I want to reset the ID and password of elasticsearch and kibana.
I tried to reset it, but an error occurred as below.
ubuntu#elk:/usr/share/elasticsearch/bin$ sudo ./elasticsearch-setup-passwords auto
error occured
Connection failure to: http://10.0.10.4:9200/_security/_authenticate?pretty failed: Connection refused
ERROR: Failed to connect to elasticsearch at http://10.0.10.4:9200/_security/_authenticate?pretty. Is the URL correct and elasticsearch running?
my elasticsearch.yml file
xpack.security.enabled: true
network.host: 0.0.0.0
http.port: 9200
discovery.type: single-node
my kibana.yml file
server.port: 5601
server.host: 0.0.0.0
elasticsearch.hosts: ["http://localhost:9200"]
elasticsearch.username: "elastic"
elasticsearch.password: "dlswp12"
#xpack.security.encryptionKey: "something_at_least_32_characters"
#xpack.security.sessionTimeout: 600000
#xpack.monitoring.enabled: false
how to xpack security(id & password) reset in elasticsearch?
Related
I am tring to configure kibana but I get flowing error
Couldn't configure Elastic Retry or update the kibana.yml file manually.
this is my /etc/kibana/kibana.yml
# Kibana is served by a back end server. This setting specifies the port to use.
server.port: 5601
server.host: '127.0.0.1'
kibana.index: ".kibana"
elasticsearch.username: "user"
#elasticsearch.password: "pass"
xpack.encryptedSavedObjects.encryptionKey: 706c88e045c127e21b81c902425cdb54
xpack.reporting.encryptionKey: d67296d7d4958bdd1594e965e6b97ab9
xpack.security.encryptionKey: d496d7cb6a5983c213f7902767069744
xpack.encryptedSavedObjects.encryptionKey: 706c88e045c127e21b81c902425cdb54
xpack.reporting.encryptionKey: d67296d7d4958bdd1594e965e6b97ab9
xpack.security.encryptionKey: d496d7cb6a5983c213f7902767069744
how can I fix this error???
pleas help me!!!!
I have installed elasticsearch 7.5.1 and the same version of Kibana. My es cluster seems fine, but Kibana is not able to connect to the elasticsearch.
Kiabana.yml is as below:
server.port: 5601
server.host: "<IP of the kibana instance>"
server.name: "<Name of the kibana instance>"
elasticsearch.hosts: [ "https://<IP of ES instance 1>:443" , "https://<IP of ES instance 2>:443" ]
elasticsearch.username: "<kibana_user>"
elasticsearch.password: "<kibana_user_password>"
server.ssl.enabled: true
server.ssl.certificate:
server.ssl.key:
xpack.security.enabled: true
xpack.reporting.kibanaServer.port: 443
xpack.reporting.kibanaServer.protocol: https
elasticsearch.ssl.certificateAuthorities: [ "" ]
elasticsearch.ssl.verificationMode: certificate
logging.dest: /etc/kibana/log/kibana.log
I have tried both kibana_oss and the non_oss, but I get the same error.
This can be happen if ES cluster master node has not set correctly.
Test ES cluster health first
curl <ES_IP:PORT>/_cluster/health?pretty
I just setup my xpack in elasticsearch 7.1.0
as below in elasticsearch.yml:
xpack.security.enabled: true
discovery.type: single-node
in my elasticsearch.yml
Then, i ran
>elasticsearch-setup-passwords interactive
and changed all my built-in user passwords.
this is the change i made in Kibana.yml
xpack.security.enabled: true
elasticsearch.username: "kibana"
elasticsearch.password: "password#123"
When i restarted Kibana,
i ws prompted with a username password page, where i gave
kibana/password#123 that i had set in my yml.
Im getting the below response:
{"statusCode":403,"error":"Forbidden","message":"Forbidden"}
Please help me out.
Resolution:
using "elastic" user account instead of kibana fixed this issue.
Configuring security in Kibana
To use Kibana with X-Pack security:
Update the following settings in the kibana.yml configuration file:
elasticsearch.username: "kibana"
elasticsearch.password: "kibanapassword"
Set the xpack.security.encryptionKey property in the kibana.yml configuration file.
xpack.security.encryptionKey: "something_at_least_32_characters"
Optional: Change the default session duration.
xpack.security.sessionTimeout: 600000
Restart Kibana.
Please follow this link using-kibana-with-security
I have a elasticsearch node running on a server. My application which is on different server trying to connect to elasticsearch on 9300 through TransportClient. But I am getting following error "Caused by: org.elasticsearch.client.transport.NoNodeAvailableException: None of the configured nodes are available: [{#transport#-1}{Ir-wPDBRR9umDbtoqGIp0A}{X.X.X.X}{X.X.X.X:9300}]".
And I am not able to connect to the elasticsearch server on 9300 port through telnet as well. Here are my elasticsearch.yml settings
transport.host: localhost
transport.tcp.port: 9300
http.port: 9200
network.host: 0.0.0.0
is there any setting I am missing to access the ES remotely?
Any help will be appriciated.
I have elasticsearch server running having indexes, say server XX.XXX.XXX.XXX:9200.
I have index in the server ES cluster XX.XXX.XXX.XXX:9200 for which I am trying to create dashboards in my localhost:5601 (Kibana)
In my kibana.yml I have this configuration:
server.port: 5601
server.host: "localhost"
# The URL of the Elasticsearch instance to use for all your queries.
elasticsearch.url: "http://XX.XXX.XXX.XXX:9200"
In Elasticsearch.yml I have this config:
network.host: 0.0.0.0 (to accept all the IPs)
http.port: 9200
But I am getting this error when running kibana.yml :
connect ECONNREFUSED http://XX.XXX.XXX.XXX:9200
Unable to connect to ElasticSearch at http://XX.XXX.XXX.XXX:9200
Can anyone tell me where am I doing wrong here to get the kibana up and running with the server index of ES?
In your kibana.yml put this configuration:
server.port: 5601
server.host: "0.0.0.0"