Kibana, Searchguard & X-Pack Mointoring
288 views
Skip to first unread message
richard...@gmail.com
Apr 20, 2018, 1:47:43 PM4/20/18
to Search Guard Community Forum
When asking questions, please provide the following information:
Hi there I would like to ask if anyone has seen the following error.
* Search Guard and Elasticsearch version
6.2.2
* Installed and used enterprise modules, if any
None
* JVM version and operating system version
The one that ships with the offical docker containers
* Search Guard configuration files
Default for now testing TLS setup and deployment
* Elasticsearch log messages on debug level
{"type":"error","@timestamp":"2018-04-20T17:41:45Z","tags":["fatal"],"pid":1,"level":"fatal","error":{"message":"child \"searchguard\" fails because [\"ssl\" is not allowed]","name":"ValidationError","stack":"ValidationError: child \"searchguard\" fails because [\"ssl\" is not allowed]\n at Object.exports.process (/usr/share/kibana/node_modules/joi/lib/errors.js:181:19)\n at _validateWithOptions (/usr/share/kibana/node_modules/joi/lib/any.js:651:31)\n at root.validate (/usr/share/kibana/node_modules/joi/lib/index.js:121:23)\n at Config._commit (/usr/share/kibana/src/server/config/config.js:119:35)\n at Config.set (/usr/share/kibana/src/server/config/config.js:89:10)\n at Config.extendSchema (/usr/share/kibana/src/server/config/config.js:62:10)\n at /usr/share/kibana/src/plugin_discovery/plugin_config/extend_config_service.js:22:12\n at next (native)\n at step (/usr/share/kibana/src/plugin_discovery/plugin_config/extend_config_service.js:45:191)\n at /usr/share/kibana/src/plugin_discovery/plugin_config/extend_config_service.js:45:361"},"message":"child \"searchguard\" fails because [\"ssl\" is not allowed]"}
{"type":"error","@timestamp":"2018-04-20T17:41:50Z","tags":["fatal"],"pid":1,"level":"fatal","error":{"message":"child \"searchguard\" fails because [\"ssl\" is not allowed]","name":"ValidationError","stack":"ValidationError: child \"searchguard\" fails because [\"ssl\" is not allowed]\n at Object.exports.process (/usr/share/kibana/node_modules/joi/lib/errors.js:181:19)\n at _validateWithOptions (/usr/share/kibana/node_modules/joi/lib/any.js:651:31)\n at root.validate (/usr/share/kibana/node_modules/joi/lib/index.js:121:23)\n at Config._commit (/usr/share/kibana/src/server/config/config.js:119:35)\n at Config.set (/usr/share/kibana/src/server/config/config.js:89:10)\n at Config.extendSchema (/usr/share/kibana/src/server/config/config.js:62:10)\n at /usr/share/kibana/src/plugin_discovery/plugin_config/extend_config_service.js:22:12\n at next (native)\n at step (/usr/share/kibana/src/plugin_discovery/plugin_config/extend_config_service.js:45:191)\n at /usr/share/kibana/src/plugin_discovery/plugin_config/extend_config_service.js:45:361"},"message":"child \"searchguard\" fails because [\"ssl\" is not allowed]"}* Other installed Elasticsearch or Kibana plugins, if any
X-Pack for monitoring only
Bishwajit Samanta
Apr 21, 2018, 11:39:08 AM4/21/18
to search...@googlegroups.com
Based on the error logs , I can understand that ssl is not allowed. So I guess we need to make some changes in elasticsearch.yml post that ssl may be resolved.
--
You received this message because you are subscribed to the Google Groups "Search Guard Community Forum" group.
To unsubscribe from this group and stop receiving emails from it, send an email to search-guard...@googlegroups.com.
To post to this group, send email to search...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/b7bba6bd-36b5-4570-8244-0f7d7682ec2e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
SG
Apr 22, 2018, 7:45:08 AM4/22/18
to search...@googlegroups.com
Make sure you have disabled X-Pack security in kibana.yml
...
xpack.security.enabled: false
xpack.monitoring.enabled: true
...
> To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/CAPkwwd0OHDGX7J2EYULZWM0hpAqs8tGAigWejwVR8jPHrc5B%2BA%40mail.gmail.com.
...
xpack.security.enabled: false
xpack.monitoring.enabled: true
...
Jochen Kressin
Apr 22, 2018, 4:26:19 PM4/22/18
to Search Guard Community Forum
Can you please post the contents of your kibana.yml. According to the error message:
"message":"child \"searchguard\" fails because [\"ssl\" is not allowed]"}
It seems you have a configuration entry like:
searchguard.ssl.....
in kibana.yml which is not valid. Make sure you do not confuse the settings in elasticsearch.yml with settings in kibana.yml. The error is thrown when Kibana is validating the kibana.yml configuration settings.
Richard Laing
Apr 23, 2018, 4:50:14 AM4/23/18
to search...@googlegroups.com
The following is my Kibana configuration
xpack.security.enabled: false
xpack.monitoring.enabled: true
server.name: kibana
server.host: "0"
elasticsearch.url: https://XXX:9200
elasticsearch.username: "XXXXXX"
elasticsearch.password: "XXXXXX"
searchguard.ssl.http.enabled: true
elasticsearch.ssl.verificationMode: certificate
--
You received this message because you are subscribed to the Google Groups "Search Guard Community Forum" group.
To unsubscribe from this group and stop receiving emails from it, send an email to search-guard+unsubscribe@googlegroups.com.
To post to this group, send email to search...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/d5b7c414-2b55-4f27-be16-dc22f80521d2%40googlegroups.com.
Yours R.Laing BSC Hons
Search Guard
Apr 23, 2018, 10:05:24 AM4/23/18
to Search Guard Community Forum
seems you mixed up elasticsearch.yml and kibana.yml
There is no "searchguard.ssl.http.enabled" configuration in kibana.yml
You need to define this in elasticsearch.yml
Pls refer to the SG docs: https://docs.search-guard.com/latest/index and the kibana docs: https://www.elastic.co/guide/en/kibana/6.2/index.html
richard...@gmail.com
Apr 23, 2018, 10:10:44 AM4/23/18
to Search Guard Community Forum
Yeah i noticed that I have been reading up on your website and I have fixed my configuration as exampled by the configuration below, also I read a couple of posts around the user group so thanks for the help.
#xpack settings
xpack.security.enabled: false
xpack.monitoring.enabled: true
#elasticsearch settings
elasticsearch.ssl.verificationMode: certificate
elasticsearch.ssl.certificateAuthorities: /usr/share/kibana/config/certs/XXXXX
elasticsearch.ssl.certificate: /usr/share/kibana/config/certs/XXXXX
elasticsearch.ssl.key: /usr/share/kibana/config/certs/XXXXX
elasticsearch.url: "https://XXX:9200"
elasticsearch.username: "XXXXX"
elasticsearch.password: "XXXXX"
elasticsearch.requestHeadersWhitelist: [ "Authorization", "x-forwarded-for", "x-forwarded-by", "x-proxy-user", "x-proxy-roles" ]
#server settings
server.name: kibana
server.host: "0"
server.ssl.supportedProtocols:
- "TLSv1.2"Reply all
Reply to author
Forward
0 new messages