Kibana 操作失败,出现“security_exception:[安全异常]原因:操作[indices:admin/create]未授权给用户

jk9hmnmh  于 2022-12-09  发布在  Kibana
关注(0)|答案(2)|浏览(2103)

我正在尝试在Windows机器上安装ElasticSearch和Kibana。启动ElasticSearch后,ElasticSearch工作正常。但如果我启动Kibana服务器,它会显示以下错误:

[2022-07-08T17:21:28.195+05:30][INFO ][savedobjects-service] Starting saved objects migrations
[2022-07-08T17:21:28.231+05:30][INFO ][savedobjects-service] [.kibana] INIT -> CREATE_NEW_TARGET. took: 18ms.
[2022-07-08T17:21:28.235+05:30][INFO ][savedobjects-service] [.kibana_task_manager] INIT -> CREATE_NEW_TARGET. took: 20ms.
[2022-07-08T17:21:28.245+05:30][ERROR][savedobjects-service] [.kibana_task_manager] Action failed with 'security_exception: [security_exception] Reason: action [indices:admin/create] is unauthorized for user [kunal] with roles [monitoring,network,admins,demorole] on restricted indices [.kibana_task_manager_8.3.2_001], this action is granted by the index privileges [create_index,manage,all]'. Retrying attempt 1 in 2 seconds.
[2022-07-08T17:21:28.246+05:30][INFO ][savedobjects-service] [.kibana_task_manager] CREATE_NEW_TARGET -> CREATE_NEW_TARGET. took: 10ms.
[2022-07-08T17:21:28.248+05:30][ERROR][savedobjects-service] [.kibana] Action failed with 'security_exception: [security_exception] Reason: action [indices:admin/create] is unauthorized for user [kunal] with roles [monitoring,network,admins,demorole] on restricted indices [.kibana_8.3.2_001], this action is granted by the index privileges [create_index,manage,all]'. Retrying attempt 1 in 2 seconds.
[2022-07-08T17:21:28.248+05:30][INFO ][savedobjects-service] [.kibana] CREATE_NEW_TARGET -> CREATE_NEW_TARGET. took: 18ms.
[2022-07-08T17:21:30.276+05:30][ERROR][savedobjects-service] [.kibana_task_manager] Action failed with 'security_exception: [security_exception] Reason: action [indices:admin/create] is unauthorized for user [kunal] with roles [monitoring,network,admins,demorole] on restricted indices [.kibana_task_manager_8.3.2_001], this action is granted by the index privileges [create_index,manage,all]'. Retrying attempt 2 in 4 seconds.
[2022-07-08T17:21:30.277+05:30][INFO ][savedobjects-service] [.kibana_task_manager] CREATE_NEW_TARGET -> CREATE_NEW_TARGET. took: 2031ms.
[2022-07-08T17:21:30.284+05:30][ERROR][savedobjects-service] [.kibana] Action failed with 'security_exception: [security_exception] Reason: action [indices:admin/create] is unauthorized for user [kunal] with roles [monitoring,network,admins,demorole] on restricted indices [.kibana_8.3.2_001], this action is granted by the index privileges [create_index,manage,all]'. Retrying attempt 2 in 4 seconds.
[2022-07-08T17:21:30.285+05:30][INFO ][savedobjects-service] [.kibana] CREATE_NEW_TARGET -> CREATE_NEW_TARGET. took: 2036ms.
[2022-07-08T17:21:34.311+05:30][ERROR][savedobjects-service] [.kibana_task_manager] Action failed with 'security_exception: [security_exception] Reason: action [indices:admin/create] is unauthorized for user [kunal] with roles [monitoring,network,admins,demorole] on restricted indices [.kibana_task_manager_8.3.2_001], this action is granted by the index privileges [create_index,manage,all]'. Retrying attempt 3 in 8 seconds.
[2022-07-08T17:21:34.313+05:30][INFO ][savedobjects-service] [.kibana_task_manager] CREATE_NEW_TARGET -> CREATE_NEW_TARGET. took: 4035ms.
[2022-07-08T17:21:34.321+05:30][ERROR][savedobjects-service] [.kibana] Action failed with 'security_exception: [security_exception] Reason: action [indices:admin/create] is unauthorized for user [kunal] with roles [monitoring,network,admins,demorole] on restricted indices [.kibana_8.3.2_001], this action is granted by the index privileges [create_index,manage,all]'. Retrying attempt 3 in 8 seconds.

请查找我的ElasticSearch文件:角色.yml

# The default roles file is empty as the preferred method of defining roles is
# through the API/UI. File based roles are useful in error scenarios when the
# API based roles may not be available.
admins:
  cluster:
    - all
  indices:
    - names:
        - "*"
      privileges:
        - all
devs:
  cluster:
    - manage
  indices:
    - names:
        - "*"
      privileges:
        - write
        - delete
        - create_index

用户_角色文件

monitoring:kunal
network:kunal
admins:kunal

我使用来自kibana的用户kunal进行身份验证。
我不知道这里的权限错误是什么,因为对于admins用户,我已经授予了所有权限。

kibana

2条答案

按热度按时间
u59ebvdq

u59ebvdq1#

Tldr;

删除kibana.yml文件中的kibana.index

要解决

我感觉你修改了内部kibana索引的默认名称。默认情况下它是.kibana,但你的是.kibana_task_manager_8.3.2_001
这让我相信
1.您正在使用v 8.3.2
1.您更改了kibana.index设置
但不建议使用。doc(https://www.elastic.co/guide/en/kibana/7.17/settings.html)
你也有一个issue talking关于这个。

免责声明:

我没看过你的kibana.yml文件。

赞(0)分享  回复(0)举报  2022-12-09
cx6n0qe3

cx6n0qe32#

请检查您的...\elasticsearch-8.3.2\config\elasticsearch.yml。这是我的配置。希望对您有所帮助。

# Enable security features

xpack.security.enabled: false

xpack.security.enrollment.enabled: true

# Enable encryption for HTTP API client connections, such as Kibana, Logstash, and Agents
xpack.security.http.ssl:

enabled: false

keystore.path: certs/http.p12

# Enable encryption and mutual authentication between cluster nodes
xpack.security.transport.ssl:

enabled: false

verification_mode: certificate

keystore.path: certs/transport.p12

truststore.path: certs/transport.p12

# Create a new cluster with the current node only
# Additional nodes can still join the cluster later

cluster.initial_master_nodes: ["Node1"]
赞(0)分享  回复(0)举报  2022-12-09
我来回答

相关问题

    查看更多
    微信公众号

    热门标签

    更多
    JavaquerypythonNode开发语言requestUtil数据库Table后端算法LoggerMessageElementParser

    最新问答

    更多
    • 蜀ICP备13028337号-1 大数据知识库 https://www.saoniuhuo.com © All rights reserved
    • 本站内容来源互联网,如果侵犯您的权益请联系我们删除, 联系方式:448109455@qq.com