This is my output log when Elastic and ROR is loaded succesfully. Its a non-stop error log that keeps generating!
- It looks like ElasticSearch keeps pinging on the Path / and keeps getting the Forbidden error. I tried to pre-empt it by looking at some other posts and setup my config as below but it doesnt seem to help! Any suggestions?
- Also it doesnt look like my custom Forbidden by ReadonlyREST ES plugin is being picked up as configured in the response_if_req_fobidden tag below. Any ideas why?
readonlyrest.yml
readonlyrest: enable: true response_if_req_forbidden: Forbidden by ReadonlyREST ES plugin access_control_rules: - name: "just that action from localhost" type: allow actions: ["cluster:monitor/main"] hosts: ["127.0.0.1"] - name: "Global Access" auth_key: "elastic:changeme" verbosity: "error" - name: "My Index Access" auth_key: "elastic:writeme" type: allow actions: ["indices:data/read/*","indices:data/write/*","indices:admin/template/*","indices:admin/create"] indices: ["myindex-*", "<no_index>]
Error
[2018-03-15T17:39:40,759][INFO ][t.b.r.a.ACL ] FORBIDDEN by default req={ ID:2034247693-1077991590#15, TYP:MainRequest, CGR:N/A, USR:[no basic auth header], BRS:false, ACT:cluster:monitor/main, OA:10.187.25.247, IDX:<N/A>, MET:HEAD, PTH:/, CNT:<N/A>, HDR:Connection,content-length,host,X-Forwarded-For,X-Forwarded-Port,X-Forwarded-Proto, HIS: }
[2018-03-15T17:39:40,759][INFO ][t.b.r.a.ACL ] FORBIDDEN by default req={ ID:675900048-2000261686#17, TYP:MainRequest, CGR:N/A, USR:[no basic auth header], BRS:false, ACT:cluster:monitor/main, OA:10.187.25.247, IDX:<N/A>, MET:HEAD, PTH:/, CNT:<N/A>, HDR:Connection,content-length,host,X-Forwarded-For,X-Forwarded-Port,X-Forwarded-Proto, HIS: }
[2018-03-15T17:39:40,759][INFO ][t.b.r.a.ACL ] FORBIDDEN by default req={ ID:1781429987-611602478#18, TYP:MainRequest, CGR:N/A, USR:[no basic auth header], BRS:false, ACT:cluster:monitor/main, OA:10.187.25.247, IDX:<N/A>, MET:HEAD, PTH:/, CNT:<N/A>, HDR:Connection,content-length,host,X-Forwarded-For,X-Forwarded-Port,X-Forwarded-Proto, HIS: }