Elasticsearch Received plaintext traffic on an encrypted channel, closing connection Netty4TcpChannel - elasticsearch

I have just downloaded elasticsearch and run the elasticsearch.bat.
So i didn't modify anything, but when i try to access localhost:9200 or 9300 is not working.
Accordign to logs it started ok.
[2022-03-14T16:42:47,633][INFO ][o.e.i.r.RecoverySettings ] [DESKTOP-3DPA0JQ] using rate limit [40mb] with [default=40mb, read=0b, write=0b, max=0b]
[2022-03-14T16:42:47,664][INFO ][o.e.d.DiscoveryModule ] [DESKTOP-3DPA0JQ] using discovery type [multi-node] and seed hosts providers [settings]
[2022-03-14T16:42:48,507][INFO ][o.e.n.Node ] [DESKTOP-3DPA0JQ] initialized
[2022-03-14T16:42:48,508][INFO ][o.e.n.Node ] [DESKTOP-3DPA0JQ] starting ...
[2022-03-14T16:42:48,564][INFO ][o.e.x.s.c.f.PersistentCache] [DESKTOP-3DPA0JQ] persistent cache index loaded
[2022-03-14T16:42:48,565][INFO ][o.e.x.d.l.DeprecationIndexingComponent] [DESKTOP-3DPA0JQ] deprecation component started
[2022-03-14T16:42:48,692][INFO ][o.e.t.TransportService ] [DESKTOP-3DPA0JQ] publish_address {127.0.0.1:9300}, bound_addresses {127.0.0.1:9300}, {[::1]:9300}
[2022-03-14T16:42:49,065][INFO ][o.e.c.c.Coordinator ] [DESKTOP-3DPA0JQ] cluster UUID [M7j_3np8QtCiMDZ8hLGu6w]
[2022-03-14T16:42:49,157][INFO ][o.e.c.s.MasterService ] [DESKTOP-3DPA0JQ] elected-as-master ([1] nodes joined)[{DESKTOP-3DPA0JQ}{n3yQhC4cQveWn_x7QrQPYQ}{QSgY7a2zQDWZClJOW_2yEg}{127.0.0.1}{127.0.0.1:9300}{cdfhilmrstw} completing election, _BECOME_MASTER_TASK_, _FINISH_ELECTION_], term: 10, version: 142, delta: master node changed {previous [], current [{DESKTOP-3DPA0JQ}{n3yQhC4cQveWn_x7QrQPYQ}{QSgY7a2zQDWZClJOW_2yEg}{127.0.0.1}{127.0.0.1:9300}{cdfhilmrstw}]}
[2022-03-14T16:42:49,269][INFO ][o.e.c.s.ClusterApplierService] [DESKTOP-3DPA0JQ] master node changed {previous [], current [{DESKTOP-3DPA0JQ}{n3yQhC4cQveWn_x7QrQPYQ}{QSgY7a2zQDWZClJOW_2yEg}{127.0.0.1}{127.0.0.1:9300}{cdfhilmrstw}]}, term: 10, version: 142, reason: Publication{term=10, version=142}
[2022-03-14T16:42:49,326][INFO ][o.e.h.AbstractHttpServerTransport] [DESKTOP-3DPA0JQ] publish_address {127.0.0.1:9200}, bound_addresses {127.0.0.1:9200}, {[::1]:9200}
[2022-03-14T16:42:49,327][INFO ][o.e.n.Node ] [DESKTOP-3DPA0JQ] started
[2022-03-14T16:42:49,379][INFO ][o.e.l.LicenseService ] [DESKTOP-3DPA0JQ] license [f997c03d-7240-4ecf-be38-65f043eea771] mode [basic] - valid
[2022-03-14T16:42:49,380][INFO ][o.e.x.s.a.Realms ] [DESKTOP-3DPA0JQ] license mode is [basic], currently licensed security realms are [reserved/reserved,file/default_file,native/default_native]
[2022-03-14T16:42:49,386][INFO ][o.e.g.GatewayService ] [DESKTOP-3DPA0JQ] recovered [2] indices into cluster_state
[2022-03-14T16:42:49,880][INFO ][o.e.c.r.a.AllocationService] [DESKTOP-3DPA0JQ] current.health="GREEN" message="Cluster health status changed from [RED] to [GREEN] (reason: [shards started [[.geoip_databases][0], [.security-7][0]]])." previous.health="RED" reason="shards started [[.geoip_databases][0], [.security-7][0]]"
[2022-03-14T16:42:50,142][INFO ][o.e.i.g.DatabaseNodeService] [DESKTOP-3DPA0JQ] successfully loaded geoip database file [GeoLite2-Country.mmdb]
[2022-03-14T16:42:50,155][INFO ][o.e.i.g.DatabaseNodeService] [DESKTOP-3DPA0JQ] successfully loaded geoip database file [GeoLite2-ASN.mmdb]
[2022-03-14T16:42:51,002][INFO ][o.e.i.g.DatabaseNodeService] [DESKTOP-3DPA0JQ] successfully loaded geoip database file [GeoLite2-City.mmdb]
[2022-03-14T16:42:54,067][WARN ][o.e.x.s.t.n.SecurityNetty4HttpServerTransport] [DESKTOP-3DPA0JQ] received plaintext http traffic on an https channel, closing connection Netty4HttpChannel{localAddress=/[0:0:0:0:0:0:0:1]:9200, remoteAddress=/[0:0:0:0:0:0:0:1]:64318}
[2022-03-14T16:42:54,067][WARN ][o.e.x.s.t.n.SecurityNetty4HttpServerTransport] [DESKTOP-3DPA0JQ] received plaintext http traffic on an https channel, closing connection Netty4HttpChannel{localAddress=/[0:0:0:0:0:0:0:1]:9200, remoteAddress=/[0:0:0:0:0:0:0:1]:64319}
[2022-03-14T16:42:54,068][WARN ][o.e.x.s.t.n.SecurityNetty4HttpServerTransport] [DESKTOP-3DPA0JQ] received plaintext http traffic on an https channel, closing connection Netty4HttpChannel{localAddress=/[0:0:0:0:0:0:0:1]:9200, remoteAddress=/[0:0:0:0:0:0:0:1]:64320}
[2022-03-14T16:42:55,104][WARN ][o.e.x.s.t.n.SecurityNetty4HttpServerTransport] [DESKTOP-3DPA0JQ] received plaintext http traffic on an https channel, closing connection Netty4HttpChannel{localAddress=/[0:0:0:0:0:0:0:1]:9200, remoteAddress=/[0:0:0:0:0:0:0:1]:64321}


In the latest version (ES8), security is on by default (i.e. SSL/TLS).
If you're accessing from the browser, just use https instead of http:
https://localhost:9200
^
|
add this


Edit elasticsearch\config\elasticsearch.yml
xpack.security.enabled: false
xpack.security.enrollment.enabled: false
pack.security.http.ssl:
enabled: false
keystore.path: certs/http.p12
xpack.security.transport.ssl:
enabled: false
verification_mode: certificate
keystore.path: certs/transport.p12
truststore.path: certs/transport.p12

Related

elastic search server not running

I have downloaded elastic search on my laptop but whenever I go to bin folder of it and do elasticsearch.bat in Windows, some logs appear but the server don't start or show up on the browser.
Logs are pasted below:
warning: ignoring JAVA_HOME=C:\Program Files\Java\jdk1.8.0_151; using bundled JDK
[2022-09-20T21:53:00,089][INFO ][o.e.n.Node ] [LAPTOP-8VG1D5TB] version[8.4.1], pid[14672], build[zip/2bd229c8e56650b42e40992322a76e7914258f0c/2022-08-26T12:11:43.232597118Z], OS[Windows 10/10.0/amd64], JVM[Oracle Corporation/OpenJDK 64-Bit Server VM/18.0.2/18.0.2+9-61]
[2022-09-20T21:53:00,099][INFO ][o.e.n.Node ] [LAPTOP-8VG1D5TB] JVM home [G:\elastic stack\elasticsearch-8.4.1\jdk], using bundled JDK [true]
[2022-09-20T21:53:00,100][INFO ][o.e.n.Node ] [LAPTOP-8VG1D5TB] JVM arguments [-Des.networkaddress.cache.ttl=60, -Des.networkaddress.cache.negative.ttl=10, -Djava.security.manager=allow, -XX:+AlwaysPreTouch, -Xss1m, -Djava.awt.headless=true, -Dfile.encoding=UTF-8, -Djna.nosys=true, -XX:-OmitStackTraceInFastThrow, -Dio.netty.noUnsafe=true, -Dio.netty.noKeySetOptimization=true, -Dio.netty.recycler.maxCapacityPerThread=0, -Dlog4j.shutdownHookEnabled=false, -Dlog4j2.disable.jmx=true, -Dlog4j2.formatMsgNoLookups=true, -Djava.locale.providers=SPI,COMPAT, --add-opens=java.base/java.io=ALL-UNNAMED, -XX:+UseG1GC, -Djava.io.tmpdir=C:\Users\HP\AppData\Local\Temp\elasticsearch, -XX:+HeapDumpOnOutOfMemoryError, -XX:+ExitOnOutOfMemoryError, -XX:HeapDumpPath=data, -XX:ErrorFile=logs/hs_err_pid%p.log, -Xlog:gc*,gc+age=trace,safepoint:file=logs/gc.log:utctime,pid,tags:filecount=32,filesize=64m, -Xms4053m, -Xmx4053m, -XX:MaxDirectMemorySize=2125463552, -XX:G1HeapRegionSize=4m, -XX:InitiatingHeapOccupancyPercent=30, -XX:G1ReservePercent=15, -Des.distribution.type=zip, --module-path=G:\elastic stack\elasticsearch-8.4.1\lib, --add-modules=jdk.net, -Djdk.module.main=org.elasticsearch.server]
[2022-09-20T21:53:13,055][INFO ][c.a.c.i.j.JacksonVersion ] [LAPTOP-8VG1D5TB] Package versions: jackson-annotations=2.13.2, jackson-core=2.13.2, jackson-databind=2.13.2.2, jackson-dataformat-xml=2.13.2, jackson-datatype-jsr310=2.13.2, azure-core=1.27.0, Troubleshooting version conflicts: https://aka.ms/azsdk/java/dependency/troubleshoot
[2022-09-20T21:53:18,911][INFO ][o.e.p.PluginsService ] [LAPTOP-8VG1D5TB] loaded module [x-pack-voting-only-node]
[2022-09-20T21:53:18,912][INFO ][o.e.p.PluginsService ] [LAPTOP-8VG1D5TB] loaded module [x-pack-watcher]
[2022-09-20T21:53:18,913][INFO ][o.e.p.PluginsService ] [LAPTOP-8VG1D5TB] no plugins loaded
[2022-09-20T21:53:29,454][INFO ][o.e.e.NodeEnvironment ] [LAPTOP-8VG1D5TB] using [1] data paths, mounts [[New Volume (G:)]], net usable_space [246.3gb], net total_space [258.4gb], types [NTFS]
[2022-09-20T21:53:29,455][INFO ][o.e.e.NodeEnvironment ] [LAPTOP-8VG1D5TB] heap size [3.9gb], compressed ordinary object pointers [true]
[2022-09-20T21:53:29,737][INFO ][o.e.n.Node ] [LAPTOP-8VG1D5TB] node name [LAPTOP-8VG1D5TB], node ID [cWMr2jqXSdyI_w8NwYQdjw], cluster name [elasticsearch], roles [ingest, data_cold, data, remote_cluster_client, master, data_warm, data_content, transform, data_hot, ml, data_frozen]
[2022-09-20T21:53:41,627][INFO ][o.e.x.s.Security ] [LAPTOP-8VG1D5TB] Security is enabled
[2022-09-20T21:53:42,089][INFO ][o.e.x.s.a.s.FileRolesStore] [LAPTOP-8VG1D5TB] parsed [0] roles from file [G:\elastic stack\elasticsearch-8.4.1\config\roles.yml]
[2022-09-20T21:53:43,195][INFO ][o.e.x.m.p.l.CppLogMessageHandler] [LAPTOP-8VG1D5TB] [controller/744] [Main.cc#123] controller (64 bit): Version 8.4.1 (Build c0373714f3bc4b) Copyright (c) 2022 Elasticsearch BV
[2022-09-20T21:53:44,488][INFO ][o.e.t.n.NettyAllocator ] [LAPTOP-8VG1D5TB] creating NettyAllocator with the following configs: [name=elasticsearch_configured, chunk_size=1mb, suggested_max_allocation_size=1mb, factors={es.unsafe.use_netty_default_chunk_and_page_size=false, g1gc_enabled=true, g1gc_region_size=4mb}]
[2022-09-20T21:53:44,545][INFO ][o.e.i.r.RecoverySettings ] [LAPTOP-8VG1D5TB] using rate limit [40mb] with [default=40mb, read=0b, write=0b, max=0b]
[2022-09-20T21:53:44,668][INFO ][o.e.d.DiscoveryModule ] [LAPTOP-8VG1D5TB] using discovery type [multi-node] and seed hosts providers [settings]
[2022-09-20T21:53:48,249][INFO ][o.e.n.Node ] [LAPTOP-8VG1D5TB] initialized
[2022-09-20T21:53:48,251][INFO ][o.e.n.Node ] [LAPTOP-8VG1D5TB] starting ...
[2022-09-20T21:53:48,313][INFO ][o.e.x.s.c.f.PersistentCache] [LAPTOP-8VG1D5TB] persistent cache index loaded
[2022-09-20T21:53:48,315][INFO ][o.e.x.d.l.DeprecationIndexingComponent] [LAPTOP-8VG1D5TB] deprecation component started
[2022-09-20T21:53:48,698][INFO ][o.e.t.TransportService ] [LAPTOP-8VG1D5TB] publish_address {127.0.0.1:9300}, bound_addresses {127.0.0.1:9300}, {[::1]:9300}
[2022-09-20T21:53:50,024][WARN ][o.e.c.c.ClusterBootstrapService] [LAPTOP-8VG1D5TB] this node is locked into cluster UUID [jxCXal6sRFuAT73DX5e-0w] but [cluster.initial_master_nodes] is set to [LAPTOP-8VG1D5TB]; remove this setting to avoid possible data loss caused by subsequent cluster bootstrap attempts
[2022-09-20T21:53:50,370][INFO ][o.e.c.s.MasterService ] [LAPTOP-8VG1D5TB] elected-as-master ([1] nodes joined)[_FINISH_ELECTION_, {LAPTOP-8VG1D5TB}{cWMr2jqXSdyI_w8NwYQdjw}{S-HMyyEWTgW7OjvE4XtKJg}{LAPTOP-8VG1D5TB}{127.0.0.1}{127.0.0.1:9300}{cdfhilmrstw} completing election], term: 2, version: 30, delta: master node changed {previous [], current [{LAPTOP-8VG1D5TB}{cWMr2jqXSdyI_w8NwYQdjw}{S-HMyyEWTgW7OjvE4XtKJg}{LAPTOP-8VG1D5TB}{127.0.0.1}{127.0.0.1:9300}{cdfhilmrstw}]}
[2022-09-20T21:53:50,574][INFO ][o.e.c.s.ClusterApplierService] [LAPTOP-8VG1D5TB] master node changed {previous [], current [{LAPTOP-8VG1D5TB}{cWMr2jqXSdyI_w8NwYQdjw}{S-HMyyEWTgW7OjvE4XtKJg}{LAPTOP-8VG1D5TB}{127.0.0.1}{127.0.0.1:9300}{cdfhilmrstw}]}, term: 2, version: 30, reason: Publication{term=2, version=30}
[2022-09-20T21:53:50,667][INFO ][o.e.r.s.FileSettingsService] [LAPTOP-8VG1D5TB] starting file settings watcher ...
[2022-09-20T21:53:50,740][INFO ][o.e.r.s.FileSettingsService] [LAPTOP-8VG1D5TB] file settings service up and running [tid=55]
[2022-09-20T21:53:50,854][INFO ][o.e.h.AbstractHttpServerTransport] [LAPTOP-8VG1D5TB] publish_address {192.168.1.6:9200}, bound_addresses {[::]:9200}
[2022-09-20T21:53:50,857][INFO ][o.e.n.Node ] [LAPTOP-8VG1D5TB] started {LAPTOP-8VG1D5TB}{cWMr2jqXSdyI_w8NwYQdjw}{S-HMyyEWTgW7OjvE4XtKJg}{LAPTOP-8VG1D5TB}{127.0.0.1}{127.0.0.1:9300}{cdfhilmrstw}{xpack.installed=true, ml.allocated_processors=4, ml.max_jvm_size=4253024256, ml.machine_memory=8500776960}
[2022-09-20T21:53:51,059][INFO ][o.e.l.LicenseService ] [LAPTOP-8VG1D5TB] license [b3387b5e-8844-40c0-a4fe-8bb3b74b43d6] mode [basic] - valid
[2022-09-20T21:53:51,062][INFO ][o.e.x.s.a.Realms ] [LAPTOP-8VG1D5TB] license mode is [basic], currently licensed security realms are [reserved/reserved,file/default_file,native/default_native]
[2022-09-20T21:53:51,071][INFO ][o.e.g.GatewayService ] [LAPTOP-8VG1D5TB] recovered [2] indices into cluster_state
[2022-09-20T21:53:51,440][ERROR][o.e.i.g.GeoIpDownloader ] [LAPTOP-8VG1D5TB] exception during geoip databases updateorg.elasticsearch.ElasticsearchException: not all primary shards of [.geoip_databases] index are active
at org.elasticsearch.ingest.geoip#8.4.1/org.elasticsearch.ingest.geoip.GeoIpDownloader.updateDatabases(GeoIpDownloader.java:134)
at org.elasticsearch.ingest.geoip#8.4.1/org.elasticsearch.ingest.geoip.GeoIpDownloader.runDownloader(GeoIpDownloader.java:274)
at org.elasticsearch.ingest.geoip#8.4.1/org.elasticsearch.ingest.geoip.GeoIpDownloaderTaskExecutor.nodeOperation(GeoIpDownloaderTaskExecutor.java:102)
at org.elasticsearch.ingest.geoip#8.4.1/org.elasticsearch.ingest.geoip.GeoIpDownloaderTaskExecutor.nodeOperation(GeoIpDownloaderTaskExecutor.java:48)
at org.elasticsearch.server#8.4.1/org.elasticsearch.persistent.NodePersistentTasksExecutor$1.doRun(NodePersistentTasksExecutor.java:42)
See logs for more details.
[2022-09-20T21:53:52,678][INFO ][o.e.c.r.a.AllocationService] [LAPTOP-8VG1D5TB] current.health="GREEN" message="Cluster health status changed from [RED] to [GREEN] (reason: [shards started [[.security-7][0]]])." previous.health="RED" reason="shards started [[.security-7][0]]"
[2022-09-20T21:53:53,356][INFO ][o.e.i.g.DatabaseNodeService] [LAPTOP-8VG1D5TB] successfully loaded geoip database file [GeoLite2-Country.mmdb]
[2022-09-20T21:53:53,686][INFO ][o.e.i.g.DatabaseNodeService] [LAPTOP-8VG1D5TB] successfully loaded geoip database file [GeoLite2-ASN.mmdb]
[2022-09-20T21:53:59,679][INFO ][o.e.i.g.DatabaseNodeService] [LAPTOP-8VG1D5TB] successfully loaded geoip database file [GeoLite2-City.mmdb]
[2022-09-20T21:56:09,025][WARN ][o.e.x.c.s.t.n.SecurityNetty4Transport] [LAPTOP-8VG1D5TB] received plaintext traffic on an encrypted channel, closing connection Netty4TcpChannel{localAddress=/127.0.0.1:9300, remoteAddress=/127.0.0.1:63342, profile=default}
Can someone tell where the problem lies and how to resolve this?? I tried with all addresses given in log but everytime got no response on the browswer

Two pictures are attached.
Find the elasticserach.yml configuration file. Change the security authentication, switch from true to false to achieve no-secret login access. Change both of these to false.
Add a new configuration to the file("ingest.geoip.downloader.enabled: false").

What is causing elasticsearch to shutdown shortly after starting up?

I'm having an issue with Elasticsearch on EC2 where I'm starting up several new instances from the same AMI, and very occasionally (like < 1% of the time), the Elasticsearch service will stop shortly after starting. I've looked at the log file, but it's not really clear to me why the service is stopping. Are there any clues in this that I'm missing, or is there anywhere else I should look for logs when this happens?
[2020-07-28T18:17:44,251][INFO ][o.e.c.c.ClusterBootstrapService] [ip-10-0-0-68] no discovery configuration found, will perform best-effort cluster bootstrapping after [3s] unless existing master is discovered
[2020-07-28T18:17:44,375][INFO ][o.e.c.s.MasterService ] [ip-10-0-0-68] elected-as-master ([1] nodes joined)[{ip-10-0-0-68}{C1lEYCg6RUWry4avn4isxw}{IjXE3KNOQO2UeZyrX2o3FA}{127.0.0.1}{127.0.0.1:9300}{dilm}{ml.machine_memory=32601837568, xpack.installed=true, ml.max_open_jobs=20} elect leader, _BECOME_MASTER_TASK_, _FINISH_ELECTION_], term: 4, version: 26, delta: master node changed {previous [], current [{ip-10-0-0-68}{C1lEYCg6RUWry4avn4isxw}{IjXE3KNOQO2UeZyrX2o3FA}{127.0.0.1}{127.0.0.1:9300}{dilm}{ml.machine_memory=32601837568, xpack.installed=true, ml.max_open_jobs=20}]}
[2020-07-28T18:17:44,416][INFO ][o.e.c.s.ClusterApplierService] [ip-10-0-0-68] master node changed {previous [], current [{ip-10-0-0-68}{C1lEYCg6RUWry4avn4isxw}{IjXE3KNOQO2UeZyrX2o3FA}{127.0.0.1}{127.0.0.1:9300}{dilm}{ml.machine_memory=32601837568, xpack.installed=true, ml.max_open_jobs=20}]}, term: 4, version: 26, reason: Publication{term=4, version=26}
[2020-07-28T18:17:44,446][INFO ][o.e.h.AbstractHttpServerTransport] [ip-10-0-0-68] publish_address {127.0.0.1:9200}, bound_addresses {[::1]:9200}, {127.0.0.1:9200}
[2020-07-28T18:17:44,447][INFO ][o.e.n.Node ] [ip-10-0-0-68] started
[2020-07-28T18:17:44,595][INFO ][o.e.l.LicenseService ] [ip-10-0-0-68] license [a9a29e21-5167-497e-9e49-ccc785ea2d47] mode [basic] - valid
[2020-07-28T18:17:44,596][INFO ][o.e.x.s.s.SecurityStatusChangeListener] [ip-10-0-0-68] Active license is now [BASIC]; Security is disabled
[2020-07-28T18:17:44,602][INFO ][o.e.g.GatewayService ] [ip-10-0-0-68] recovered [0] indices into cluster_state
[2020-07-28T18:18:29,947][INFO ][o.e.n.Node ] [ip-10-0-0-68] stopping ...
[2020-07-28T18:18:29,962][INFO ][o.e.x.w.WatcherService ] [ip-10-0-0-68] stopping watch service, reason [shutdown initiated]
[2020-07-28T18:18:29,963][INFO ][o.e.x.w.WatcherLifeCycleService] [ip-10-0-0-68] watcher has stopped and shutdown
[2020-07-28T18:18:30,014][INFO ][o.e.x.m.p.l.CppLogMessageHandler] [ip-10-0-0-68] [controller/2184] [Main.cc#150] Ml controller exiting
[2020-07-28T18:18:30,015][INFO ][o.e.x.m.p.NativeController] [ip-10-0-0-68] Native controller process has stopped - no new native processes can be started
[2020-07-28T18:18:30,024][INFO ][o.e.n.Node ] [ip-10-0-0-68] stopped
[2020-07-28T18:18:30,024][INFO ][o.e.n.Node ] [ip-10-0-0-68] closing ...
[2020-07-28T18:18:30,032][INFO ][o.e.n.Node ] [ip-10-0-0-68] closed

[2020-07-28T18:18:29,947][INFO ][o.e.n.Node ] [ip-10-0-0-68] stopping ...
This log line means Elasticsearch shut down gracefully after receiving a shutdown signal (typically SIGTERM) from an external source. It's not possible to say what the external source is, it depends on your system. It could for instance be systemd if that's how you're starting Elasticsearch. If so, hopefully its logs tell you why it's sending that shutdown signal.

ElasticSearch cannot work (This page isn’t working) [duplicate]

I have just downloaded elasticsearch and run the elasticsearch.bat.
So i didn't modify anything, but when i try to access localhost:9200 or 9300 is not working.
Accordign to logs it started ok.
[2022-03-14T16:42:47,633][INFO ][o.e.i.r.RecoverySettings ] [DESKTOP-3DPA0JQ] using rate limit [40mb] with [default=40mb, read=0b, write=0b, max=0b]
[2022-03-14T16:42:47,664][INFO ][o.e.d.DiscoveryModule ] [DESKTOP-3DPA0JQ] using discovery type [multi-node] and seed hosts providers [settings]
[2022-03-14T16:42:48,507][INFO ][o.e.n.Node ] [DESKTOP-3DPA0JQ] initialized
[2022-03-14T16:42:48,508][INFO ][o.e.n.Node ] [DESKTOP-3DPA0JQ] starting ...
[2022-03-14T16:42:48,564][INFO ][o.e.x.s.c.f.PersistentCache] [DESKTOP-3DPA0JQ] persistent cache index loaded
[2022-03-14T16:42:48,565][INFO ][o.e.x.d.l.DeprecationIndexingComponent] [DESKTOP-3DPA0JQ] deprecation component started
[2022-03-14T16:42:48,692][INFO ][o.e.t.TransportService ] [DESKTOP-3DPA0JQ] publish_address {127.0.0.1:9300}, bound_addresses {127.0.0.1:9300}, {[::1]:9300}
[2022-03-14T16:42:49,065][INFO ][o.e.c.c.Coordinator ] [DESKTOP-3DPA0JQ] cluster UUID [M7j_3np8QtCiMDZ8hLGu6w]
[2022-03-14T16:42:49,157][INFO ][o.e.c.s.MasterService ] [DESKTOP-3DPA0JQ] elected-as-master ([1] nodes joined)[{DESKTOP-3DPA0JQ}{n3yQhC4cQveWn_x7QrQPYQ}{QSgY7a2zQDWZClJOW_2yEg}{127.0.0.1}{127.0.0.1:9300}{cdfhilmrstw} completing election, _BECOME_MASTER_TASK_, _FINISH_ELECTION_], term: 10, version: 142, delta: master node changed {previous [], current [{DESKTOP-3DPA0JQ}{n3yQhC4cQveWn_x7QrQPYQ}{QSgY7a2zQDWZClJOW_2yEg}{127.0.0.1}{127.0.0.1:9300}{cdfhilmrstw}]}
[2022-03-14T16:42:49,269][INFO ][o.e.c.s.ClusterApplierService] [DESKTOP-3DPA0JQ] master node changed {previous [], current [{DESKTOP-3DPA0JQ}{n3yQhC4cQveWn_x7QrQPYQ}{QSgY7a2zQDWZClJOW_2yEg}{127.0.0.1}{127.0.0.1:9300}{cdfhilmrstw}]}, term: 10, version: 142, reason: Publication{term=10, version=142}
[2022-03-14T16:42:49,326][INFO ][o.e.h.AbstractHttpServerTransport] [DESKTOP-3DPA0JQ] publish_address {127.0.0.1:9200}, bound_addresses {127.0.0.1:9200}, {[::1]:9200}
[2022-03-14T16:42:49,327][INFO ][o.e.n.Node ] [DESKTOP-3DPA0JQ] started
[2022-03-14T16:42:49,379][INFO ][o.e.l.LicenseService ] [DESKTOP-3DPA0JQ] license [f997c03d-7240-4ecf-be38-65f043eea771] mode [basic] - valid
[2022-03-14T16:42:49,380][INFO ][o.e.x.s.a.Realms ] [DESKTOP-3DPA0JQ] license mode is [basic], currently licensed security realms are [reserved/reserved,file/default_file,native/default_native]
[2022-03-14T16:42:49,386][INFO ][o.e.g.GatewayService ] [DESKTOP-3DPA0JQ] recovered [2] indices into cluster_state
[2022-03-14T16:42:49,880][INFO ][o.e.c.r.a.AllocationService] [DESKTOP-3DPA0JQ] current.health="GREEN" message="Cluster health status changed from [RED] to [GREEN] (reason: [shards started [[.geoip_databases][0], [.security-7][0]]])." previous.health="RED" reason="shards started [[.geoip_databases][0], [.security-7][0]]"
[2022-03-14T16:42:50,142][INFO ][o.e.i.g.DatabaseNodeService] [DESKTOP-3DPA0JQ] successfully loaded geoip database file [GeoLite2-Country.mmdb]
[2022-03-14T16:42:50,155][INFO ][o.e.i.g.DatabaseNodeService] [DESKTOP-3DPA0JQ] successfully loaded geoip database file [GeoLite2-ASN.mmdb]
[2022-03-14T16:42:51,002][INFO ][o.e.i.g.DatabaseNodeService] [DESKTOP-3DPA0JQ] successfully loaded geoip database file [GeoLite2-City.mmdb]
[2022-03-14T16:42:54,067][WARN ][o.e.x.s.t.n.SecurityNetty4HttpServerTransport] [DESKTOP-3DPA0JQ] received plaintext http traffic on an https channel, closing connection Netty4HttpChannel{localAddress=/[0:0:0:0:0:0:0:1]:9200, remoteAddress=/[0:0:0:0:0:0:0:1]:64318}
[2022-03-14T16:42:54,067][WARN ][o.e.x.s.t.n.SecurityNetty4HttpServerTransport] [DESKTOP-3DPA0JQ] received plaintext http traffic on an https channel, closing connection Netty4HttpChannel{localAddress=/[0:0:0:0:0:0:0:1]:9200, remoteAddress=/[0:0:0:0:0:0:0:1]:64319}
[2022-03-14T16:42:54,068][WARN ][o.e.x.s.t.n.SecurityNetty4HttpServerTransport] [DESKTOP-3DPA0JQ] received plaintext http traffic on an https channel, closing connection Netty4HttpChannel{localAddress=/[0:0:0:0:0:0:0:1]:9200, remoteAddress=/[0:0:0:0:0:0:0:1]:64320}
[2022-03-14T16:42:55,104][WARN ][o.e.x.s.t.n.SecurityNetty4HttpServerTransport] [DESKTOP-3DPA0JQ] received plaintext http traffic on an https channel, closing connection Netty4HttpChannel{localAddress=/[0:0:0:0:0:0:0:1]:9200, remoteAddress=/[0:0:0:0:0:0:0:1]:64321}

In the latest version (ES8), security is on by default (i.e. SSL/TLS).
If you're accessing from the browser, just use https instead of http:
https://localhost:9200
^
|
add this

Edit elasticsearch\config\elasticsearch.yml
xpack.security.enabled: false
xpack.security.enrollment.enabled: false
pack.security.http.ssl:
enabled: false
keystore.path: certs/http.p12
xpack.security.transport.ssl:
enabled: false
verification_mode: certificate
keystore.path: certs/transport.p12
truststore.path: certs/transport.p12

Cannot retrieve cluster state due to : None of the configured nodes are available

I'm trying to implement search-guard-5-5.6.3- in ES 5.6.3 and i have some trouble
while executing
./sgadmin.sh -ts truststore.jks -tspass 90f3cbdb3eabe04f815b -ks CN=sgadmin-keystore.jks -kspass a65d2a4fa62d7ed7a4d5 -cn cluster -h host -p 9200 -nhnv -cd ../sgconfig/
I get
Cannot retrieve cluster state due to: None of the configured nodes are
available: [{#transport#-1}{A1ZqEo4RSsqP3ZRSTXTUOg}{host}{host:9200}]. This is not an error, will keep on trying ...
Root cause: NoNodeAvailableException[None of the configured nodes are available: [{#transport#-1}{A1ZqEo4RSsqP3ZRSTXTUOg}{host}{host:9200}]] (org.elasticsearch.client.transport.NoNodeAvailableException/org.elasticsearch.c lient.transport.NoNodeAvailableException)
* Try running sgadmin.sh with -icl (but no -cl) and -nhnv (If thats works you need to check your clustername as well as hostnames in your SSL certificates)
* Make also sure that your keystore or cert is a client certificate (not a node certificate) and configured properly in elasticsearch.yml
* If this is not working, try running sgadmin.sh with --diagnose and see diagnose trace log file)
* Add --accept-red-cluster to allow sgadmin to operate on a red cluster.
My cluster are correctly started, in ES log it says:
[2017-11-08T15:54:55,354][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] sslTransport protocols [TLSv1.2, TLSv1.1]
[2017-11-08T15:54:55,354][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] sslHTTP protocols [TLSv1.2, TLSv1.1]
[2017-11-08T15:54:55,356][INFO ][o.e.p.PluginsService ] [node_1] loaded module [aggs-matrix-stats]
[2017-11-08T15:54:55,357][INFO ][o.e.p.PluginsService ] [node_1] loaded module [ingest-common]
[2017-11-08T15:54:55,357][INFO ][o.e.p.PluginsService ] [node_1] loaded module [lang-expression]
[2017-11-08T15:54:55,357][INFO ][o.e.p.PluginsService ] [node_1] loaded module [lang-groovy]
[2017-11-08T15:54:55,357][INFO ][o.e.p.PluginsService ] [node_1] loaded module [lang-mustache]
[2017-11-08T15:54:55,357][INFO ][o.e.p.PluginsService ] [node_1] loaded module [lang-painless]
[2017-11-08T15:54:55,357][INFO ][o.e.p.PluginsService ] [node_1] loaded module [parent-join]
[2017-11-08T15:54:55,357][INFO ][o.e.p.PluginsService ] [node_1] loaded module [percolator]
[2017-11-08T15:54:55,357][INFO ][o.e.p.PluginsService ] [node_1] loaded module [reindex]
[2017-11-08T15:54:55,357][INFO ][o.e.p.PluginsService ] [node_1] loaded module [transport-netty3]
[2017-11-08T15:54:55,357][INFO ][o.e.p.PluginsService ] [node_1] loaded module [transport-netty4]
[2017-11-08T15:54:55,363][INFO ][o.e.p.PluginsService ] [node_1] loaded plugin [search-guard-5]
[2017-11-08T15:54:59,119][DEBUG][o.e.a.ActionModule ] Using REST wrapper from plugin com.floragunn.searchguard.SearchGuardPlugin
[2017-11-08T15:54:59,193][INFO ][c.f.s.SearchGuardPlugin ] FLS/DLS valve not bound (noop) due to java.lang.ClassNotFoundException: com.floragunn.searchguard.configuration.DlsFlsValveImpl
[2017-11-08T15:54:59,194][INFO ][c.f.s.SearchGuardPlugin ] Auditlog not available due to java.lang.ClassNotFoundException: com.floragunn.searchguard.auditlog.impl.AuditLogImpl
[2017-11-08T15:54:59,196][INFO ][c.f.s.SearchGuardPlugin ] Privileges interceptor not bound (noop) due to java.lang.ClassNotFoundException: com.floragunn.searchguard.configuration.PrivilegesInterceptorImpl
[2017-11-08T15:54:59,660][INFO ][o.e.d.DiscoveryModule ] [node_1] using discovery type [zen]
[2017-11-08T15:55:00,694][INFO ][o.e.n.Node ] [node_1] initialized
[2017-11-08T15:55:00,695][INFO ][o.e.n.Node ] [node_1] starting ...
[2017-11-08T15:55:01,017][INFO ][o.e.t.TransportService ] [node_1] publish_address {host:9300}, bound_addresses {host:9300}
[2017-11-08T15:55:01,038][INFO ][o.e.b.BootstrapChecks ] [node_1] bound or publishing to a non-loopback or non-link-local address, enforcing bootstrap checks
[2017-11-08T15:55:01,052][INFO ][c.f.s.c.IndexBaseConfigurationRepository] Check if searchguard index exists ...
[2017-11-08T15:55:01,058][DEBUG][o.e.a.a.i.e.i.TransportIndicesExistsAction] [node_1] no known master node, scheduling a retry
[2017-11-08T15:55:04,143][INFO ][o.e.c.s.ClusterService ] [node_1] new_master {node_1}{aN2lbPkJSHWWFTllDhVeNQ}{NYFK1tN7SjC_41uRabKqRw}{mongodb-rec3.ib.fr.cly}{host:9300}, reason: zen-disco-elected-as-master ([0] nodes joined)
[2017-11-08T15:55:04,250][INFO ][c.f.s.h.SearchGuardHttpServerTransport] [node_1] publish_address {host:9200}, bound_addresses {host:9200}
[2017-11-08T15:55:04,251][INFO ][o.e.n.Node ] [node_1] started
[2017-11-08T15:55:04,542][INFO ][o.e.g.GatewayService ] [node_1] recovered [3] indices into cluster_state
[2017-11-08T15:55:05,353][INFO ][o.e.c.r.a.AllocationService] [node_1] Cluster health status changed from [RED] to [YELLOW] (reason: [shards started [[fs][4]] ...]).
[2017-11-08T15:55:05,465][INFO ][c.f.s.c.IndexBaseConfigurationRepository] Node 'node_1' initialized
But wihle trying to send request http://host:9200 i am getting the following error
[2017-11-08T16:09:10,954][WARN ][c.f.s.h.SearchGuardHttpServerTransport] [node_1] Someone (/host:46422) speaks http plaintext instead of ssl, will close the channel

There are tow different issues here.
First, you try to connect to the HTTP port with sgadmin, but sgadmin uses the transport port. So, instead of:
-p 9200
You need to use the transport port:
-p 9300
You can also omit this setting, since 9300 is the default.
Then, you try to connect to Elasticsearch with http: http://host:9200
But most likely you have HTTPS configured in elasticsearch.yml, that's why the HTTP connection fails, and that's what the error message says:
Someone (/host:46422) speaks http plaintext instead of ssl, will close the channel
So either connect with HTTPS instead of HTTP, or disable HTTPs in elasticsearch.yml (not recommended since insecure):
searchguard.ssl.http.enabled: false
You can also find a troubleshooting article in the docs: http://docs.search-guard.com/latest/troubleshooting-sgadmin

Unable to open Elasticsearch-head plugin – v2.1.1

I am trying to open the elasticsearch-head plugin with this URL http://vmname:9200/_plugin/head, but no luck, i am getting ‘This web page is not available’.
Need your help to fix this, not sure whether I am missing something here.
Please find the details of the environment below,
Elasticsearch version: 2.1.1
Plugins: elasticsearch-head
JAVA: java version "1.7.0_05"
OS: Linux 2.6.32-220.el6.x86_64
Plugin installation Logs:
[esearch#vmname bin]$ ./plugin install mobz/elasticsearch-head url http://github.com/mobz/elasticsearch-head/archive/master.zip
-> Installing mobz/elasticsearch-head...
Trying https://github.com/mobz/elasticsearch-head/archive/master.zip ...
Downloading ..................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................DONE
Verifying https://github.com/mobz/elasticsearch-head/archive/master.zip checksums if available ...
NOTE: Unable to verify checksum for downloaded plugin (unable to find .sha1 or .md5 file to verify)
Installed head into /opt/elasticsearch-2.1.1/plugins/head
ElasticSearch logs:
[esearch#vmname bin]$ ./elasticsearch
[2015-12-26 12:51:19,953][WARN ][bootstrap ] unable to install syscall filter: prctl(PR_GET_NO_NEW_PRIVS): Invalid argument
[2015-12-26 12:51:20,536][INFO ][node ] [Gatecrasher] version[2.1.1], pid[19215], build[40e2c53/2015-12-15T13:05:55Z]
[2015-12-26 12:51:20,536][INFO ][node ] [Gatecrasher] initializing ...
[2015-12-26 12:51:20,825][INFO ][plugins ] [Gatecrasher] loaded [], sites [head]
[2015-12-26 12:51:20,869][INFO ][env ] [Gatecrasher] using [1] data paths, mounts [[/ (/dev/sda3)]], net usable_space [4.8gb], net total_space [27.3gb], spins? [possibly], types [ext3]
[2015-12-26 12:51:24,514][INFO ][node ] [Gatecrasher] initialized
[2015-12-26 12:51:24,514][INFO ][node ] [Gatecrasher] starting ...
[2015-12-26 12:51:24,646][INFO ][transport ] [Gatecrasher] publish_address {127.0.0.1:9300}, bound_addresses {127.0.0.1:9300}, {[::1]:9300}
[2015-12-26 12:51:24,669][INFO ][discovery ] [Gatecrasher] elasticsearch/NhlBGx_kTiq7JeeEPihz2w
[2015-12-26 12:51:27,728][INFO ][cluster.service ] [Gatecrasher] new_master {Gatecrasher}{NhlBGx_kTiq7JeeEPihz2w}{127.0.0.1}{127.0.0.1:9300}, reason: zen-disco-join(elected_as_master, [0] joins received)
[2015-12-26 12:51:27,751][INFO ][http ] [Gatecrasher] publish_address {127.0.0.1:9200}, bound_addresses {127.0.0.1:9200}, {[::1]:9200}
[2015-12-26 12:51:27,751][INFO ][node ] [Gatecrasher] started
[2015-12-26 12:51:27,850][INFO ][gateway ] [Gatecrasher] recovered [0] indices into cluster_state
Please let me know if you need any additional information.
I am able to access the head plugin in Windows 7 without any issue, but I can't able to access the same in Linux.
EDITED...................................
Port 9200 is not reachable from outside,
[root# newvm ~]# nc -vz vmname 9200
nc: connect to vmname port 9200 (tcp) failed: Connection refused
Whereas the port is LISTENING with in the VM,
[root#vmname ~]# nc -vz vmname 9200
Connection to vmname 9200 port [tcp/wap-wsp] succeeded!
[root# vmname ~]# netstat -nat | grep :9200
tcp 0 0 ::1:9200 :::* LISTEN
tcp 0 0 ::ffff:127.0.0.1:9200 :::* LISTEN
I have disabled the firewall and tried, but the issue still exits!
[root# vmname ~]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination

You currently have elasticsearch configured to only listen on localhost
You might want to try adding to your elasticsearch.yml the following
network.host: [networkInterface]
NOTE: This WILL make your cluster listen on public interfaces, so you'l want to bring that firewall back up and restrict access.

make sure plugins directory has sufficient permission for elasticsearch to server the plugin files:
sudo chown -R elasticsearch. /usr/share/elasticsearch

Resources