elastalert icon indicating copy to clipboard operation
elastalert copied to clipboard

Published 20 hours ago verified publisher icon bitsensor

Rule testing cause authentication error on Elasticsearch

Open Pyton opened this issue 5 years ago • 3 comments

When I hit test rule it causes authentication error:

13:36:41.618Z ERROR elastalert-server:
    TestController:  Failed to test rule with error: WARNING:elasticsearch:GET http://localhost:9200/ [status:401 request:0.003s]
    
    Error connecting to ElasticSearch:
    AuthenticationException(401, u'security_exception', {u'status': 401, u'error': {u'header': {u'WWW-Authenticate': u'Basic realm="security" charset="UTF-8"'}, u'root_cause': [{u'header': {u'WWW-Authenticate': u'Basic realm="security" charset="UTF-8"'}, u'reason': u'missing authentication credentials for REST request [/]', u'type': u'security_exception'}], u'type': u'security_exception', u'reason': u'missing authentication credentials for REST request [/]'}})
    
    WARNING:elasticsearch:GET http://localhost:9200/ [status:401 request:0.003s]
    
    WARNING:elastalert:Error connecting to Elasticsearch for rule SSH abuse (ElastAlert 3.0.1) - 2. The rule has been disabled.

es_username and es_password are set in elastalert.yaml and in config.yml

I even try put it in rule file but then it causes timeouts. Setting up indexes during start was ok.

I'm using ES 7.2 with Kibana plugin

Pyton avatar Aug 05 '19 13:08 Pyton

@Pyton i have same issue ...plz are you solved this issue???

meriem-ux avatar Oct 08 '19 11:10 meriem-ux

+1

vladeli avatar Apr 09 '20 18:04 vladeli

:( I am having similar issue as explained in https://github.com/bitsensor/elastalert/issues/135

thapakazi avatar Apr 19 '20 02:04 thapakazi