sentinl: Using 6.4.2 Sentinl results in 'Watchers: list watchers : list watcher : Authentication Exception'
System Details
Versions
Type | Version |
---|---|
Kibana | 6.4.2 |
Elasticsearc | 6.4.2 |
Server OS | Docker on Redhat 7.5 |
Browser | Firefox |
Original Install Method
- Release pkg link
- Gulp
- Source
- Other: kibana plugin install https://github.com/sirensolutions/sentinl/releases/download/tag-6.4.2-0/sentinl-v6.4.2.zip
Bug Details
Bug Description
Steps to Reproduce
- Access the Sentinl app fails with the following errors:
Watchers: list watchers : list watcher : Authentication Exception
More Info shows:
SentinlError@https://wa-knsg-elkdev1.acme.local:5601/bundles/sentinl.bundle.js:50:241102
_callee4$@https://wa-knsg-elkdev1.acme.local:5601/bundles/sentinl.bundle.js:50:262600
tryCatch@https://wa-knsg-elkdev1.acme.local:5601/bundles/vendors.bundle.js:43:57426
invoke@https://wa-knsg-elkdev1.acme.local:5601/bundles/vendors.bundle.js:43:61311
defineIteratorMethods/</prototype[method]@https://wa-knsg-elkdev1.acme.local:5601/bundles/vendors.bundle.js:43:58547
step@https://wa-knsg-elkdev1.acme.local:5601/bundles/sentinl.bundle.js:50:259118
step/<@https://wa-knsg-elkdev1.acme.local:5601/bundles/sentinl.bundle.js:50:259286
run@https://wa-knsg-elkdev1.acme.local:5601/bundles/vendors.bundle.js:43:25850
notify/<@https://wa-knsg-elkdev1.acme.local:5601/bundles/vendors.bundle.js:43:26090
flush@https://wa-knsg-elkdev1.acme.local:5601/bundles/vendors.bundle.js:173:132168
Expected Behavior
No errors
Kibana logs and/or server output (attached if relevant)
kibana-wazuh-kibana-5 | 2018-10-31T03:46:55.042466000Z {"type":"log","@timestamp":"2018-10-31T03:46:55Z","tags":["error","Sentinl","scheduler"],"pid":1,"message":"fail to schedule watchers: list watchers : find : Request Timeout after 30000ms"}
kibana-wazuh-kibana-5 | 2018-10-31T03:47:07.888242000Z {"type":"error","@timestamp":"2018-10-31T03:47:07Z","tags":["warning","stats-collection"],"pid":1,"level":"error","error":{"message":"Request Timeout after 30000ms","name":"Error","stack":"Error: Request Timeout after 30000ms\n at /usr/share/kibana/node_modules/elasticsearch/src/lib/transport.js:354:15\n at Timeout.<anonymous> (/usr/share/kibana/node_modules/elasticsearch/src/lib/transport.js:383:7)\n at ontimeout (timers.js:498:11)\n at tryOnTimeout (timers.js:323:5)\n at Timer.listOnTimeout (timers.js:290:5)"},"message":"Request Timeout after 30000ms"}
kibana-wazuh-kibana-5 | 2018-10-31T03:47:07.891640000Z {"type":"log","@timestamp":"2018-10-31T03:47:07Z","tags":["warning","stats-collection"],"pid":1,"message":"Unable to fetch data from kibana collector"}
No other errors logged in ElasticSearch
Any additional information
I am running SearchGuard 23.2. I have also applied the SearchGuard requirements as documented here: https://docs.search-guard.com/latest/search-guard-sentinl I’m not sure if this a security exception within SearchGuard as SearchGuard logs permission issues encountered and no such errors have been logged.
About this issue
- Original URL
- State: closed
- Created 6 years ago
- Reactions: 2
- Comments: 19 (6 by maintainers)
Just in case, I’m using the following rules with ReadonlyREST (not optimal, just a working example):
@sergibondarenko yep, the latest package is running fine (… wihout any specific ReadonlyREST configuration). Thanks!
The fixed package works for me, thanks
@lbesuchet the release was published 7 days ago but yesterday I replaced sentinl-v6.4.2.zip package
@camAtGitHub @lbesuchet There is a pkg with fix, please try it https://github.com/sirensolutions/sentinl/releases/download/tag-6.4.2-0/sentinl-v6.4.2.zip
An example of Search Guard and Sentinl configuration.
1. Configure Sentinl
Minimal required config in
kibana.yml
2. Configure Search Guard
Create a role in
sg_roles.yml
fileCreate hash from a clear text password
Create sentinl user, use the hash and map the role in file
sg_internal_users.yml
Apply changes while Elasticsearch is running
More
Read Search Guard docs for more details.