个人中心
文章发布
退出
作者热门文章
- html - 出于某种原因,IE8 对我的 Sass 文件中继承的 html5 CSS 不友好?
- JMeter 在响应断言中使用 span 标签的问题
- html - 在 :hover and :active? 上具有不同效果的 CSS 动画
- html - 相对于居中的 html 内容固定的 CSS 重复背景?
25
4
我刚刚下载了 ElasticSearch、LogStash 和 Kibana 5.3 版(直到几个小时前我还在使用 5.2.something)。我在每个 ELK 中都安装了 XPack。之后我不能再使用logstash了。
日志存储错误:
./logstash -f/log_to_elastic53.conf
...
[2017-04-06T19:25:55,704][WARN ][logstash.outputs.elasticsearch] Attempted to resurrect connection to dead ES instance, but got an error. {:url=>#<URI::HTTP:0x3c6582db URL:http://127.0.0.1:9200/>, :error_type=>LogStash::Outputs::ElasticSearch::HttpClient::Pool::BadResponseCodeError, :error=>"Got response code '401' contacting Elasticsearch at URL 'http://127.0.0.1:9200/'"}
input { stdin { } }
output {
elasticsearch { hosts => ["127.0.0.1:9200"] }
stdout { codec => rubydebug }
}
xpack.security.authc:
anonymous:
username: anonymous_user
roles: role1, role2
authz_exception: false
undefined accessed the autoload lists which are no longer available via the Plugin API.Use the `ui/autoload/*` modules instead.
undefined accessed the autoload lists which are no longer available via the Plugin API.Use the `ui/autoload/*` modules instead.
log [22:24:55.244] [warning] Plugin "Sense" was disabled because it expected Kibana version "2.0.0-snapshot", and found "5.3.0".
log [22:24:55.499] [info][status][plugin:kibana@5.3.0] Status changed from uninitialized to green - Ready
log [22:24:55.568] [info][status][plugin:elasticsearch@5.3.0] Status changed from uninitialized to yellow - Waiting for Elasticsearch
log [22:24:55.575] [info][status][plugin:xpack_main@5.3.0] Status changed from uninitialized to yellow - Waiting for Elasticsearch
log [22:24:55.739] [info][status][plugin:graph@5.3.0] Status changed from uninitialized to yellow - Waiting for Elasticsearch
log [22:24:55.747] [info][status][plugin:monitoring@5.3.0] Status changed from uninitialized to green - Ready
log [22:24:55.751] [warning][reporting] Generating a random key for xpack.reporting.encryptionKey. To prevent pending reports from failing on restart, please set xpack.reporting.encryptionKey in kibana.yml
log [22:24:55.756] [info][status][plugin:reporting@5.3.0] Status changed from uninitialized to yellow - Waiting for Elasticsearch
log [22:24:55.958] [error][reporting] ExtractError: Failed to extract the phantom.js archive
at Extract.<anonymous> (/home/demetrio/Servers/DBs/kibana-5.3.0-amd64/usr/share/kibana/plugins/x-pack/plugins/reporting/server/lib/extract/bunzip2.js:18:16)
at emitOne (events.js:101:20)
at Extract.emit (events.js:188:7)
at Extract.destroy (/home/demetrio/Servers/DBs/kibana-5.3.0-amd64/usr/share/kibana/plugins/x-pack/node_modules/tar-stream/extract.js:191:17)
at onunlock (/home/demetrio/Servers/DBs/kibana-5.3.0-amd64/usr/share/kibana/plugins/x-pack/node_modules/tar-stream/extract.js:69:26)
at stat (/home/demetrio/Servers/DBs/kibana-5.3.0-amd64/usr/share/kibana/plugins/x-pack/node_modules/tar-fs/index.js:232:23)
at /home/demetrio/Servers/DBs/kibana-5.3.0-amd64/usr/share/kibana/plugins/x-pack/node_modules/mkdirp/index.js:46:53
at FSReqWrap.oncomplete (fs.js:123:15)
log [22:24:55.959] [error][reporting] Error: EACCES: permission denied, mkdir '/var/lib/kibana/phantomjs-2.1.1-linux-x86_64'
at Error (native)
log [22:24:55.960] [error][status][plugin:reporting@5.3.0] Status changed from yellow to red - Insufficient permissions for extracting the phantom.js archive. Make sure the Kibana data directory (path.data) is owned by the same user that is running Kibana.
log [22:24:55.968] [info][status][plugin:security@5.3.0] Status changed from uninitialized to yellow - Waiting for Elasticsearch
log [22:24:55.969] [warning][security] Generating a random key for xpack.security.encryptionKey. To prevent sessions from being invalidated on restart, please set xpack.security.encryptionKey in kibana.yml
log [22:24:55.972] [warning][security] Session cookies will be transmitted over insecure connections. This is not recommended.
log [22:24:56.022] [info][status][plugin:searchprofiler@5.3.0] Status changed from uninitialized to yellow - Waiting for Elasticsearch
log [22:24:56.033] [info][status][plugin:tilemap@5.3.0] Status changed from uninitialized to yellow - Waiting for Elasticsearch
log [22:24:56.042] [info][status][plugin:console@5.3.0] Status changed from uninitialized to green - Ready
log [22:24:56.217] [info][status][plugin:elasticsearch@5.3.0] Status changed from yellow to green - Kibana index ready
log [22:24:56.219] [info][status][plugin:timelion@5.3.0] Status changed from uninitialized to green - Ready
log [22:24:56.223] [info][listening] Server running at http://localhost:5601
log [22:24:56.225] [info][status][ui settings] Status changed from uninitialized to green - Ready
log [22:24:56.355] [info][license][xpack] Imported license information from Elasticsearch: mode: trial | status: active | expiry date: 2017-05-06T18:53:19-03:00
log [22:24:56.365] [info][status][plugin:monitoring@5.3.0] Status changed from green to yellow - Waiting for Monitoring Health Check
log [22:24:56.368] [info][status][plugin:xpack_main@5.3.0] Status changed from yellow to green - Ready
log [22:24:56.369] [info][status][plugin:graph@5.3.0] Status changed from yellow to green - Ready
log [22:24:56.370] [info][status][plugin:reporting@5.3.0] Status changed from red to green - Ready
log [22:24:56.371] [info][status][plugin:security@5.3.0] Status changed from yellow to green - Ready
log [22:24:56.371] [info][status][plugin:searchprofiler@5.3.0] Status changed from yellow to green - Ready
log [22:24:56.372] [info][status][plugin:tilemap@5.3.0] Status changed from yellow to green - Ready
log [22:24:58.357] [info][status][plugin:monitoring@5.3.0] Status changed from yellow to green - Ready
最佳答案
您可以关注 the official documentation,而不是允许具有高安全风险的匿名访问为 Logstash 配置角色和用户以连接 Elasticsearch。
Logstash needs to be able to manage index templates, create indices, and write and delete documents in the indices it creates.
To set up authentication credentials for Logstash:
Create a logstash_writer role that has the manage_index_templates cluster privilege, and the write, delete, and create_index privileges for the Logstash indices. You can create roles from the Management > Roles UI in Kibana or through the role API:
POST _xpack/security/role/logstash_writer
{
"cluster": ["manage_index_templates", "monitor"],
"indices": [
{
"names": [ "logstash-*" ],
"privileges": ["write","delete","create_index"]
}
]
}Create a logstash_internal user and assign it the logstash_writer role. You can create users from the Management > Users UI in Kibana or through the user API:
POST _xpack/security/user/logstash_internal
{
"password" : "changeme",
"roles" : [ "logstash_writer"],
"full_name" : "Internal Logstash User"
}Configure Logstash to authenticate as the logstash_internal user you just created. You configure credentials separately for each of the Elasticsearch plugins in your Logstash .conf file. For example:
input {
...
user => logstash_internal
password => changeme
}
filter {
...
user => logstash_internal
password => changeme
}
output {
elasticsearch {
...
user => logstash_internal
password => changeme
}
关于elasticsearch - 如何在 ElasticSearch 5.3 中启用匿名访问,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/43281264/
25
4
0
我在这里有一个问题,我不知道这是否正常。 但是我认为这里有些湖,安装插件elasticsearch-head之后,我在浏览器中启动url“http://localhost:9200/_plugin/h
我写了这个 flex 搜索查询: es.search(index=['ind1'],doc_type=['doc']) 我得到以下结果: {'_shards': {'failed': 0, 'skip
在ElasticSearch.Net v.5中,存在一个属性 Elasticsearch.Net.RequestData.Path ,该属性在ElasticSearch.Net v.6中已成为depr
如何让 elasticsearch 应用新配置?我更改了文件 ~ES_HOME/config/elasticsearch.yml 中的一个字符串: # Disable HTTP completely:
我正在尝试使用以下分析器在 elastic serach 7.1 中实现部分子字符串搜索 PUT my_index-001 { "settings": { "analysis": {
假设一个 elasticsearch 服务器在很短的时间内接收到 100 个任务。有些任务很短,有些任务很耗时,有些任务是删除任务,有些是插入和搜索查询。 elasticsearch 是如何决定先运行
我需要根据日期过滤一组值(在此处添加字段),然后按 device_id 对其进行分组。所以我正在使用以下东西: { "aggs":{ "dates_between":{ "fi
我在 Elasticsearch 中有一个企业索引。索引中的每个文档代表一个业务,每个业务都有business_hours。我试图允许使用星期几和时间过滤营业时间。例如,我们希望能够进行过滤,以显示我
我有一个这样的过滤查询 query: { filtered: { query: { bool: { should: [{multi_match: {
Elasticsearch 相当新,所以可能不得不忍受我,我遇到了一个问题,如果我使用 20 个字符或更少的字符搜索文档,文档会出现,但是查询中同一个单词中的任何更多字符,我没有结果: 使用“苯氧甲基
我试图更好地理解 ElasticSearch 的内部结构,所以我想知道 ElasticSearch 在内部计算以下两种情况的术语统计信息的方式是否存在任何差异。 第一种情况是当我有这样的文件时: {
在我的 elasticsearch 索引中,我索引了一堆工作。为简单起见,我们只说它们是一堆职位。当人们在我的搜索引擎中输入职位时,我想“自动完成”可能的匹配。 我在这里调查了完成建议:http://
我在很多映射中使用多字段。在 Elastic Search 的文档中,指示应将多字段替换为“fields”参数。参见 http://www.elasticsearch.org/guide/en/ela
我有如下查询, query = { "query": {"query_string": {"query": "%s" % q}}, "filter":{"ids
我有一个Json数据 "hits": [ { "_index": "outboxprov1", "_type": "deleted-c
这可能是一个初学者的问题,但我对大小有一些疑问。 根据 Elasticsearch 规范,大小的最大值可以是 10000,我想在下面验证我的理解: 示例查询: GET testindex-2016.0
我在 Elastic Search 中发现了滚动功能,这看起来非常有趣。看了那么多文档,下面的问题我还是不清楚。 如果偏移量已经存在那么为什么要使用滚动? 即将到来的记录呢?假设它完成了所有数据的滚动
我有以下基于注释的 Elasticsearch 配置,我已将索引设置为不被分析,因为我不希望这些字段被标记化: @Document(indexName = "abc", type = "efg
我正在尝试在单个索引中创建多个类型。例如,我试图在host索引中创建两种类型(post,ytb),以便在它们之间创建父子关系。 PUT /ytb { "mappings": { "po
我尝试创建一个简单的模板,包括一些动态模板,但我似乎无法为文档编制索引。 我得到错误: 400 {"error":"MapperParsingException[mapping [_default_]
我是一名优秀的程序员,十分优秀!