here you can see the logs of ES
[2018-11-20T11:53:12,624][INFO ][c.f.s.c.IndexBaseConfigurationRepository] Search Guard License Type: TRIAL, valid
[2018-11-20T11:53:47,541][INFO ][c.f.s.p.PrivilegesEvaluator] No index-level perm match for User [name=logstash, roles=[logstash], requestedTenant=null] Resolved [aliases=[*], indices=[*], allIndices=[*], types=[*], isAll()=true, isEmpty()=false] [Action [indices:monitor/stats]] [RolesChecked [sg_own_index, sg_all_user, sg_logstash]]
[2018-11-20T11:53:47,542][INFO ][c.f.s.p.PrivilegesEvaluator] No permissions for [indices:monitor/stats]
[2018-11-20T11:53:53,494][INFO ][c.f.s.p.PrivilegesEvaluator] No index-level perm match for User [name=logstash, roles=[logstash], requestedTenant=null] Resolved [aliases=[*], indices=[*], allIndices=[*], types=[*], isAll()=true, isEmpty()=false] [Action [indices:monitor/stats]] [RolesChecked [sg_own_index, sg_all_user, sg_logstash]]
[2018-11-20T11:53:53,494][INFO ][c.f.s.p.PrivilegesEvaluator] No permissions for [indices:monitor/stats]
and below mentioned is the role i have created for logstash.