internal users not working
26 views
Skip to first unread message
Phani.N...@goktree.com
Dec 28, 2018, 7:27:27 AM12/28/18
to Search Guard Community Forum
When asking questions, please provide the following information:
* Search Guard and Elasticsearch version
ES- 6.5.2 ,search guard version - search-guard-6
* Installed and used enterprise modules, if any
No. disabled x-pack on the installation
* JVM version and operating system version
java version "1.8.0_191" , Ubuntu - 16
* Search Guard configuration files
* Search Guard configuration files
sg_internal_users.yml
phanis:
hash: $2y$12$S508kJSlMWygf4FQU92WB.ZVr5NCYKWTrIy77MeCOAMkKkFO1lQoK
roles:
- skbrole
hash: $2y$12$S508kJSlMWygf4FQU92WB.ZVr5NCYKWTrIy77MeCOAMkKkFO1lQoK
roles:
- skbrole
roles.yml
sg_roles.yml:
indices:
'<indexname>*':
'*':
- READ
indices:
'<indexname>*':
'*':
- READ
sg_roles_mapping.yml
sg_skbm:
backendroles:
- skbrole
backendroles:
- skbrole
* Elasticsearch log messages on debug level
[2018-12-28T12:20:49,223][INFO ][o.e.p.PluginsService ] [tK858lY] loaded module [x-pack-logstash]
[2018-12-28T12:20:49,223][INFO ][o.e.p.PluginsService ] [tK858lY] loaded module [x-pack-ml]
[2018-12-28T12:20:49,223][INFO ][o.e.p.PluginsService ] [tK858lY] loaded module [x-pack-monitoring]
[2018-12-28T12:20:49,223][INFO ][o.e.p.PluginsService ] [tK858lY] loaded module [x-pack-rollup]
[2018-12-28T12:20:49,224][INFO ][o.e.p.PluginsService ] [tK858lY] loaded module [x-pack-security]
[2018-12-28T12:20:49,224][INFO ][o.e.p.PluginsService ] [tK858lY] loaded module [x-pack-sql]
[2018-12-28T12:20:49,224][INFO ][o.e.p.PluginsService ] [tK858lY] loaded module [x-pack-upgrade]
[2018-12-28T12:20:49,224][INFO ][o.e.p.PluginsService ] [tK858lY] loaded module [x-pack-watcher]
[2018-12-28T12:20:49,224][INFO ][o.e.p.PluginsService ] [tK858lY] loaded plugin [search-guard-6]
[2018-12-28T12:20:49,248][INFO ][c.f.s.SearchGuardPlugin ] [tK858lY] Disabled https compression by default to mitigate BREACH attacks. You can enable it by setting 'http.compression: true' in elasticsearch.yml
[2018-12-28T12:20:53,203][INFO ][o.e.x.m.j.p.l.CppLogMessageHandler] [tK858lY] [controller/22196] [Main.cc@109] controller (64 bit): Version 6.5.2 (Build 767566e25172d6) Copyright (c) 2018 Elasticsearch BV
[2018-12-28T12:20:53,422][INFO ][c.f.s.a.i.AuditLogImpl ] [tK858lY] Configured categories on rest layer to ignore: [AUTHENTICATED, GRANTED_PRIVILEGES]
[2018-12-28T12:20:53,423][INFO ][c.f.s.a.i.AuditLogImpl ] [tK858lY] Configured categories on transport layer to ignore: [AUTHENTICATED, GRANTED_PRIVILEGES]
[2018-12-28T12:20:53,423][INFO ][c.f.s.a.i.AuditLogImpl ] [tK858lY] Configured Users to ignore: [kibanaserver]
[2018-12-28T12:20:53,423][INFO ][c.f.s.a.i.AuditLogImpl ] [tK858lY] Configured Users to ignore for read compliance events: [kibanaserver]
[2018-12-28T12:20:53,423][INFO ][c.f.s.a.i.AuditLogImpl ] [tK858lY] Configured Users to ignore for write compliance events: [kibanaserver]
[2018-12-28T12:20:53,429][INFO ][c.f.s.a.i.AuditLogImpl ] [tK858lY] Message routing enabled: true
[2018-12-28T12:20:53,432][WARN ][c.f.s.c.ComplianceConfig ] [tK858lY] If you plan to use field masking pls configure searchguard.compliance.salt to be a random string of 16 chars length identical on all nodes
[2018-12-28T12:20:53,432][INFO ][c.f.s.c.ComplianceConfig ] [tK858lY] PII configuration [auditLogPattern=org.joda.time.format.DateTimeFormatter@508f4bb5, auditLogIndex=null]: {}
[2018-12-28T12:20:53,673][DEBUG][o.e.a.ActionModule ] [tK858lY] Using REST wrapper from plugin com.floragunn.searchguard.SearchGuardPlugin
[2018-12-28T12:20:53,937][INFO ][o.e.d.DiscoveryModule ] [tK858lY] using discovery type [zen] and host providers [settings]
[2018-12-28T12:20:54,789][INFO ][o.e.n.Node ] [tK858lY] initialized
[2018-12-28T12:20:54,790][INFO ][o.e.n.Node ] [tK858lY] starting ...
[2018-12-28T12:20:54,899][INFO ][o.e.t.TransportService ] [tK858lY] publish_address {68.183.51.152:9300}, bound_addresses {68.183.51.152:9300}
[2018-12-28T12:20:54,967][INFO ][o.e.b.BootstrapChecks ] [tK858lY] bound or publishing to a non-loopback address, enforcing bootstrap checks
[2018-12-28T12:20:54,979][INFO ][c.f.s.c.IndexBaseConfigurationRepository] [tK858lY] Check if searchguard index exists ...
[2018-12-28T12:20:54,985][DEBUG][o.e.a.a.i.e.i.TransportIndicesExistsAction] [tK858lY] no known master node, scheduling a retry
[2018-12-28T12:21:01,634][INFO ][c.f.s.c.IndexBaseConfigurationRepository] [tK858lY] Search Guard License Info: SearchGuardLicense [uid=00000000-0000-0000-0000-000000000000, type=TRIAL, features=[COMPLIANCE], issueDate=2018-12-18, expiryDate=2019-02-16, issuedTo=The world, issuer=floragunn GmbH, startDate=2018-12-18, majorVersion=6, clusterName=*, allowedNodeCount=2147483647, msgs=[], expiresInDays=50, isExpired=false, valid=true, action=, prodUsage=Yes, one cluster with all commercial features and unlimited nodes per cluster., clusterService=org.elasticsearch.cluster.service.ClusterService@34e5839b, getMsgs()=[], getExpiresInDays()=50, isExpired()=false, isValid()=true, getAction()=, getProdUsage()=Yes, one cluster with all commercial features and unlimited nodes per cluster.]
[2018-12-28T12:21:01,635][INFO ][c.f.s.c.IndexBaseConfigurationRepository] [tK858lY] Search Guard License Type: TRIAL, valid
[2018-12-28T12:21:01,635][INFO ][c.f.s.c.IndexBaseConfigurationRepository] [tK858lY] Node 'tK858lY' initialized
[2018-12-28T12:20:49,223][INFO ][o.e.p.PluginsService ] [tK858lY] loaded module [x-pack-ml]
[2018-12-28T12:20:49,223][INFO ][o.e.p.PluginsService ] [tK858lY] loaded module [x-pack-monitoring]
[2018-12-28T12:20:49,223][INFO ][o.e.p.PluginsService ] [tK858lY] loaded module [x-pack-rollup]
[2018-12-28T12:20:49,224][INFO ][o.e.p.PluginsService ] [tK858lY] loaded module [x-pack-security]
[2018-12-28T12:20:49,224][INFO ][o.e.p.PluginsService ] [tK858lY] loaded module [x-pack-sql]
[2018-12-28T12:20:49,224][INFO ][o.e.p.PluginsService ] [tK858lY] loaded module [x-pack-upgrade]
[2018-12-28T12:20:49,224][INFO ][o.e.p.PluginsService ] [tK858lY] loaded module [x-pack-watcher]
[2018-12-28T12:20:49,224][INFO ][o.e.p.PluginsService ] [tK858lY] loaded plugin [search-guard-6]
[2018-12-28T12:20:49,248][INFO ][c.f.s.SearchGuardPlugin ] [tK858lY] Disabled https compression by default to mitigate BREACH attacks. You can enable it by setting 'http.compression: true' in elasticsearch.yml
[2018-12-28T12:20:53,203][INFO ][o.e.x.m.j.p.l.CppLogMessageHandler] [tK858lY] [controller/22196] [Main.cc@109] controller (64 bit): Version 6.5.2 (Build 767566e25172d6) Copyright (c) 2018 Elasticsearch BV
[2018-12-28T12:20:53,422][INFO ][c.f.s.a.i.AuditLogImpl ] [tK858lY] Configured categories on rest layer to ignore: [AUTHENTICATED, GRANTED_PRIVILEGES]
[2018-12-28T12:20:53,423][INFO ][c.f.s.a.i.AuditLogImpl ] [tK858lY] Configured categories on transport layer to ignore: [AUTHENTICATED, GRANTED_PRIVILEGES]
[2018-12-28T12:20:53,423][INFO ][c.f.s.a.i.AuditLogImpl ] [tK858lY] Configured Users to ignore: [kibanaserver]
[2018-12-28T12:20:53,423][INFO ][c.f.s.a.i.AuditLogImpl ] [tK858lY] Configured Users to ignore for read compliance events: [kibanaserver]
[2018-12-28T12:20:53,423][INFO ][c.f.s.a.i.AuditLogImpl ] [tK858lY] Configured Users to ignore for write compliance events: [kibanaserver]
[2018-12-28T12:20:53,429][INFO ][c.f.s.a.i.AuditLogImpl ] [tK858lY] Message routing enabled: true
[2018-12-28T12:20:53,432][WARN ][c.f.s.c.ComplianceConfig ] [tK858lY] If you plan to use field masking pls configure searchguard.compliance.salt to be a random string of 16 chars length identical on all nodes
[2018-12-28T12:20:53,432][INFO ][c.f.s.c.ComplianceConfig ] [tK858lY] PII configuration [auditLogPattern=org.joda.time.format.DateTimeFormatter@508f4bb5, auditLogIndex=null]: {}
[2018-12-28T12:20:53,673][DEBUG][o.e.a.ActionModule ] [tK858lY] Using REST wrapper from plugin com.floragunn.searchguard.SearchGuardPlugin
[2018-12-28T12:20:53,937][INFO ][o.e.d.DiscoveryModule ] [tK858lY] using discovery type [zen] and host providers [settings]
[2018-12-28T12:20:54,789][INFO ][o.e.n.Node ] [tK858lY] initialized
[2018-12-28T12:20:54,790][INFO ][o.e.n.Node ] [tK858lY] starting ...
[2018-12-28T12:20:54,899][INFO ][o.e.t.TransportService ] [tK858lY] publish_address {68.183.51.152:9300}, bound_addresses {68.183.51.152:9300}
[2018-12-28T12:20:54,967][INFO ][o.e.b.BootstrapChecks ] [tK858lY] bound or publishing to a non-loopback address, enforcing bootstrap checks
[2018-12-28T12:20:54,979][INFO ][c.f.s.c.IndexBaseConfigurationRepository] [tK858lY] Check if searchguard index exists ...
[2018-12-28T12:20:54,985][DEBUG][o.e.a.a.i.e.i.TransportIndicesExistsAction] [tK858lY] no known master node, scheduling a retry
[2018-12-28T12:21:01,634][INFO ][c.f.s.c.IndexBaseConfigurationRepository] [tK858lY] Search Guard License Info: SearchGuardLicense [uid=00000000-0000-0000-0000-000000000000, type=TRIAL, features=[COMPLIANCE], issueDate=2018-12-18, expiryDate=2019-02-16, issuedTo=The world, issuer=floragunn GmbH, startDate=2018-12-18, majorVersion=6, clusterName=*, allowedNodeCount=2147483647, msgs=[], expiresInDays=50, isExpired=false, valid=true, action=, prodUsage=Yes, one cluster with all commercial features and unlimited nodes per cluster., clusterService=org.elasticsearch.cluster.service.ClusterService@34e5839b, getMsgs()=[], getExpiresInDays()=50, isExpired()=false, isValid()=true, getAction()=, getProdUsage()=Yes, one cluster with all commercial features and unlimited nodes per cluster.]
[2018-12-28T12:21:01,635][INFO ][c.f.s.c.IndexBaseConfigurationRepository] [tK858lY] Search Guard License Type: TRIAL, valid
[2018-12-28T12:21:01,635][INFO ][c.f.s.c.IndexBaseConfigurationRepository] [tK858lY] Node 'tK858lY' initialized
* Other installed Elasticsearch or Kibana plugins, if any
disabled some plugins
xpack.security.enabled: false
console.enabled: true
timelion.enabled: false
elasticsearch.ssl.verificationMode: none
console.enabled: true
timelion.enabled: false
elasticsearch.ssl.verificationMode: none
* when creating new user with above configuration i have restarted ES as well but i am unable to login with new users please advice me.
Thanks
Phani
SG
Jan 1, 2019, 9:29:14 AM1/1/19
to search...@googlegroups.com
Can you post your sg_internal_users.yml and sg_roles_mapping.yml file (as attachments)?
> --
> You received this message because you are subscribed to the Google Groups "Search Guard Community Forum" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to search-guard...@googlegroups.com.
> To post to this group, send email to search...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/2960169e-b8e3-491e-9264-885901590da3%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
> You received this message because you are subscribed to the Google Groups "Search Guard Community Forum" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to search-guard...@googlegroups.com.
> To post to this group, send email to search...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/2960169e-b8e3-491e-9264-885901590da3%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
Phani Nadiminti
Jan 1, 2019, 10:39:00 AM1/1/19
to search...@googlegroups.com
Hello,
Thankyou for the response. I made a mistake defining correct permissions to. Kibana index when assigning role permissions now it is working as expected.
Phani
To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/9BBB7F4F-2ED8-472E-82FD-6B19415DF6EE%40search-guard.com.
Reply all
Reply to author
Forward
0 new messages