[2017-10-25T18:19:42,446][DEBUG][c.f.s.c.PrivilegesEvaluator] evaluate permissions for User [name=index_admin, roles=[]]
[2017-10-25T18:19:42,446][DEBUG][c.f.s.c.PrivilegesEvaluator] requested indices:data/read/scroll/clear from 10.111.146.128:48922
[2017-10-25T18:19:42,446][DEBUG][c.f.s.c.PrivilegesEvaluator] class org.elasticsearch.action.search.ClearScrollRequest is not an IndicesRequest
[2017-10-25T18:19:42,446][DEBUG][c.f.s.c.PrivilegesEvaluator] requested resolved indextypes: [IndexType [index=_all, type=*]]
[2017-10-25T18:19:42,446][DEBUG][c.f.s.c.PrivilegesEvaluator] mapped roles for index_admin: [sg_own_index, sg_public, spir_all]
[2017-10-25T18:19:42,446][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_own_index
[2017-10-25T18:19:42,446][DEBUG][c.f.s.c.PrivilegesEvaluator] resolved cluster actions:[indices:admin/aliases/exists*, indices:admin/aliases*, indices:data/read/msearch, indices:data/read/coordinate-msearch*, indices:data/write/bulk, indices:admin/aliases/get*, indices:data/read/mget, indices:data/read/mtv]
[2017-10-25T18:19:42,446][DEBUG][c.f.s.c.PrivilegesEvaluator] not match found a match for 'sg_own_index' and indices:data/read/scroll/clear, check next role
[2017-10-25T18:19:42,446][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: sg_public
[2017-10-25T18:19:42,446][DEBUG][c.f.s.c.PrivilegesEvaluator] resolved cluster actions:[indices:admin/aliases/exists*, indices:data/read/msearch, cluster:monitor/main, indices:data/read/coordinate-msearch*, indices:admin/aliases/get*, indices:data/read/mget, indices:data/read/mtv]
[2017-10-25T18:19:42,446][DEBUG][c.f.s.c.PrivilegesEvaluator] not match found a match for 'sg_public' and indices:data/read/scroll/clear, check next role
[2017-10-25T18:19:42,446][DEBUG][c.f.s.c.PrivilegesEvaluator] ---------- evaluate sg_role: index_all
[2017-10-25T18:19:42,446][DEBUG][c.f.s.c.PrivilegesEvaluator] resolved cluster actions:[cluster:monitor/*]
[2017-10-25T18:19:42,446][DEBUG][c.f.s.c.PrivilegesEvaluator] not match found a match for 'index_all' and indices:data/read/scroll/clear, check next role
[2017-10-25T18:19:42,446][INFO ][c.f.s.c.PrivilegesEvaluator] No cluster-level perm match for User [name=index_admin, roles=[]] [IndexType [index=_all, type=*]] [Action [indices:data/read/scroll/clear]] [RolesChecked [sg_own_index, sg_public, index_all]]
[2017-10-25T18:19:42,446][INFO ][c.f.s.c.PrivilegesEvaluator] No permissions for {}
[2017-10-25T18:19:42,446][DEBUG][c.f.s.f.SearchGuardFilter] no permissions for indices:data/read/scroll/clear
[2017-10-25T18:19:42,446][WARN ][o.e.i.r.TransportDeleteByQueryAction] [elk] Failed to clear scroll [DnF1ZXJ5VGhlbkZldGNoBQAAAAAAAAFqFjBrcWt6cTlmUXAyT3llcGxjUGpmX0EAAAAAAAABaRYwa3FrenE5ZlFwMk95ZXBsY1BqZl9BAAAAAAAAAWsWMGtxa3pxOWZRcDJPeWVwbGNQamZfQQAAAAAAAAFsFjBrcWt6cTlmUXAyT3llcGxjUGpmX0EAAAAAAAABbRYwa3FrenE5ZlFwMk95ZXBsY1BqZl9B]