ELK upgrade warning.
369 views
Skip to first unread message
Darryl Mackay
Sep 25, 2021, 12:09:57 AM9/25/21
to SELKS
Hi all,
A recent upgrade to SELKS updated Elasticsearch, Logstash and Kibana to 7.15. The result is that when the dashboards are viewed in Kibana, the following warning appears:-
Warning: 299
Elasticsearch-7.15.0-79d65f6e357953a5b3cbcc5e2c7c21073d89aa29
"Elasticsearch built-in security features are not enabled. Without
authentication, your cluster could be accessible to anyone. See
https://www.elastic.co/guide/en/elasticsearch/reference/7.15/security-minimal-setup.html
to enable security."
Trying to fix this problem by enabling minimal security caused the SELKS stack to lose connectivity between Elasticsearch, Logstash and Kibana. The fix to the problem wasn't evident at first, although unorthodox.
1.) SSH into SELKS and edit /etc/elasticsearch/elasticsearch.yml
2.) Place the following line at the end of the file:-
xpack.security.enabled: false
3.) Save the file and restart elasticsearch with:-
systemctl restart elasticsearch or service elasticsearch restart
Hope this information helps.
Alexander Nedelchev
Sep 25, 2021, 4:03:58 AM9/25/21
to SELKS
Thanks for sharing!
Peter Manev
Sep 29, 2021, 4:09:07 AM9/29/21
to Alexander Nedelchev, SELKS
Docs are updated too
https://github.com/StamusNetworks/SELKS/wiki/Elasticsearch-authentication-warning
Thank you !
> --
> IRC: Let's talk about SELKS on Freenode IRC on the #SELKS channel
> Wiki: https://github.com/StamusNetworks/SELKS/wiki
> GitHub: https://github.com/StamusNetworks/SELKS
> Blog: https://www.stamus-networks.com/theblog/
> Twitter: @StamusN
> g+: Stamus Networks
> ---
> You received this message because you are subscribed to the Google Groups "SELKS" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to selks+un...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/selks/737814f5-1bd3-4411-a6c9-a3c09f2b3a64n%40googlegroups.com.
--
Regards,
Peter Manev
https://github.com/StamusNetworks/SELKS/wiki/Elasticsearch-authentication-warning
Thank you !
> IRC: Let's talk about SELKS on Freenode IRC on the #SELKS channel
> Wiki: https://github.com/StamusNetworks/SELKS/wiki
> GitHub: https://github.com/StamusNetworks/SELKS
> Blog: https://www.stamus-networks.com/theblog/
> Twitter: @StamusN
> g+: Stamus Networks
> ---
> You received this message because you are subscribed to the Google Groups "SELKS" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to selks+un...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/selks/737814f5-1bd3-4411-a6c9-a3c09f2b3a64n%40googlegroups.com.
--
Regards,
Peter Manev
Hao Phan
Oct 5, 2021, 11:24:14 PM10/5/21
to SELKS
after upgrade to 7.15, click to kibana icon show blank page. How to fix, I think it's nginx problem
Vào lúc 15:09:07 UTC+7 ngày Thứ Tư, 29 tháng 9, 2021, pevma đã viết:
Reply all
Reply to author
Forward
0 new messages