Can't access kibana dashboard after installing readonlyrest free version

hello. Need help please. i just installed the ELK (Elasticsearch, kibana and Logstash). every thing was working fine and i was able to browse the dashboard from my machine , both inside the VM using the localhost:5601 and outside the machine via 192.168.17.129:5601. After i installed the free version of Readonlyrest API following guidelines on the offciial site . I am unable to browse the dashboard, i get no error and the browser keeps on reloading the page and no output.
i am posting my elasticsearch.yml , kibana.yml and readonlyrest.yml config files

elasticsearch.yml:

# ======================== Elasticsearch Configuration =========================
#
# NOTE: Elasticsearch comes with reasonable defaults for most settings.
#       Before you set out to tweak and tune the configuration, make sure you
#       understand what are you trying to accomplish and the consequences.
#
# The primary way of configuring a node is via this file. This template lists
# the most important settings you may want to configure for a production cluste$
#
# Please consult the documentation for further information on configuration opt$

# ---------------------------------- Cluster -----------------------------------
#
# Use a descriptive name for your cluster:
#
#cluster.name: my-application
xpack.security.enabled: false
# ------------------------------------ Node ------------------------------------
#
# Use a descriptive name for the node:
#
#node.name: node-1
#
# Add custom attributes to the node:
#
#node.attr.rack: r1
#
# ----------------------------------- Paths ------------------------------------
#
# Path to directory where to store the data (separate multiple locations by com$
#
path.data: /var/lib/elasticsearch
#
# Path to log files:
#
path.logs: /var/log/elasticsearch
# ----------------------------------- Memory -----------------------------------
#
# Lock the memory on startup:
#
#bootstrap.memory_lock: true
#
# Make sure that the heap size is set to about half the memory available
# on the system and that the owner of the process is allowed to use this
# limit.
#
# Elasticsearch performs poorly when the system is swapping the memory.
#
# ---------------------------------- Network -----------------------------------
#
# By default Elasticsearch is only accessible on localhost. Set a different
# address here to expose this node on the network:
#
network.host: localhost
#
# By default Elasticsearch listens for HTTP traffic on the first free port it
# finds starting at 9200. Set a specific HTTP port here:
#
#http.port: 9200
#
# For more information, consult the network module documentation.
#
# --------------------------------- Discovery ----------------------------------
#
# Pass an initial list of hosts to perform discovery when this node is started:
# finds starting at 9200. Set a specific HTTP port here:
#
#http.port: 9200
#
# For more information, consult the network module documentation.
#
# --------------------------------- Discovery ----------------------------------
#
# Pass an initial list of hosts to perform discovery when this node is started:
# The default list of hosts is ["127.0.0.1", "[::1]"]
#
#discovery.seed_hosts: ["host1", "host2"]
#
# Bootstrap the cluster using an initial set of master-eligible nodes:
#
#cluster.initial_master_nodes: ["node-1", "node-2"]
#
# For more information, consult the discovery and cluster formation module docu$
#
# ---------------------------------- Various -----------------------------------
#
# Require explicit names when deleting indices:
#
#action.destructive_requires_name: true
# ---------------------------------- Security ----------------------------------
#
#                                 *** WARNING ***
#
# Elasticsearch security features are not enabled by default.
# These features are free, but require configuration changes to enable them.
# This means that users don’t have to provide credentials and can get full acce$
# to the cluster. Network connections are also not encrypted.
#
# To protect your data, we strongly encourage you to enable the Elasticsearch s$
# Refer to the following documentation for instructions.
#
#

kibana.yml

# Kibana is served by a back end server. This setting specifies the port to use.
#server.port: 5601
xpack.security.enabled: false

# Specifies the address to which the Kibana server will bind. IP addresses and $
# The default is 'localhost', which usually means remote machines will not be a$
# To allow connections from remote users, set this parameter to a non-loopback $
server.host: "0.0.0.0"

# Enables you to specify a path to mount Kibana at if you are running behind a $
# Use the `server.rewriteBasePath` setting to tell Kibana if it should remove t$
# from requests it receives, and to prevent a deprecation warning at startup.
# This setting cannot end in a slash.
#server.basePath: ""

# Specifies whether Kibana should rewrite requests that are prefixed with
# `server.basePath` or require that they are rewritten by your reverse proxy.
# This setting was effectively always `false` before Kibana 6.3 and will
# default to `true` starting in Kibana 7.0.
#server.rewriteBasePath: false

# Specifies the public URL at which Kibana is available for end users. If
# `server.basePath` is configured this URL should end with the same basePath.
#server.publicBaseUrl: ""

# The maximum payload size in bytes for incoming server requests.
#server.maxPayload: 1048576

# The Kibana server's name.  This is used for display purposes.
# Specifies the public URL at which Kibana is available for end users. If
# `server.basePath` is configured this URL should end with the same basePath.
#server.publicBaseUrl: ""

# The maximum payload size in bytes for incoming server requests.
#server.maxPayload: 1048576

# The Kibana server's name.  This is used for display purposes.
#server.name: "your-hostname"

# The URLs of the Elasticsearch instances to use for all your queries.
#elasticsearch.hosts: ["http://localhost:9200"]

# Kibana uses an index in Elasticsearch to store saved searches, visualizations$
# dashboards. Kibana creates a new index if the index doesn't already exist.
#kibana.index: ".kibana"

# The default application to load.

# The URLs of the Elasticsearch instances to use for all your queries.
#elasticsearch.hosts: ["http://localhost:9200"]

# Kibana uses an index in Elasticsearch to store saved searches, visualizations$
# dashboards. Kibana creates a new index if the index doesn't already exist.
#kibana.index: ".kibana"

# The default application to load.
#kibana.defaultAppId: "home"

# If your Elasticsearch is protected with basic authentication, these settings $
# the username and password that the Kibana server uses to perform maintenance $
# index at startup. Your Kibana users still need to authenticate with Elasticse$
# is proxied through the Kibana server.

elasticsearch.username: "abc"
elasticsearch.password: "abc123"
# Kibana can also authenticate to Elasticsearch via "service account tokens".
# If may use this token instead of a username/password.
# elasticsearch.serviceAccountToken: "my_token"

# Enables SSL and paths to the PEM-format SSL certificate and SSL key files, re$
# These settings enable SSL for outgoing requests from the Kibana server to the$
#server.ssl.enabled: false
#server.ssl.certificate: /path/to/your/server.crt
#server.ssl.key: /path/to/your/server.key

# Optional settings that provide the paths to the PEM-format SSL certificate an$
# These files are used to verify the identity of Kibana to Elasticsearch and ar$
# xpack.security.http.ssl.client_authentication in Elasticsearch is set to requ$
#elasticsearch.ssl.certificate: /path/to/your/client.crt
#elasticsearch.ssl.key: /path/to/your/client.key

# Optional setting that enables you to specify a path to the PEM file for the c$
# authority for your Elasticsearch instance.
#elasticsearch.ssl.certificateAuthorities: [ "/path/to/your/CA.pem" ]

# To disregard the validity of SSL certificates, change this setting's value to$
#elasticsearch.ssl.verificationMode: full

# Time in milliseconds to wait for Elasticsearch to respond to pings. Defaults $
# the elasticsearch.requestTimeout setting.
#elasticsearch.pingTimeout: 1500

# Time in milliseconds to wait for responses from the back end or Elasticsearch$
# must be a positive integer.
#elasticsearch.requestTimeout: 30000
# List of Kibana client-side headers to send to Elasticsearch. To send *no* cli$
# headers, set this value to [] (an empty list).
#elasticsearch.requestHeadersWhitelist: [ authorization ]

# Header names and values that are sent to Elasticsearch. Any custom headers ca$
# by client-side headers, regardless of the elasticsearch.requestHeadersWhiteli$
#elasticsearch.customHeaders: {}

# Time in milliseconds for Elasticsearch to wait for responses from shards. Set$
#elasticsearch.shardTimeout: 30000

# Logs queries sent to Elasticsearch. Requires logging.verbose set to true.
#elasticsearch.logQueries: false

# Specifies the path where Kibana creates the process ID file.
#pid.file: /run/kibana/kibana.pid

# Enables you to specify a file where Kibana stores log output.
#logging.dest: stdout
# Set the value of this setting to true to suppress all logging output.
#logging.silent: false

# Set the value of this setting to true to suppress all logging output other th$
#logging.quiet: false

# Set the value of this setting to true to log all events, including system usa$
# and all requests.
#logging.verbose: false

# Set the interval in milliseconds to sample system and process performance
# metrics. Minimum is 100ms. Defaults to 5000.
#ops.interval: 5000

# Specifies locale to be used for all localizable strings, dates and number for$
# Supported languages are the following: English - en , by default , Chinese - $
#i18n.locale: "en"

finally the readonlyrest.yml ::::

readonlyrest:
    access_control_rules:

    - name: "Require HTTP Basic Auth"
      type: allow
      kibana_access: admin
      auth_key: abc:abc123

also the readonlyrest and elasticsearch.yml are in the same folder

For KBN<->ES internal communication use this user:

in readonlyrest.yml add:

    - name: "::KIBANA-SRV::"
      auth_key: kibana:kibana

in kibana.yml change:

elasticsearch.username: "abc"
elasticsearch.password: "abc123"

explanation:
kibana_access: admin is too restricted for internal KBN ↔ ES communication.

as soon as i add the lines you mentioned , i get the following error:
Job for elasticsearch.service failed because the control process exited with error code. See “systemctl status elasticsearch.service” and “journalctl -xe” for details.
when i remove them, restart the service, no error

does it mean your problem is solved?

no, not solved. i am not getting any error, but my dashboard is not loading

please show us ES and KBN logs

You can also use our sandbox to see how the simple cluster with ROR is bootstrapped. And obviously to play with it.

here status of ES:
idrees@ubuntu:~$ sudo systemctl status elasticsearch
● elasticsearch.service - Elasticsearch
Loaded: loaded (/usr/lib/systemd/system/elasticsearch.service; disabled; vendor preset: enabled)
Active: active (running) since Tue 2023-12-19 18:13:18 PST; 19s ago
Docs: https://www.elastic.co
Main PID: 2770 (java)
CGroup: /system.slice/elasticsearch.service
├─2770 /usr/share/elasticsearch/jdk/bin/java -Xshare:auto -Des.networkaddress.cache.ttl=60 -Des.networkaddres
└─2993 /usr/share/elasticsearch/modules/x-pack-ml/platform/linux-x86_64/bin/controller

Dec 19 18:11:16 ubuntu systemd[1]: Starting Elasticsearch…
Dec 19 18:11:42 ubuntu systemd-entrypoint[2770]: Dec 19, 2023 6:11:42 PM sun.util.locale.provider.LocaleProviderAdapter
Dec 19 18:11:42 ubuntu systemd-entrypoint[2770]: WARNING: COMPAT locale provider will be removed in a future release
Dec 19 18:13:18 ubuntu systemd[1]: Started Elasticsearch.
lines 1-13/13 (END)

kibana::
idrees@ubuntu:~$ sudo systemctl status kibana
● kibana.service - Kibana
Loaded: loaded (/etc/systemd/system/kibana.service; enabled; vendor preset: enabled)
Active: active (running) since Tue 2023-12-19 18:03:49 PST; 10min ago
Docs: https://www.elastic.co
Main PID: 1331 (node)
CGroup: /system.slice/kibana.service
└─1331 /usr/share/kibana/bin/…/node/bin/node /usr/share/kibana/bin/…/src/cli/dist --logging.dest=/var/log/k

Dec 19 18:03:49 ubuntu systemd[1]: Started Kibana.
Dec 19 18:03:55 ubuntu kibana[1331]: Kibana is currently running with legacy OpenSSL providers enabled! For details and
Dec 19 18:13:26 ubuntu systemd[1]: Started Kibana.

Sadly, there is no additional info in the systemctl status that would help me to solve your problem.
As I wrote before - ES and KBN logs will tell us more for sure.

this site is not allowing me to upload any docs

maybe you can use pastebin.com or a similar online site?

@idreeszaheer786 I upgraded your forum account, you should be able to upload stuff.

Just testing:

file.log (7 Bytes)
file.log.zip (203 Bytes)

@idreeszaheer786 what are you trying to upload? What extension and size?

i am trying to upload the logs of elasticsearch and kibana. .txt files . one is 11 and 15 MB

so, i have reduced the size of my logs files, so that the site would allow me to upload .
here are the log files for kibana and ES
elasticsearch.log (3.9 MB)
kibana.log (3.9 MB)

Oh I see it’s about the size! Two things:

• You can zip them
• I should bump up thresholds

I’ve checked your logs and in the kibana’s one I don’t see ReadonlyREST plugin is installed. There should be log entries like these:

[2023-12-23T11:49:46.205+00:00][INFO ][plugins.readonlyrestkbn] Setting up ReadonlyREST plugin - build info: {"versionString":"1.54.0_es8.11.3","kibanaVersion":"8.11.3","rorVersion":"1.54.0","isProduction":true,"isBuildExpired":false}
[11:49:46:205] [info][plugins][ReadonlyREST][kibanaYamlSessionManagerConfigParser] "readonlyrest_kbn.store_sessions_in_index" is not enabled.
If you use more than one Kibana nodes (High availability configurations), you MUST enable both "readonlyrest_kbn.store_sessions_in_index" and share the same "readonlyrest.cookiePass" in ALL Kibana nodes.
See documentation: https://docs.readonlyrest.com/kibana#session-management-with-multiple-kibana-instances

Did you install ROR plugin for Kibana and patch Kibana? See our docs to find out how to do it.

I also recommend you to play with ROR using our docker-compose-based sandbox.

All you need to do are the following steps:

1. checkout this repo: GitHub - beshu-tech/ror-sandbox: Sandbox based on docker-compose for ReadonlyREST
2. cd ror-demo-cluster
3. ./run.sh
4. Answer several questions. E.g.:

  _____                _  ____        _       _____  ______  _____ _______
 |  __ \              | |/ __ \      | |     |  __ \|  ____|/ ____|__   __|
 | |__) |___  __ _  __| | |  | |_ __ | |_   _| |__) | |__  | (___    | |
 |  _  // _ \/ _| |/ _| | |  | | '_ \| | | | |  _  /|  __|  \___ \   | |
 | | \ \  __/ (_| | (_| | |__| | | | | | |_| | | \ \| |____ ____) |  | |
 |_|  \_\___|\__,_|\__,_|\____/|_| |_|_|\__, |_|  \_\______|_____/   |_|
                                         __/ |

Preparing Elasticsearch & Kibana with ROR environment ...
-----------------
Enter Elasticsearch version (default: 8.11.3):
Use ES ROR:
1. From API
2. From FILE

Your choice: 1
Enter ROR Elasticsearch version (default: 1.54.0):
-----------------
Enter Kibana version (default: 8.11.3):
Use KBN ROR:
 1. From API
 2. From FILE

Your choice: 1
Enter ROR Kibana version (default: 1.54.0):

5. Open http://localhost:15601 in browser and log as admin:admin or user1:test

thankyou very much

is this one also free ? like i installed before? the free version of ES Readonlyrest api

@idreeszaheer786 ReadonlyREST is always free until you unlock PRO or Enterprise features using an activation key.

We have trial activation keys available in the customer portal.

Anyone can login to the portal using their email.

Have a look: