Hi Experts,
I am using ELK5.2.2 and I am checking this plugin, after installation ES is working fine but logstash stops working . My configurations are
LS
output { elasticsearch { action => "index" hosts=> ["localhost:9200"] user => admin password => test123 index => "management" } }
Elasticsearch.yml
readonlyrest:
enable: true
response_if_req_forbidden: Forbidden by ReadonlyREST ES plugin
access_control_rules:
- name: "::LOGSTASH::"
auth_key: admin:test123
type: allow
actions: ["indices:admin/types/exists","indices:data/read/*","indices:data/write/*","indices:admin/template/*","indices:admin/create"]
indices: ["management*"]
- name: kiabna
type: allow
auth_key: kibana:test123
indices: [".kibana"]
- name: Accept requests from users in group team1 on operations
type: allow
groups: ["team1"]
indices: [".kibana","operations"]
- name: Accept requests from users in group team2 on management
type: allow
groups: ["team2"]
indices: [".kibana","management"]
users:
- username: vg
auth_key: vg:test123
groups: ["team1"]
- username: gv
auth_key: gv:test123
groups: ["team2"]
- username: vggv
auth_key: vggv:test123
groups: ["team1","team2"]
Operations index was already created before this plugin and now I want to create management index and LS gives below error.
[2017-04-24T14:31:05,254][INFO ][o.e.p.r.a.RequestContext ] id: 9fa221d72e49462bb2ce5fe842bca364 - Replacing indices. Old:[_all] New:[.kibana, operations]
[2017-04-24T14:31:05,256][INFO ][o.e.p.r.a.ACL ] request: { ID:9fa221d72e49462bb2ce5fe842bca364, TYP:GetIndexRequest, USR:vggv, BRS:true, ACT:indices:admin/get, OA:127.0.0.1, IDX:, MET:GET, PTH:/_aliases, CNT:<OMITTED, LENGTH=0>, HDR:Accept,Accept-Encoding,Accept-Language,Authorization,Connection,content-length,Host,User-Agent, EFF:0, HIS:[::LOGSTASH::->[indices->true, auth_key->false, actions->false]], [kiabna->[indices->true, auth_key->false]], [Accept requests from users in group team1 on operations->[]], [Accept requests from users in group team1 on operations->[indices->true, groups->true]] } matched block: Accept requests from users in group team1 on operations match: true}