Develop Reference

I have setup the ElasticSearch on my ubuntu but when i try to run sudo systemctl start elasticsearch.service i got an error

Error:
Job for elasticsearch.service failed because the control process exited with error code.
sudo systemctl status elasticsearch.service:
elasticsearch.service - Elasticsearch
Loaded: loaded (/lib/systemd/system/elasticsearch.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Fri 2022-10-14 02:30:18 PKT; 4min 51s ago
/var/log/elasticsearch/elasticsearch.log:
org.elasticsearch.ElasticsearchSecurityException: invalid configuration for xpack.security.transport.ssl - [xpack.security.transport.ssl.enabled] is >
at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:67) ~[elasticsearch-8.4.3.jar:?]
etc/elasticsearch/elasticsearch.yml:
======================== Elasticsearch Configuration =========================
NOTE: Elasticsearch comes with reasonable defaults for most settings.
Before you set out to tweak and tune the configuration, make sure you
understand what are you trying to accomplish and the consequences.
The primary way of configuring a node is via this file. This template lists
the most important settings you may want to configure for a production cluster.
Please consult the documentation for further information on configuration options:
https://www.elastic.co/guide/en/elasticsearch/reference/index.html
---------------------------------- Cluster ----------------------------------
Use a descriptive name for your cluster:
cluster.name: my-application
------------------------------------ Node ------------------------------------
Use a descriptive name for the node:
node.name: node-1
Add custom attributes to the node:
node.attr.rack: r1
----------------------------------- Paths ------------------------------------
Path to directory where to store the data (separate multiple locations by comma):
path.data: /var/lib/elasticsearch
Path to log files:
path.logs: /var/log/elasticsearch
----------------------------------- Memory -----------------------------------
Lock the memory on startup:
bootstrap.memory_lock: true
Make sure that the heap size is set to about half the memory available
on the system and that the owner of the process is allowed to use this
limit.
Elasticsearch performs poorly when the system is swapping the memory.
---------------------------------- Network -----------------------------------
By default Elasticsearch is only accessible on localhost. Set a different
address here to expose this node on the network:
network.host: localhost
By default Elasticsearch listens for HTTP traffic on the first free port it
finds starting at 9200. Set a specific HTTP port here:
http.port: 9200
For more information, consult the network module documentation.
--------------------------------- Discovery ----------------------------------
Pass an initial list of hosts to perform discovery when this node is started:
The default list of hosts is ["127.0.0.1", "[::1]"]
discovery.seed_hosts: ["host1", "host2"]
Bootstrap the cluster using an initial set of master-eligible nodes:
cluster.initial_master_nodes: ["node-1", "node-2"]
For more information, consult the discovery and cluster formation module documentation.
--------------------------------- Readiness ----------------------------------
Enable an unauthenticated TCP readiness endpoint on localhost
readiness.port: 9399
---------------------------------- Various -----------------------------------
Allow wildcard deletion of indices:
action.destructive_requires_name: false

Kibana Error: Kibana server is not ready yet

i have installed Elasticsearch 8 and Kibana 8 in Ubuntu and all configs are right.
elasticsearch url works correctly by loading url: http://localhost:9200 :
{
"name": "node-1",
"cluster_name": "my-application",
"cluster_uuid": "0smulADyTDG3jNeg3fwMGg",
"version": {
"number": "8.4.3",
"build_flavor": "default",
"build_type": "deb",
"build_hash": "42f05b9372a9a4a470db3b52817899b99a76ee73",
"build_date": "2022-10-04T07:17:24.662462378Z",
"build_snapshot": false,
"lucene_version": "9.3.0",
"minimum_wire_compatibility_version": "7.17.0",
"minimum_index_compatibility_version": "7.0.0"
},
"tagline": "You Know, for Search"
}
but i have (Kibana server is not ready yet) error by loading kibana url: http://localhost:5601
my elasticsearch.yml:
# ======================== Elasticsearch Configuration =========================
#
# NOTE: Elasticsearch comes with reasonable defaults for most settings.
# Before you set out to tweak and tune the configuration, make sure you
# understand what are you trying to accomplish and the consequences.
#
# The primary way of configuring a node is via this file. This template lists
# the most important settings you may want to configure for a production cluster.
#
# Please consult the documentation for further information on configuration options:
# https://www.elastic.co/guide/en/elasticsearch/reference/index.html
#
# ---------------------------------- Cluster -----------------------------------
#
# Use a descriptive name for your cluster:
#
cluster.name: my-application
#
# ------------------------------------ Node ------------------------------------
#
# Use a descriptive name for the node:
#
node.name: node-1
#
# Add custom attributes to the node:
#
#node.attr.rack: r1
#
# ----------------------------------- Paths ------------------------------------
#
# Path to directory where to store the data (separate multiple locations by comma):
#
path.data: /var/lib/elasticsearch
#
# Path to log files:
#
path.logs: /var/log/elasticsearch
#
# ----------------------------------- Memory -----------------------------------
#
# Lock the memory on startup:
#
#bootstrap.memory_lock: true
#
# Make sure that the heap size is set to about half the memory available
# on the system and that the owner of the process is allowed to use this
# limit.
#
# Elasticsearch performs poorly when the system is swapping the memory.
#
# ---------------------------------- Network -----------------------------------
#
# By default Elasticsearch is only accessible on localhost. Set a different
# address here to expose this node on the network:
#
network.host: localhost
#
# By default Elasticsearch listens for HTTP traffic on the first free port it
# finds starting at 9200. Set a specific HTTP port here:
#
#http.port: 9200
#
# For more information, consult the network module documentation.
#
# --------------------------------- Discovery ----------------------------------
#
# Pass an initial list of hosts to perform discovery when this node is started:
# The default list of hosts is ["127.0.0.1", "[::1]"]
#
#discovery.seed_hosts: ["host1", "host2"]
#
# Bootstrap the cluster using an initial set of master-eligible nodes:
#
#cluster.initial_master_nodes: ["node-1", "node-2"]
#
# For more information, consult the discovery and cluster formation module documentation.
#
# --------------------------------- Readiness ----------------------------------
#
# Enable an unauthenticated TCP readiness endpoint on localhost
#
#readiness.port: 9399
#
# ---------------------------------- Various -----------------------------------
#
# Allow wildcard deletion of indices:
#
#action.destructive_requires_name: false
and my kibana.yml:
# For more configuration options see the configuration guide for Kibana in
# https://www.elastic.co/guide/index.html
# =================== System: Kibana Server ===================
# Kibana is served by a back end server. This setting specifies the port to use.
server.port: 5601
# Specifies the address to which the Kibana server will bind. IP addresses and host names are both valid values.
# The default is 'localhost', which usually means remote machines will not be able to connect.
# To allow connections from remote users, set this parameter to a non-loopback address.
server.host: "localhost"
# Enables you to specify a path to mount Kibana at if you are running behind a proxy.
# Use the `server.rewriteBasePath` setting to tell Kibana if it should remove the basePath
# from requests it receives, and to prevent a deprecation warning at startup.
# This setting cannot end in a slash.
#server.basePath: ""
# Specifies whether Kibana should rewrite requests that are prefixed with
# `server.basePath` or require that they are rewritten by your reverse proxy.
# Defaults to `false`.
#server.rewriteBasePath: false
# Specifies the public URL at which Kibana is available for end users. If
# `server.basePath` is configured this URL should end with the same basePath.
#server.publicBaseUrl: ""
# The maximum payload size in bytes for incoming server requests.
#server.maxPayload: 1048576
# The Kibana server's name. This is used for display purposes.
#server.name: "your-hostname"
# =================== System: Kibana Server (Optional) ===================
# Enables SSL and paths to the PEM-format SSL certificate and SSL key files, respectively.
# These settings enable SSL for outgoing requests from the Kibana server to the browser.
#server.ssl.enabled: false
#server.ssl.certificate: /path/to/your/server.crt
#server.ssl.key: /path/to/your/server.key
# =================== System: Elasticsearch ===================
# The URLs of the Elasticsearch instances to use for all your queries.
#elasticsearch.hosts: ["http://localhost:9200"]
# If your Elasticsearch is protected with basic authentication, these settings provide
# the username and password that the Kibana server uses to perform maintenance on the Kibana
# index at startup. Your Kibana users still need to authenticate with Elasticsearch, which
# is proxied through the Kibana server.
#elasticsearch.username: "kibana_system"
#elasticsearch.password: "pass"
# Kibana can also authenticate to Elasticsearch via "service account tokens".
# Service account tokens are Bearer style tokens that replace the traditional username/password based configuration.
# Use this token instead of a username/password.
# elasticsearch.serviceAccountToken: "my_token"
# Time in milliseconds to wait for Elasticsearch to respond to pings. Defaults to the value of
# the elasticsearch.requestTimeout setting.
#elasticsearch.pingTimeout: 1500
# Time in milliseconds to wait for responses from the back end or Elasticsearch. This value
# must be a positive integer.
#elasticsearch.requestTimeout: 30000
# The maximum number of sockets that can be used for communications with elasticsearch.
# Defaults to `Infinity`.
#elasticsearch.maxSockets: 1024
# Specifies whether Kibana should use compression for communications with elasticsearch
# Defaults to `false`.
#elasticsearch.compression: false
# List of Kibana client-side headers to send to Elasticsearch. To send *no* client-side
# headers, set this value to [] (an empty list).
#elasticsearch.requestHeadersWhitelist: [ authorization ]
# Header names and values that are sent to Elasticsearch. Any custom headers cannot be overwritten
# by client-side headers, regardless of the elasticsearch.requestHeadersWhitelist configuration.
#elasticsearch.customHeaders: {}
# Time in milliseconds for Elasticsearch to wait for responses from shards. Set to 0 to disable.
#elasticsearch.shardTimeout: 30000
# =================== System: Elasticsearch (Optional) ===================
# These files are used to verify the identity of Kibana to Elasticsearch and are required when
# xpack.security.http.ssl.client_authentication in Elasticsearch is set to required.
#elasticsearch.ssl.certificate: /path/to/your/client.crt
#elasticsearch.ssl.key: /path/to/your/client.key
# Enables you to specify a path to the PEM file for the certificate
# authority for your Elasticsearch instance.
#elasticsearch.ssl.certificateAuthorities: [ "/path/to/your/CA.pem" ]
# To disregard the validity of SSL certificates, change this setting's value to 'none'.
#elasticsearch.ssl.verificationMode: full
# =================== System: Logging ===================
# Set the value of this setting to off to suppress all logging output, or to debug to log everything. Defaults to 'info'
#logging.root.level: debug
# Enables you to specify a file where Kibana stores log output.
logging:
appenders:
file:
type: file
fileName: /var/log/kibana/kibana.log
layout:
type: json
root:
appenders:
- default
- file
# layout:
# type: json
# Logs queries sent to Elasticsearch.
#logging.loggers:
# - name: elasticsearch.query
# level: debug
# Logs http responses.
#logging.loggers:
# - name: http.server.response
# level: debug
# Logs system usage information.
#logging.loggers:
# - name: metrics.ops
# level: debug
# =================== System: Other ===================
# The path where Kibana stores persistent data not saved in Elasticsearch. Defaults to data
#path.data: data
# Specifies the path where Kibana creates the process ID file.
pid.file: /run/kibana/kibana.pid
# Set the interval in milliseconds to sample system and process performance
# metrics. Minimum is 100ms. Defaults to 5000ms.
#ops.interval: 5000
# Specifies locale to be used for all localizable strings, dates and number formats.
# Supported languages are the following: English (default) "en", Chinese "zh-CN", Japanese "ja-JP", French "fr-FR".
#i18n.locale: "en"
# =================== Frequently used (Optional)===================
# =================== Saved Objects: Migrations ===================
# Saved object migrations run at startup. If you run into migration-related issues, you might need to adjust these settings.
# The number of documents migrated at a time.
# If Kibana can't start up or upgrade due to an Elasticsearch `circuit_breaking_exception`,
# use a smaller batchSize value to reduce the memory pressure. Defaults to 1000 objects per batch.
#migrations.batchSize: 1000
# The maximum payload size for indexing batches of upgraded saved objects.
# To avoid migrations failing due to a 413 Request Entity Too Large response from Elasticsearch.
# This value should be lower than or equal to your Elasticsearch cluster’s `http.max_content_length`
# configuration option. Default: 100mb
#migrations.maxBatchSizeBytes: 100mb
# The number of times to retry temporary migration failures. Increase the setting
# if migrations fail frequently with a message such as `Unable to complete the [...] step after
# 15 attempts, terminating`. Defaults to 15
#migrations.retryAttempts: 15
# =================== Search Autocomplete ===================
# Time in milliseconds to wait for autocomplete suggestions from Elasticsearch.
# This value must be a whole number greater than zero. Defaults to 1000ms
#unifiedSearch.autocomplete.valueSuggestions.timeout: 1000
# Maximum number of documents loaded by each shard to generate autocomplete suggestions.
# This value must be a whole number greater than zero. Defaults to 100_000
#unifiedSearch.autocomplete.valueSuggestions.terminateAfter: 100000
Kibana Log:
{"service":{"node":{"roles":["background_tasks","ui"]}},"ecs":{"version":"8.4.0"},"#timestamp":"2022-11-03T08:59:20.411+03:30","message":"Kibana process configured with roles: [background_tasks, ui]","log":{"level":"INFO","logger":"node"},"process":{"pid":19085},"trace":{"id":"c6ea68fa3419d0f3b516d7a5384405e5"},"transaction":{"id":"7541ff0f36063377"}}
{"service":{"node":{"roles":["background_tasks","ui"]}},"ecs":{"version":"8.4.0"},"#timestamp":"2022-11-03T08:59:30.183+03:30","message":"http server running at http://localhost:5601","log":{"level":"INFO","logger":"http.server.Preboot"},"process":{"pid":19085},"trace":{"id":"c6ea68fa3419d0f3b516d7a5384405e5"},"transaction":{"id":"7541ff0f36063377"}}
{"service":{"node":{"roles":["background_tasks","ui"]}},"ecs":{"version":"8.4.0"},"#timestamp":"2022-11-03T08:59:30.225+03:30","message":"Setting up [1] plugins: [interactiveSetup]","log":{"level":"INFO","logger":"plugins-system.preboot"},"process":{"pid":19085},"trace":{"id":"c6ea68fa3419d0f3b516d7a5384405e5"},"transaction":{"id":"7541ff0f36063377"}}
{"service":{"node":{"roles":["background_tasks","ui"]}},"ecs":{"version":"8.4.0"},"#timestamp":"2022-11-03T08:59:30.228+03:30","message":"\"interactiveSetup\" plugin is holding setup: Validating Elasticsearch connection configuration…","log":{"level":"INFO","logger":"preboot"},"process":{"pid":19085},"trace":{"id":"c6ea68fa3419d0f3b516d7a5384405e5"},"transaction":{"id":"7541ff0f36063377"}}
{"service":{"node":{"roles":["background_tasks","ui"]}},"ecs":{"version":"8.4.0"},"#timestamp":"2022-11-03T08:59:30.264+03:30","message":"Holding setup until preboot stage is completed.","log":{"level":"INFO","logger":"root"},"process":{"pid":19085},"trace":{"id":"c6ea68fa3419d0f3b516d7a5384405e5"},"transaction":{"id":"7541ff0f36063377"}}
{"service":{"node":{"roles":["background_tasks","ui"]}},"ecs":{"version":"8.4.0"},"#timestamp":"2022-11-03T08:59:30.316+03:30","message":"The default mechanism for Reporting privileges will work differently in future versions, which will affect the behavior of this cluster. Set \"xpack.reporting.roles.enabled\" to \"false\" to adopt the future behavior before upgrading.","log":{"level":"WARN","logger":"config.deprecation"},"process":{"pid":19085},"trace":{"id":"16dd4b7458247a11c4ea203116264222"},"transaction":{"id":"c4c9d814a9603b7d"}}
{"service":{"node":{"roles":["background_tasks","ui"]}},"ecs":{"version":"8.4.0"},"#timestamp":"2022-11-03T08:59:30.534+03:30","message":"Setting up [121] plugins: [translations,monitoringCollection,licensing,globalSearch,globalSearchProviders,features,mapsEms,licenseApiGuard,usageCollection,taskManager,telemetryCollectionManager,telemetryCollectionXpack,kibanaUsageCollection,share,embeddable,uiActionsEnhanced,screenshotMode,banners,newsfeed,fieldFormats,expressions,dataViews,charts,esUiShared,customIntegrations,home,searchprofiler,painlessLab,grokdebugger,management,advancedSettings,spaces,security,lists,encryptedSavedObjects,cloud,snapshotRestore,screenshotting,telemetry,licenseManagement,eventLog,actions,console,bfetch,data,watcher,reporting,fileUpload,ingestPipelines,alerting,unifiedSearch,savedObjects,graph,savedObjectsTagging,savedObjectsManagement,presentationUtil,expressionShape,expressionRevealImage,expressionRepeatImage,expressionMetric,expressionImage,controls,eventAnnotation,dataViewFieldEditor,triggersActionsUi,transform,stackAlerts,ruleRegistry,discover,fleet,indexManagement,remoteClusters,crossClusterReplication,indexLifecycleManagement,cloudSecurityPosture,discoverEnhanced,aiops,visualizations,canvas,visTypeXy,visTypeVislib,visTypeVega,visTypeTimeseries,rollup,visTypeTimelion,visTypeTagcloud,visTypeTable,visTypeMetric,visTypeHeatmap,visTypeMarkdown,dashboard,dashboardEnhanced,expressionXY,expressionTagcloud,expressionPartitionVis,visTypePie,expressionMetricVis,expressionLegacyMetricVis,expressionHeatmap,expressionGauge,lens,osquery,maps,dataVisualizer,ml,cases,timelines,sessionView,kubernetesSecurity,securitySolution,visTypeGauge,sharedUX,observability,synthetics,infra,upgradeAssistant,monitoring,logstash,enterpriseSearch,apm,dataViewManagement]","log":{"level":"INFO","logger":"plugins-system.standard"},"process":{"pid":19085},"trace":{"id":"16dd4b7458247a11c4ea203116264222"},"transaction":{"id":"c4c9d814a9603b7d"}}
{"service":{"node":{"roles":["background_tasks","ui"]}},"ecs":{"version":"8.4.0"},"#timestamp":"2022-11-03T08:59:30.557+03:30","message":"TaskManager is identified by the Kibana UUID: a8d17e19-ba6f-4036-a256-02c589aa4248","log":{"level":"INFO","logger":"plugins.taskManager"},"process":{"pid":19085},"trace":{"id":"16dd4b7458247a11c4ea203116264222"},"transaction":{"id":"c4c9d814a9603b7d"}}
{"service":{"node":{"roles":["background_tasks","ui"]}},"ecs":{"version":"8.4.0"},"#timestamp":"2022-11-03T08:59:30.650+03:30","message":"Generating a random key for xpack.security.encryptionKey. To prevent sessions from being invalidated on restart, please set xpack.security.encryptionKey in the kibana.yml or use the bin/kibana-encryption-keys command.","log":{"level":"WARN","logger":"plugins.security.config"},"process":{"pid":19085},"trace":{"id":"16dd4b7458247a11c4ea203116264222"},"transaction":{"id":"c4c9d814a9603b7d"}}
{"service":{"node":{"roles":["background_tasks","ui"]}},"ecs":{"version":"8.4.0"},"#timestamp":"2022-11-03T08:59:30.651+03:30","message":"Session cookies will be transmitted over insecure connections. This is not recommended.","log":{"level":"WARN","logger":"plugins.security.config"},"process":{"pid":19085},"trace":{"id":"16dd4b7458247a11c4ea203116264222"},"transaction":{"id":"c4c9d814a9603b7d"}}
{"service":{"node":{"roles":["background_tasks","ui"]}},"ecs":{"version":"8.4.0"},"#timestamp":"2022-11-03T08:59:30.683+03:30","message":"Generating a random key for xpack.security.encryptionKey. To prevent sessions from being invalidated on restart, please set xpack.security.encryptionKey in the kibana.yml or use the bin/kibana-encryption-keys command.","log":{"level":"WARN","logger":"plugins.security.config"},"process":{"pid":19085},"trace":{"id":"16dd4b7458247a11c4ea203116264222"},"transaction":{"id":"c4c9d814a9603b7d"}}
{"service":{"node":{"roles":["background_tasks","ui"]}},"ecs":{"version":"8.4.0"},"#timestamp":"2022-11-03T08:59:30.683+03:30","message":"Session cookies will be transmitted over insecure connections. This is not recommended.","log":{"level":"WARN","logger":"plugins.security.config"},"process":{"pid":19085},"trace":{"id":"16dd4b7458247a11c4ea203116264222"},"transaction":{"id":"c4c9d814a9603b7d"}}
{"service":{"node":{"roles":["background_tasks","ui"]}},"ecs":{"version":"8.4.0"},"#timestamp":"2022-11-03T08:59:30.692+03:30","message":"Saved objects encryption key is not set. This will severely limit Kibana functionality. Please set xpack.encryptedSavedObjects.encryptionKey in the kibana.yml or use the bin/kibana-encryption-keys command.","log":{"level":"WARN","logger":"plugins.encryptedSavedObjects"},"process":{"pid":19085},"trace":{"id":"16dd4b7458247a11c4ea203116264222"},"transaction":{"id":"c4c9d814a9603b7d"}}
{"service":{"node":{"roles":["background_tasks","ui"]}},"ecs":{"version":"8.4.0"},"#timestamp":"2022-11-03T08:59:30.711+03:30","message":"APIs are disabled because the Encrypted Saved Objects plugin is missing encryption key. Please set xpack.encryptedSavedObjects.encryptionKey in the kibana.yml or use the bin/kibana-encryption-keys command.","log":{"level":"WARN","logger":"plugins.actions"},"process":{"pid":19085},"trace":{"id":"16dd4b7458247a11c4ea203116264222"},"transaction":{"id":"c4c9d814a9603b7d"}}
{"service":{"node":{"roles":["background_tasks","ui"]}},"ecs":{"version":"8.4.0"},"#timestamp":"2022-11-03T08:59:30.823+03:30","message":"Generating a random key for xpack.reporting.encryptionKey. To prevent sessions from being invalidated on restart, please set xpack.reporting.encryptionKey in the kibana.yml or use the bin/kibana-encryption-keys command.","log":{"level":"WARN","logger":"plugins.reporting.config"},"process":{"pid":19085},"trace":{"id":"16dd4b7458247a11c4ea203116264222"},"transaction":{"id":"c4c9d814a9603b7d"}}
{"service":{"node":{"roles":["background_tasks","ui"]}},"ecs":{"version":"8.4.0"},"#timestamp":"2022-11-03T08:59:30.830+03:30","message":"APIs are disabled because the Encrypted Saved Objects plugin is missing encryption key. Please set xpack.encryptedSavedObjects.encryptionKey in the kibana.yml or use the bin/kibana-encryption-keys command.","log":{"level":"WARN","logger":"plugins.alerting"},"process":{"pid":19085},"trace":{"id":"16dd4b7458247a11c4ea203116264222"},"transaction":{"id":"c4c9d814a9603b7d"}}
{"service":{"node":{"roles":["background_tasks","ui"]}},"ecs":{"version":"8.4.0"},"#timestamp":"2022-11-03T08:59:30.884+03:30","message":"Installing common resources shared between all indices","log":{"level":"INFO","logger":"plugins.ruleRegistry"},"process":{"pid":19085},"trace":{"id":"16dd4b7458247a11c4ea203116264222"},"transaction":{"id":"c4c9d814a9603b7d"}}
{"service":{"node":{"roles":["background_tasks","ui"]}},"ecs":{"version":"8.4.0"},"#timestamp":"2022-11-03T08:59:30.928+03:30","message":"Registered task successfully [Task: cloud_security_posture-stats_task]","log":{"level":"INFO","logger":"plugins.cloudSecurityPosture"},"process":{"pid":19085},"trace":{"id":"16dd4b7458247a11c4ea203116264222"},"transaction":{"id":"c4c9d814a9603b7d"}}
{"service":{"node":{"roles":["background_tasks","ui"]}},"ecs":{"version":"8.4.0"},"#timestamp":"2022-11-03T08:59:31.608+03:30","message":"Chromium sandbox provides an additional layer of protection, and is supported for Linux Ubuntu 20.04 OS. Automatically enabling Chromium sandbox.","log":{"level":"INFO","logger":"plugins.screenshotting.config"},"process":{"pid":19085},"trace":{"id":"16dd4b7458247a11c4ea203116264222"},"transaction":{"id":"c4c9d814a9603b7d"}}
{"service":{"node":{"roles":["background_tasks","ui"]}},"ecs":{"version":"8.4.0"},"#timestamp":"2022-11-03T08:59:31.656+03:30","message":"Unable to retrieve version information from Elasticsearch nodes. security_exception: [security_exception] Reason: missing authentication credentials for REST request [/_nodes?filter_path=nodes.*.version%2Cnodes.*.http.publish_address%2Cnodes.*.ip]","log":{"level":"ERROR","logger":"elasticsearch-service"},"process":{"pid":19085},"trace":{"id":"16dd4b7458247a11c4ea203116264222"},"transaction":{"id":"c4c9d814a9603b7d"}}
{"service":{"node":{"roles":["background_tasks","ui"]}},"ecs":{"version":"8.4.0"},"#timestamp":"2022-11-03T08:59:32.236+03:30","message":"Browser executable: /usr/share/kibana/x-pack/plugins/screenshotting/chromium/headless_shell-linux_x64/headless_shell","log":{"level":"INFO","logger":"plugins.screenshotting.chromium"},"process":{"pid":19085},"trace":{"id":"16dd4b7458247a11c4ea203116264222"},"transaction":{"id":"c4c9d814a9603b7d"}}

You have to uncomment the following line in kibana.yml
elasticsearch.hosts: ["http://localhost:9200"]

why Elasticsearch still complains about bootstrap checks failed

Installed ElasticSearch 7.3.0 on Ubuntu 18.04. Was able to start it in development mode. Now I want to connect to ES remotely from another machine, so I changed the configuration in elasticsearch.yml and tried to start it in production mode (although there's still only one ES machine). Below is my elasticsearch.yml file:
However, everytime after I run the 'sudo systemctl start elasticsearch.service' command, the elasticsearch gave me this warning "the default discovery settings are unsuitable for production use: at least one of [discovery.seed_hosts, discovery.seed_providers, cluster.initial_master_nodes] must be configured".
As you can see in the first image, I do configure the cluster.initial_master_nodes correctly. So what did I miss here?
---Updates-------------------------------------------------------------------------------------------------------------------
I just realized that no matter how many times I tried to restart the elasticsearch service, for some reason it is not updating the log file. As you can see the timestamp for the last log is 2019-08-10, which is yesterday. I am pretty sure I restarted the service this morning several times and today is 2019-08-11. P.S. I am in UTC-8 timezone.

I fixe the issue.
Edit elasticsearch.yml
Make following changes / updates:
Cluster Section - uncomment cluster.name:
Give the cluster a name. I named mine ELK, but you can use whatever you want to name the cluster.
Note: you don't have to technically run a cluster for this to work...
Node Section - uncomment node.name: & cluster.initial_master_nodes:
Give the node a name. I named mine ES1, but you can use whatever you want to name the node.
Discovery Host Section - uncomment discovery.seed_hosts:
Enter the node.name. I entered ["ES1"] for both line items.
Save the config file
Start elasticsearch.service

The answer by user1496433 works. Here's the full yml file in case it's helpful to anyone:
# ======================== Elasticsearch Configuration =========================
#
# NOTE: Elasticsearch comes with reasonable defaults for most settings.
# Before you set out to tweak and tune the configuration, make sure you
# understand what are you trying to accomplish and the consequences.
#
# The primary way of configuring a node is via this file. This template lists
# the most important settings you may want to configure for a production cluster.
#
# Please consult the documentation for further information on configuration options:
# https://www.elastic.co/guide/en/elasticsearch/reference/index.html
#
# ---------------------------------- Cluster -----------------------------------
#
# Use a descriptive name for your cluster:
#
cluster.name: dev-logs
#
# ------------------------------------ Node ------------------------------------
#
# Use a descriptive name for the node:
#
node.name: dev-logs-1
#
# Add custom attributes to the node:
#
#node.attr.rack: r1
#
# ----------------------------------- Paths ------------------------------------
#
# Path to directory where to store the data (separate multiple locations by comma):
#
#path.data: /path/to/data
#
# Path to log files:
#
#path.logs: /path/to/logs
#
# ----------------------------------- Memory -----------------------------------
#
# Lock the memory on startup:
#
#bootstrap.memory_lock: true
#
# Make sure that the heap size is set to about half the memory available
# on the system and that the owner of the process is allowed to use this
# limit.
#
# Elasticsearch performs poorly when the system is swapping the memory.
#
# ---------------------------------- Network -----------------------------------
#
# Set the bind address to a specific IP (IPv4 or IPv6):
#
network.host: 0.0.0.0
#
# Set a custom port for HTTP:
#
http.port: 9400
#
http.cors.enabled: true
http.cors.allow-origin: "*"
http.cors.allow-methods: OPTIONS, HEAD, GET, POST, PUT, DELETE
http.cors.allow-headers: "X-Requested-With,X-Auth-Token,Content-Type, Content-Length, Authorization"
# For more information, consult the network module documentation.
#
# --------------------------------- Discovery ----------------------------------
#
# Pass an initial list of hosts to perform discovery when this node is started:
# The default list of hosts is ["127.0.0.1", "[::1]"]
#
discovery.seed_hosts: ["dev-logs-1"]
#
# Bootstrap the cluster using an initial set of master-eligible nodes:
#
cluster.initial_master_nodes: ["dev-logs-1"]
#
# For more information, consult the discovery and cluster formation module documentation.
#
# ---------------------------------- Gateway -----------------------------------
#
# Block initial recovery after a full cluster restart until N nodes are started:
#
#gateway.recover_after_nodes: 3
#
# For more information, consult the gateway module documentation.
#
# ---------------------------------- Various -----------------------------------
#
# Require explicit names when deleting indices:
#
#action.destructive_requires_name: true

Logstash not sending data to elastic search when ran as a service

This is my config file stored at /etc/logstash/conf
input
{
file{
path => ["PATH_OF_FILE"]
}
}
output
{
elasticsearch
{
host => "172.29.86.35"
index => "new"
}
}
and this is my elasticsearch.yaml file content for network and http
\# Set the bind address specifically (IPv4 or IPv6):
\#network.bind_host: 172.29.86.35
\# Set the address other nodes will use to communicate with this node. If not
\# set, it is automatically derived. It must point to an actual IP address.
\#network.publish_host: 192.168.0.1
\# Set both 'bind_host' and 'publish_host':
network.host: 172.29.86.35
\# Set a custom port for the node to node communication (9300 by default):
\#transport.tcp.port: 9300
\# Enable compression for all communication between nodes (disabled by default):
\#transport.tcp.compress: true
\# Set a custom port to listen for HTTP traffic:
\#http.port: 9200
I am running elasticsearch and logstash as service.The problem is when I start log stash as a service it does not send any data to elasticsearch. However if I use the same config in the logstash conf file and run logstash from the CLI it works perfectly fine. Even the logs do not show any error.
The version I am running is 1.4.3 for ES and 1.4.2 for LS.
The system env is RHEL 7

I also have encountered same issue...
When I exec command using -f option, it works normally, but when I start service, nothing happen and log file under /etc/log stash never updated.
What I did as the temporary counter measure is to exec the command below(with & option)
Logstash if conffile.conf &
With this, it work even if I logout from server.

How to config Single node for Single Cluster (Standalone Cluster) ElasticSearch

I installed elastic search in my local machine, I want to configure it as the only one single node in the cluster(Standalone Server). it means whenever I create a new index, it will only available to my server. It will not be accessible to other's server.
My current scenario these indexes are available to other servers (the servers are formed in a cluster), and they can make any changes to my indexes. But I don't want it.
I went through some other blogs but not getting best solution. So can you please let me know steps for same?

I ve got the answer from http://elasticsearch-users.115913.n3.nabble.com/How-to-isolate-elastic-search-node-from-other-nodes-td3977389.html.
Kimchy : You set the node to local(true), this means it will not discover other nodes using network, only within the same JVM.
in elasticsearch/bin/elasticsearch.yml file
node.local: true # disable network
Updated for ES 7.x
in elasticsearch.yml
network.host: 0.0.0.0
discovery.type: single-node
and make sure you have cluster.initial_master_nodes off
# cluster.initial_master_nodes: ["node-1", "node-2"]
credited to #Chandan.

In elasticsearch.yml
# Note, that for development on a local machine, with small indices, it usually
# makes sense to "disable" the distributed features:
#
index.number_of_shards: 1
index.number_of_replicas: 0
Use the same configuration in your code.
Also to isolate the node use node.local: true or discovery.zen.ping.multicast: false

Here's relevant info for ElasticSearch 5:
According to changelog, to enable local mode on ES 5 you need to add transport.type: local to your elasticsearch.yml instead of node.local: true.

If you intend to run Elasticseach on a Single Node and be able to bind it to public IP, two important settings are:
network.host: <PRIVATE IP OF HOST>
discovery.type: single-node

If you're using a network transport in your code, this won't work, as node.local gives you a LocalTransport only:
http://www.elasticsearch.org/guide/en/elasticsearch/reference/current/modules-transport.html#_local_transport
The trick then is to set
discovery.zen.ping.multicast: false
in your elasticsearch.yml which will stop your node looking for any other nodes.
http://www.elasticsearch.org/guide/en/elasticsearch/reference/current/modules-discovery-zen.html#multicast
I'm not sure if this prevents other nodes from discovering yours though; I only needed this to affect a group of nodes with the same settings on the same network.

I wanted to do this without having to write/overwrite an elasticsearch.yml in my container. Here it is without a config file
Set an environment variable prior to starting elasticsearch:
discovery.type=single-node
https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html

In the config file, add:
network.host: 0.0.0.0 [in Network settings]
discovery.type: single-node [in Discovery and Cluster formation settings]

This solve your problem:
PUT /_all/_settings
{"index.number_of_replicas":0}
Tested with ES version 5.

All of these didn´t help me (and I sadly didn´t read the answer of bhdrkn). The thing that worked for me was to change elasticsearch´s cluster-name everytime I need to have a separate instance, where new nodes aren´t added automatically via multicast.
Just change cluster.name: {{ elasticsearch.clustername }} in elasticsearch.yml, e.g. via Ansible. This is particulary helpful, when building separate Stages like Dev, QA and Production (which is a standard usecase in enterprise-environments).
And if you´re using logstash to get your data into elasticsearch, don´t forget to put the same cluster-name into the output-section, like:
output {
elasticsearch {
cluster => "{{ elasticsearch.clustername }}"
}
}
Otherwise your "logstash-*"-index will not be build correctly...