cluster health status changed from [RED] to [YELLOW] (reason: [shards started [[human_resources][0], [human_resources][2], [searchguard][0]] ...]). [2017-07-13T08:42:47,001][INFO ][c.f.s.c.IndexBaseConfigurationRepository] Node 'ec58ciD' initialized