ELK upgrade warning.

290 views
Skip to first unread message

Darryl Mackay

unread,
Sep 25, 2021, 12:09:57 AM9/25/21
to SELKS

Hi all,

A recent upgrade to SELKS updated Elasticsearch, Logstash and Kibana to 7.15. The result is that when the dashboards are viewed in Kibana, the following warning appears:-

Warning: 299 Elasticsearch-7.15.0-79d65f6e357953a5b3cbcc5e2c7c21073d89aa29 "Elasticsearch built-in security features are not enabled. Without authentication, your cluster could be accessible to anyone. See https://www.elastic.co/guide/en/elasticsearch/reference/7.15/security-minimal-setup.html to enable security."

Trying to fix this problem by enabling minimal security caused the SELKS stack to lose connectivity between Elasticsearch, Logstash and Kibana. The fix to the problem wasn't evident at first, although unorthodox.

1.) SSH into SELKS and edit /etc/elasticsearch/elasticsearch.yml
2.) Place the following line at the end of the file:-
      xpack.security.enabled: false
3.) Save the file and restart elasticsearch with:-
      systemctl restart elasticsearch or service elasticsearch restart

Hope this information helps.

Alexander Nedelchev

unread,
Sep 25, 2021, 4:03:58 AM9/25/21
to SELKS
Thanks for sharing!

Peter Manev

unread,
Sep 29, 2021, 4:09:07 AM9/29/21
to Alexander Nedelchev, SELKS
Docs are updated too
https://github.com/StamusNetworks/SELKS/wiki/Elasticsearch-authentication-warning
Thank you !
> --
> IRC: Let's talk about SELKS on Freenode IRC on the #SELKS channel
> Wiki: https://github.com/StamusNetworks/SELKS/wiki
> GitHub: https://github.com/StamusNetworks/SELKS
> Blog: https://www.stamus-networks.com/theblog/
> Twitter: @StamusN
> g+: Stamus Networks
> ---
> You received this message because you are subscribed to the Google Groups "SELKS" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to selks+un...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/selks/737814f5-1bd3-4411-a6c9-a3c09f2b3a64n%40googlegroups.com.



--
Regards,
Peter Manev

Hao Phan

unread,
Oct 5, 2021, 11:24:14 PM10/5/21
to SELKS

after upgrade to 7.15, click to kibana icon show blank page. How to fix, I think it's nginx problem
Vào lúc 15:09:07 UTC+7 ngày Thứ Tư, 29 tháng 9, 2021, pevma đã viết:
Reply all
Reply to author
Forward
0 new messages