elasticsearch 我无法在ELK 8.5版中使用'elastic'、'kibana_system'进行身份验证

jgwigjjp  于 2023-05-16  发布在  ElasticSearch
关注(0)|答案(1)|浏览(527)

我使用的是ELK集群,由三个节点组成。我无法使用其URL https://kibana_IP:5601访问Kibana。
当我检查**/var/log/elasticsearch/elasticsearch.log的日志时,我发现了以下错误:
Authentication of [elastic] was terminated by realm [reserved] - failed to authenticate user [elastic]
当我检查kibana的日志时,我发现了以下错误:
Unable to authenticate user [kibana_system] for REST request [/_nodes?filter_path=nodes.*.version%2Cnodes.*.http.publish_address%2Cnodes.*.ip]
我尝试使用以下命令重置弹性用户的密码
/usr/share/elasticsearch/bin/elasticsearch-reset-password -i -u elastic**
但我得到了这个错误:
Error: Failed to determine the health of the cluster. Cluster health is currently RED
当我尝试使用这个命令curl --cacert /etc/elasticsearch/certs/http_ca.crt -XGET "https://localhost:9200/_cat/indices?v" -u elastic
我得到下面的错误:{"error":{"root_cause":[{"type":"security_exception","reason":"unable to authenticate user [elastic] for REST request [/_cat/indices?v]","header":{"WWW-Authenticate":["Basic realm=\"security\" charset=\"UTF-8\"","Bearer realm=\"security\"","ApiKey"]}}],"type":"security_exception","reason":"unable to authenticate user [elastic] for REST request [/_cat/indices?v]","header":{"WWW-Authenticate":["Basic realm=\"security\" charset=\"UTF-8\"","Bearer realm=\"security\"","ApiKey"]}},"status":401}
我检查了所有节点中的elastisearch服务,它已经启动并运行。
请问如何解决这个问题?
致上,

vmdwslir

vmdwslir1#

看起来至少有一个索引是红色的。

1-查找RED索引

curl -XGET "http://localhost:9200/_cat/indices?v" -u elastic:password

可以是HTTP尝试使用HTTPS

2-删除RED索引(如果可以)

curl -XDELETE "http://localhost:9200/index_name" -u elastic:password

注意:不要删除以.开头的系统索引,例如.security

3-再次检查集群运行状况

curl -XGET "http://localhost:9200" -u elastic:password

更多:
要了解RED群集状态的原因,您可以elasticsearch.log如果您有快照,则可以从最新快照恢复索引

相关问题