0

I'm running Elasticsearch (floragunncom/sg-elasticsearch:7.1.1-oss-35.0.0) on the Kubernetes cluster.

To change the default password of internal user admin, I have updated the hash for the admin user in plugins/search-guard-7/sgconfig/sg_internal_users.yml file. And let the Elasticsearch bootstrapped with the updated file.

$ kubectl exec -it -n demo master-topology-es-1 bash
kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl kubectl exec [POD] -- [COMMAND] instead.

[root@master-topology-es-1 elasticsearch]# cat plugins/search-guard-7/sgconfig/sg_internal_users.yml 
_sg_meta:
  type: "internalusers"
  config_version: 2
admin:
  hash: $2a$12$BqN5ov9wf2Xw5T5UKFJARuV.Top7/oKYQHfpBhIRVvKKSyy7XWxYm <--- here
...
...

With a couple of WARN messages, the cluster initialized. And works perfectly with the updated password.

{"type": "server", "timestamp": "2020-08-19T19:44:53,727+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "data-topology-es-1", "cluster.uuid": "P7zRvRjUSnuMGMn9bYzqBg", "node.id": "4SigRNAnSc-A8EuAOnhvAQ",  "message": "No data for internalusers while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=null)"  }
{"type": "server", "timestamp": "2020-08-19T19:44:53,728+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "data-topology-es-1", "cluster.uuid": "P7zRvRjUSnuMGMn9bYzqBg", "node.id": "4SigRNAnSc-A8EuAOnhvAQ",  "message": "No data for actiongroups while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=null)"  }
{"type": "server", "timestamp": "2020-08-19T19:44:53,731+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "data-topology-es-1", "cluster.uuid": "P7zRvRjUSnuMGMn9bYzqBg", "node.id": "4SigRNAnSc-A8EuAOnhvAQ",  "message": "No data for config while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=null)"  }
{"type": "server", "timestamp": "2020-08-19T19:44:53,731+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "data-topology-es-1", "cluster.uuid": "P7zRvRjUSnuMGMn9bYzqBg", "node.id": "4SigRNAnSc-A8EuAOnhvAQ",  "message": "No data for roles while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=null)"  }
{"type": "server", "timestamp": "2020-08-19T19:44:53,733+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "data-topology-es-1", "cluster.uuid": "P7zRvRjUSnuMGMn9bYzqBg", "node.id": "4SigRNAnSc-A8EuAOnhvAQ",  "message": "No data for rolesmapping while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=null)"  }
{"type": "server", "timestamp": "2020-08-19T19:44:53,736+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "data-topology-es-1", "cluster.uuid": "P7zRvRjUSnuMGMn9bYzqBg", "node.id": "4SigRNAnSc-A8EuAOnhvAQ",  "message": "No data for tenants while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=null)"  }
{"type": "server", "timestamp": "2020-08-19T19:45:02,349+0000", "level": "INFO", "component": "c.f.s.c.ConfigurationRepository", "cluster.name": "topology-es", "node.name": "data-topology-es-1", "cluster.uuid": "P7zRvRjUSnuMGMn9bYzqBg", "node.id": "4SigRNAnSc-A8EuAOnhvAQ",  "message": "Search Guard License Info: No license needed because enterprise modules are not enabled"  }
{"type": "server", "timestamp": "2020-08-19T19:45:02,349+0000", "level": "INFO", "component": "c.f.s.c.ConfigurationRepository", "cluster.name": "topology-es", "node.name": "data-topology-es-1", "cluster.uuid": "P7zRvRjUSnuMGMn9bYzqBg", "node.id": "4SigRNAnSc-A8EuAOnhvAQ",  "message": "Node 'data-topology-es-1' initialized"  }

But when I try the same but a custom user in plugins/search-guard-7/sgconfig/sg_internal_users.yml along with other internal users.

_sg_meta:
  type: "internalusers"
  config_version: 2
admin:
...
kibanaro:
...
logstash:
...
readall:
...
snapshotrestore:
...

readall_monitor: <---- here
  hash: $2a$12$jZ4VqN397eilnlofOJOIbOR/yvU4ooEzMlVHWJjhsPUwf8K1AcmTO
  search_guard_roles:
  - SGS_READALL_AND_MONITOR

This time, the WARM messages never end. It keeps repeating the same logs.

{"type": "server", "timestamp": "2020-08-19T19:10:18,303+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for internalusers while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }
{"type": "server", "timestamp": "2020-08-19T19:10:18,304+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for actiongroups while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }
{"type": "server", "timestamp": "2020-08-19T19:10:18,309+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for tenants while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }
{"type": "server", "timestamp": "2020-08-19T19:10:26,301+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for internalusers while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }
{"type": "server", "timestamp": "2020-08-19T19:10:26,302+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for actiongroups while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }
{"type": "server", "timestamp": "2020-08-19T19:10:26,318+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for tenants while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }
{"type": "server", "timestamp": "2020-08-19T19:10:34,303+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for internalusers while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }
{"type": "server", "timestamp": "2020-08-19T19:10:34,304+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for actiongroups while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }
{"type": "server", "timestamp": "2020-08-19T19:10:34,312+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for tenants while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }
{"type": "server", "timestamp": "2020-08-19T19:10:42,305+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for internalusers while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }
{"type": "server", "timestamp": "2020-08-19T19:10:42,306+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for actiongroups while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }
{"type": "server", "timestamp": "2020-08-19T19:10:42,312+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for tenants while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }
{"type": "server", "timestamp": "2020-08-19T19:10:50,308+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for internalusers while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }
{"type": "server", "timestamp": "2020-08-19T19:10:50,309+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for actiongroups while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }
{"type": "server", "timestamp": "2020-08-19T19:10:50,316+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for tenants while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }
{"type": "server", "timestamp": "2020-08-19T19:10:58,309+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for internalusers while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }
{"type": "server", "timestamp": "2020-08-19T19:10:58,309+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for actiongroups while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }
{"type": "server", "timestamp": "2020-08-19T19:10:58,314+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for tenants while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }
{"type": "server", "timestamp": "2020-08-19T19:11:06,311+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for internalusers while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }
{"type": "server", "timestamp": "2020-08-19T19:11:06,312+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for actiongroups while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }
{"type": "server", "timestamp": "2020-08-19T19:11:06,316+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for tenants while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }
{"type": "server", "timestamp": "2020-08-19T19:11:14,311+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for internalusers while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }
{"type": "server", "timestamp": "2020-08-19T19:11:14,312+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for actiongroups while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }
{"type": "server", "timestamp": "2020-08-19T19:11:14,321+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for tenants while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }
{"type": "server", "timestamp": "2020-08-19T19:11:22,313+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for internalusers while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }
{"type": "server", "timestamp": "2020-08-19T19:11:22,313+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for actiongroups while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }
{"type": "server", "timestamp": "2020-08-19T19:11:22,317+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for tenants while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }

So, the cluster remains uninitialized.

$ curl -XGET "https://localhost:9200/_cluster/health?pretty" -u "admin:x3xqurkg" --insecure
Search Guard not initialized (SG11). See https://docs.search-guard.com/latest/sgadmin
  • How to handle those WARN logs?
  • Any idea what am I missing or how to debug such problems?
  • Why the index type varies in the logs from index=searchguard and type=null to index=searchguard and type=_doc?
Kamol Hasan
  • 12,218
  • 1
  • 37
  • 46

1 Answers1

2

This is maybe not a complete solution to your problem, but maybe helps. How do you actually initialize Search Guard on K8s? Means, initialize Search Guard with users, roles etc.?

Search Guard does not just automatically pick up the contents of the configuration files and apply them. Since Elasticsearch is distributed in nature, this would not make sense: You would need to keep all config files in sync on all nodes.

Instead, the configuration is stored in a protected configuration index which makes the same configuration available to all nodes. The way to populate this index is to use the sgadmin command-line tool:

https://docs.search-guard.com/latest/sgadmin

There is also one option you could use to auto-initialize the configuration index with the contents of the files located in:

plugins/search-guard-7/sgconfig/

For that you need to add the following option to elasticsearch.yml:

searchguard.allow_default_init_sgindex: true

This basically says: "If the configuration index does not exist, take the config files from the search-guard-7/sgconfig/ folder and automatically apply them".

Judging from the logs and the "Search Guard not initialized (SG11)" message it seems no Search Guard configuration index exists. Which in turn means you neither used sgadmin or the "allow_default_init_sgindex" option to create it.

Update: Can you please check the Elastisearch logs on startup? You should see a sequence like;

[INFO ][c.f.s.c.ConfigurationRepository] [...] Check if searchguard index exists ...
[INFO ][c.f.s.c.ConfigurationRepository] [...] searchguard index does not exist yet, so we create a default config
...
[...][INFO ][c.f.s.c.ConfigurationRepository] [...] Index searchguard created?: true
[...][INFO ][c.f.s.s.ConfigHelper     ] [...] Will update 'CONFIG' with /Users/.../Development/elasticsearch-7.8.0-demo/plugins/search-guard-7/sgconfig/sg_config.yml
[...][INFO ][o.e.c.m.MetadataMappingService] [...] [searchguard/bMIQYOOOTwepRuWDcxpBbg] create_mapping [_doc]
[...][INFO ][c.f.s.s.ConfigHelper     ] [...] Will update 'ROLES' with /Users/.../Development/elasticsearch-7.8.0-demo/plugins/search-guard-7/sgconfig/sg_roles.yml
[...][INFO ][o.e.c.m.MetadataMappingService] [...] [searchguard/bMIQYOOOTwepRuWDcxpBbg] update_mapping [_doc]
[...][INFO ][c.f.s.s.ConfigHelper     ] [...] Will update 'ROLESMAPPING' with /Users/.../Development/elasticsearch-7.8.0-demo/plugins/search-guard-7/sgconfig/sg_roles_mapping.yml
...
[...][INFO ][c.f.s.c.ConfigurationRepository] [...] Default config applied

If there is something wrong with the configuration files some exceptions should surface during this phase. Do you see any exceptions?

(Disclaimer: I work for Search Guard)

Jochen Kressin
  • 386
  • 1
  • 5
  • Thanks, man! You are the CTO :D I did use `searchguard.allow_default_init_sgindex: true` in `elasticsearch.yml`. Otherwise it won't work with the custom pass/hash for `admin` user, will it? But the problem arise when I add a custom internal user in `sg_internal_users.yml` file. – Kamol Hasan Aug 20 '20 at 04:52
  • I'm not using the enterprise version of searchguard. Could it be a reason? – Kamol Hasan Aug 20 '20 at 04:54
  • No, this should work perfectly well with the Community Edition. – Jochen Kressin Aug 20 '20 at 08:57
  • I moved this question to, https://forum.search-guard.com/t/how-to-create-user-with-built-in-roles/1935 – Kamol Hasan Aug 20 '20 at 14:54