Elasticsearch: missing authentication token for REST request
[2016-11-08T08:17:19,161][INFO ][o.e.n.Node ] [] initializing ...
[2016-11-08T08:17:19,379][INFO ][o.e.e.NodeEnvironment ] [zS7Mojd] using [1] data paths, mounts [[/ (rootfs)]], net usable_space [98.6gb], net total_space [99.9gb], spins? [unknown], types [rootfs]
[2016-11-08T08:17:19,380][INFO ][o.e.e.NodeEnvironment ] [zS7Mojd] heap size [1.9gb], compressed ordinary object pointers [true]
[2016-11-08T08:17:19,382][INFO ][o.e.n.Node ] [zS7Mojd] node name [zS7Mojd] derived from node ID; set [node.name] to override
[2016-11-08T08:17:19,386][INFO ][o.e.n.Node ] [zS7Mojd] version[5.0.0], pid[1376], build[253032b/2016-10-26T04:37:51.531Z], OS[Linux/3.10.0-327.13.1.el7.x86_64/amd64], JVM[Oracle Corporation/OpenJDK 64-Bit Server VM/1.8.0_111/25.111-b15]
[2016-11-08T08:17:20,892][ERROR][o.e.x.s.SSLService ] [zS7Mojd] unsupported ciphers [[TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA]] were requested but cannot be used in this JVM, however there are supported ciphers that will be used [[TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA]]. If you are trying to use ciphers with a key length greater than 128 bits on an Oracle JVM, you will need to install the unlimited strength JCE policy files.
[2016-11-08T08:17:20,988][INFO ][o.e.p.PluginsService ] [zS7Mojd] loaded module [aggs-matrix-stats]
[2016-11-08T08:17:20,988][INFO ][o.e.p.PluginsService ] [zS7Mojd] loaded module [ingest-common]
[2016-11-08T08:17:20,989][INFO ][o.e.p.PluginsService ] [zS7Mojd] loaded module [lang-expression]
[2016-11-08T08:17:20,996][INFO ][o.e.p.PluginsService ] [zS7Mojd] loaded module [lang-groovy]
[2016-11-08T08:17:20,996][INFO ][o.e.p.PluginsService ] [zS7Mojd] loaded module [lang-mustache]
[2016-11-08T08:17:20,997][INFO ][o.e.p.PluginsService ] [zS7Mojd] loaded module [lang-painless]
[2016-11-08T08:17:20,997][INFO ][o.e.p.PluginsService ] [zS7Mojd] loaded module [percolator]
[2016-11-08T08:17:20,997][INFO ][o.e.p.PluginsService ] [zS7Mojd] loaded module [reindex]
[2016-11-08T08:17:20,997][INFO ][o.e.p.PluginsService ] [zS7Mojd] loaded module [transport-netty3]
[2016-11-08T08:17:20,997][INFO ][o.e.p.PluginsService ] [zS7Mojd] loaded module [transport-netty4]
[2016-11-08T08:17:20,998][INFO ][o.e.p.PluginsService ] [zS7Mojd] loaded plugin [x-pack]
[2016-11-08T08:17:23,945][INFO ][o.e.n.Node ] [zS7Mojd] initialized
[2016-11-08T08:17:23,945][INFO ][o.e.n.Node ] [zS7Mojd] starting ...
[2016-11-08T08:17:24,213][WARN ][o.e.b.BootstrapCheck ] [zS7Mojd] max virtual memory areas vm.max_map_count [65530] likely too low, increase to at least [262144]
[2016-11-08T08:17:27,348][INFO ][o.e.c.s.ClusterService ] [zS7Mojd] new_master {zS7Mojd}{zS7MojdPQbmFTRocBUaHbw}{UGkcPjtARCaqHM2VZ61Eiw}{127.0.0.1}{127.0.0.1:9300}, reason: zen-disco-elected-as-master ([0] nodes joined)
[2016-11-08T08:17:27,395][INFO ][o.e.n.Node ] [zS7Mojd] started
[2016-11-08T08:17:27,630][INFO ][o.e.g.GatewayService ] [zS7Mojd] recovered [0] indices into cluster_state
[2016-11-08T08:17:34,147][INFO ][o.e.c.m.MetaDataCreateIndexService] [zS7Mojd] [.monitoring-data-2] creating index, cause [auto(bulk api)], templates [.monitoring-data-2], shards [1]/[1], mappings [node, kibana, cluster_info]
[elastic@dev-elastic elasticsearch-5.0.0]$ curl -XGET 'http://localhost:9200/_cat/health?v'
{"error":{"root_cause":[{"type":"security_exception","reason":"missing authentication token for REST request [/_cat/health?v]","header":{"WWW-Authenticate":"Basic realm="security" charset="UTF-8""}}],"type":"security_exception","reason":"missing authentication token for REST request [/_cat/health?v]","header":{"WWW-Authenticate":"Basic realm="security" charset="UTF-8""}},"status":401}
lifezq
All 4 comments
You secured your cluster with xpack.
That's why you are getting this message.
Please ask on discuss.elastic.co next time you have questions.
dadoonet
on 8 Nov 2016
Just after curl, add --user elastic:changeme
endlesslight0
on 3 Oct 2017
I'm facing the same issue here.
When I add --user elastic:changeme with my CUrl it's ok.
[root@filebeat01 log]# curl --silent -X GET -H "Content-Type: application/json" http://192.168.15.22:9200/_cluster/health --user elastic:changeme
{"cluster_name":"docker-cluster","status":"yellow","timed_out":false,"number_of_nodes":1,"number_of_data_nodes":1,"active_primary_shards":15,"active_shards":15,"relocating_shards":0,"initializing_shards":0,"unassigned_shards":3,"delayed_unassigned_shards":0,"number_of_pending_tasks":0,"number_of_in_flight_fetch":0,"task_max_waiting_in_queue_millis":0,"active_shards_percent_as_number":83.33333333333334}````
But when I put on my filebeat.ymlit didnt work:
output.elasticsearch:
hosts: ["192.168.15.22:9200"]
index: "logs_%{[host]}"
bulk_max_size: 1000
output.elasticsearch.username: "elastic"
output.elasticsearch.password: "changeme"
Apr 17 19:53:39 filebeat01 filebeat: 2020-04-17T19:53:39.184Z#011ERROR#011pipeline/output.go:100#011Failed to connect to backoff(elasticsearch(http://192.168.15.22:9200)): 401 Unauthorized: {"error":{"root_cause":[{"type":"security_exception","reason":"missing authentication credentials for REST request [/]","header":{"WWW-Authenticate":"Basic realm="security" charset="UTF-8""}}],"type":"security_exception","reason":"missing authentication credentials for REST request [/]","header":{"WWW-Authenticate":"Basic realm="security" charset="UTF-8""}},"status":401}
```
tbernacchi
on 17 Apr 2020
@tbernacchi , your configuration should be like the following:
output.elasticsearch:
hosts: ["192.168.15.22:9200"]
index: "logs_%{[host]}"
bulk_max_size: 1000
username: "elastic"
password: "changeme"
dkutetsky
on 6 Nov 2020
Related issues
rpalsaxena
路
3Comments
matthughes
路
3Comments
dadoonet
路
3Comments
rbayliss
路
3Comments
DhairyashilBhosale
路
3Comments
Most helpful comment
Just after curl, add
--user elastic:changeme