Hi,
I’ve upgraded my OpenDistro ES + Kibana setup from 1.1.0 to 1.4.0 and noticed that querying data in Kibana no longer works:
- https:// elastic-server /_opendistro/_security/authinfo - WORKS
- https:// kibana-server /app/security-accountinfo - WORKS, shows my username and roles
- https:// kibana-server /app/kibana#/discover - NOT WORKING
Digging into HTTP packets between Kibana and Elasticsearch shows:
Authentication Exception :: {"path":"/_msearch","query":{"rest_total_hits_as_int":"true","ignore_throttled":"true"},"body":"{\"index\":\"jira\",\"ignore_unavailable\":true,\"preference\":1581456941567}\n{\"timeout\":\"30000ms\",\"version\":true,\"size\":500,\"sort\":[{\"date\":{\"order\":\"desc\",\"unmapped_type\":\"boolean\"}}],\"_source\":{\"excludes\":[]},\"aggs\":{\"2\":{\"date_histogram\":{\"field\":\"date\",\"fixed_interval\":\"30m\",\"time_zone\":\"America/Chicago\",\"min_doc_count\":1}}},\"stored_fields\":[\"*\"],\"script_fields\":{},\"docvalue_fields\":[{\"field\":\"Created\",\"format\":\"date_time\"},{\"field\":\"Resolved\",\"format\":\"date_time\"},{\"field\":\"Updated\",\"format\":\"date_time\"},{\"field\":\"created date\",\"format\":\"date_time\"},{\"field\":\"date\",\"format\":\"date_time\"},{\"field\":\"resolution date\",\"format\":\"date_time\"},{\"field\":\"updated date\",\"format\":\"date_time\"}],\"query\":{\"bool\":{\"must\":[],\"filter\":[{\"match_all\":{}},{\"range\":{\"date\":{\"format\":\"strict_date_optional_time\",\"gte\":\"2020-02-10T21:37:37.460Z\",\"lte\":\"2020-02-11T21:37:37.460Z\"}}}],\"should\":[],\"must_not\":[]}},\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fields\":{\"*\":{}},\"fragment_size\":2147483647}}\n","statusCode":401,"response":"{\"error\":{\"header\":{\"WWW-Authenticate\":\"Negotiate\"}}}","wwwAuthenticateDirective":"Negotiate"}
at respond (/usr/s hare/kibana/node_modules/elasticsearch/src/lib/transport.js:349:15)
at checkRespForFailure (/usr/share/kibana/node_modules/elasticsearch/src/lib/transport.js:306:7)
at HttpConnector.<anonymous> (/usr/share/kibana/node_modules/elasticsearch/src/lib/connectors/http.js:173:7)
at IncomingMessage.wrapper (/usr/share/kibana/node_modules/elasticsearch/node_modules/lodash/lodash.js:4929:19)
at IncomingMessage.emit (events.js:194:15)
at endReadableNT (_stream_readable.js:1103:12)
at process._tickCallback (internal/process/next_tick.js:63:19)
so the important part here is:
"statusCode":401,"response":"{\"error\":{\"header\":{\"WWW-Authenticate\":\"Negotiate\"}}}","wwwAuthenticateDirective":"Negotiate"}
Is there any solution for this? Worked well previously!