ELK: 给Elasticsearch, Kibanan设置访问的账号和密码
实现elasticsearch和kibana的账号密码登录
·
目录
1)kibana并没有自己的账号和密码,它使用的就是elasticsearch的账号密码。
2)在windwos下尝试命令的方式修改elasticsearch的密码,失败的几种情况:
1、设置Elasticseach的密码:
修改Elasticsearch的配置文件:elasticsearch.yml,添加如下配置
#设置权限
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: trueCMD命令行窗口,进入Elasticsearch的bin目录下,执行设置用户名和密码的命令
elasticsearch-setup-passwords interactive这里会设置六个账号的密码:elastic,apm_system,kibana,logstash_system,beats_system,remote_monitoring_user.需要根据提示逐一设置密码。
D:\devsofts\elk7.6.2\elasticsearch-7.6.2-windows-x86_64\elasticsearch-7.6.2\bin>elasticsearch-setup-passwords interactive
future versions of Elasticsearch will require Java 11; your Java version from [C:\Program Files\Java\jdk1.8.0_291\jre] does not meet this requirement
Your cluster health is currently RED.
This means that some cluster data is unavailable and your cluster is not fully functional.
It is recommended that you resolve the issues with your cluster before running elasticsearch-setup-passwords.
It is very likely that the password changes will fail when run against an unhealthy cluster.
Do you want to continue with the password setup process [y/N]y
Initiating the setup of passwords for reserved users elastic,apm_system,kibana,logstash_system,beats_system,remote_monitoring_user.
You will be prompted to enter passwords as the process progresses.
Please confirm that you would like to continue [y/N]y
Enter password for [elastic]:
Reenter password for [elastic]:
Enter password for [apm_system]:
Reenter password for [apm_system]:
Enter password for [kibana]:
Reenter password for [kibana]:
Enter password for [logstash_system]:
Reenter password for [logstash_system]:
Enter password for [beats_system]:
Reenter password for [beats_system]:
Enter password for [remote_monitoring_user]:
Reenter password for [remote_monitoring_user]:
Changed password for user [apm_system]
Changed password for user [kibana]
Changed password for user [logstash_system]
Changed password for user [beats_system]
Changed password for user [remote_monitoring_user]
Changed password for user [elastic]如下图所示
测试是否有密码:
访问默认的地址和端口:http://localhost:9200/
输入账号:elastic,密码:123456,登录成功后,如下图:
可能会遇到的错误:
1) yml文件的编码问题:
D:\devsofts\elk7.6.2\elasticsearch-7.6.2-windows-x86_64\elasticsearch-7.6.2\bin>elasticsearch-setup-passwords interactive
future versions of Elasticsearch will require Java 11; your Java version from [C:\Program Files\Java\jdk1.8.0_291\jre] does not meet this requirement
Exception in thread "main" SettingsException[Failed to load settings from [elasticsearch.yml]]; nested: YAMLException[java.io.CharConversionException: Invalid UTF-8 middle byte 0xe8 (at char #2887, byte #2047)
at [Source: sun.nio.ch.ChannelInputStream@4738a206; line: 1, column: 1]]; nested: YAMLException[java.io.CharConversionException: Invalid UTF-8 middle byte 0xe8 (at char #2887, byte #2047)]; nested: CharConversionException[Invalid UTF-8 middle byte 0xe8 (at char #2887, byte #2047)];
at org.elasticsearch.common.settings.Settings$Builder.loadFromStream(Settings.java:1097)
at org.elasticsearch.common.settings.Settings$Builder.loadFromPath(Settings.java:1070)
at org.elasticsearch.node.InternalSettingsPreparer.prepareEnvironment(InternalSettingsPreparer.java:83)
at org.elasticsearch.cli.EnvironmentAwareCommand.createEnv(EnvironmentAwareCommand.java:100)
at org.elasticsearch.cli.EnvironmentAwareCommand.createEnv(EnvironmentAwareCommand.java:91)
at org.elasticsearch.cli.EnvironmentAwareCommand.execute(EnvironmentAwareCommand.java:86)
at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:125)
at org.elasticsearch.cli.MultiCommand.execute(MultiCommand.java:91)
at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:125)
at org.elasticsearch.cli.Command.main(Command.java:90)
at org.elasticsearch.xpack.security.authc.esnative.tool.SetupPasswordTool.main(SetupPasswordTool.java:107)
Caused by: com.fasterxml.jackson.dataformat.yaml.snakeyaml.error.YAMLException: java.io.CharConversionException: Invalid UTF-8 middle byte 0xe8 (at char #2887, byte #2047)
at [Source: sun.nio.ch.ChannelInputStream@4738a206; line: 1, column: 1]
at com.fasterxml.jackson.dataformat.yaml.snakeyaml.error.YAMLException.from(YAMLException.java:25)
at com.fasterxml.jackson.dataformat.yaml.YAMLParser.nextToken(YAMLParser.java:346)
at org.elasticsearch.common.xcontent.json.JsonXContentParser.nextToken(JsonXContentParser.java:52)
at org.elasticsearch.common.settings.Settings$Builder.loadFromStream(Settings.java:1089)
... 10 more
Caused by: org.yaml.snakeyaml.error.YAMLException: java.io.CharConversionException: Invalid UTF-8 middle byte 0xe8 (at char #2887, byte #2047)
at org.yaml.snakeyaml.reader.StreamReader.update(StreamReader.java:200)
at org.yaml.snakeyaml.reader.StreamReader.peek(StreamReader.java:146)
at org.yaml.snakeyaml.scanner.ScannerImpl.scanToNextToken(ScannerImpl.java:1199)
at org.yaml.snakeyaml.scanner.ScannerImpl.fetchMoreTokens(ScannerImpl.java:289)
at org.yaml.snakeyaml.scanner.ScannerImpl.checkToken(ScannerImpl.java:226)
at org.yaml.snakeyaml.parser.ParserImpl$ParseImplicitDocumentStart.produce(ParserImpl.java:194)
at org.yaml.snakeyaml.parser.ParserImpl.peekEvent(ParserImpl.java:157)
at org.yaml.snakeyaml.parser.ParserImpl.getEvent(ParserImpl.java:167)
at com.fasterxml.jackson.dataformat.yaml.YAMLParser.nextToken(YAMLParser.java:340)
... 12 more
Caused by: java.io.CharConversionException: Invalid UTF-8 middle byte 0xe8 (at char #2887, byte #2047)
at com.fasterxml.jackson.dataformat.yaml.UTF8Reader.reportInvalidOther(UTF8Reader.java:394)
at com.fasterxml.jackson.dataformat.yaml.UTF8Reader.read(UTF8Reader.java:253)
at com.fasterxml.jackson.dataformat.yaml.UTF8Reader.read(UTF8Reader.java:148)
at org.yaml.snakeyaml.reader.StreamReader.update(StreamReader.java:184)
... 20 more
如下图:
文件编码改为UTF-8
2) 多加了一个配置项目:(待确定)
如果按照有些博客写的,elasticsearch.yml文件,添加三个配置
xpack.security.enabled: true
xpack.license.self_generated.type: basic
xpack.security.transport.ssl.enabled: true会出现下列错误:
D:\devsofts\elk7.6.2\elasticsearch-7.6.2-windows-x86_64\elasticsearch-7.6.2\bin>elasticsearch-setup-passwords interactive
future versions of Elasticsearch will require Java 11; your Java version from [C:\Program Files\Java\jdk1.8.0_291\jre] does not meet this requirement
Unexpected response code [500] from calling GET http://127.0.0.1:9200/_security/_authenticate?pretty
It doesn't look like the X-Pack security feature is enabled on this Elasticsearch node.
Please check if you have enabled X-Pack security in your elasticsearch.yml configuration file.
ERROR: X-Pack Security is disabled by configuration.如下图:
3)没有启动Elasticsearch
D:\devsofts\elk7.6.2\elasticsearch-7.6.2-windows-x86_64\elasticsearch-7.6.2\bin>elasticsearch-setup-passwords interactive
future versions of Elasticsearch will require Java 11; your Java version from [C:\Program Files\Java\jdk1.8.0_291\jre] does not meet this requirement
Connection failure to: http://127.0.0.1:9200/_security/_authenticate?pretty failed: Connection refused: connect
ERROR: Failed to connect to elasticsearch at http://127.0.0.1:9200/_security/_authenticate?pretty. Is the URL correct and elasticsearch running?如下图:
2、设置Kibanan的账号和密码:
1)打开Kibana的conf目录下的kibana.yml,修改里面elasticsearch的用户名和密码配置,默认是注释掉的,如下图:
修改kibana的配置kibana.yml:(改为之前设置的Elasticsearch的账号和密码,去掉前面的#号)
# If your Elasticsearch is protected with basic authentication, these settings provide
# the username and password that the Kibana server uses to perform maintenance on the Kibana
# index at startup. Your Kibana users still need to authenticate with Elasticsearch, which
# is proxied through the Kibana server.
elasticsearch.username: "elastic"
elasticsearch.password: "123456"如下图:
2)测试Kibana的登录,如下图,输入设置的登录用户名(elastic)和密码(123456)即可登录成功。
3、修改Elasticsearch的密码:
网上修改密码的命令大多为如下,这事linux下的curl命令
curl -H "Content-Type:application/json" -XPOST -u elastic 'http://192.168.140:9200/_xpack/security/user/elastic/_password' -d '{ "password" : "123456" }'在windows的CMD命令行,修改Elasticsearch的密码,需要注意curl命令的一些写法:
在window中linux格式下的单引号要改成双引号,json格式数据中双引号要加\转义
应该如下:
curl -H "Content-Type:application/json" -XPOST -u elastic -d "{\"password\" : \"1234567\" }" http://127.0.0.1:9200/_xpack/security/user/elastic/_password如图:
4、补充说明:
1)kibana并没有自己的账号和密码,它使用的就是elasticsearch的账号密码。
所以,需要在kibana.yml配置。如果kibaba.yml没有设置正确的elasticsearch账号密码,
访问http://localhost:5601/时。是无法打开的状态。
查看elasticsearch.log,会发现错误日志:Authentication of [elastic] was terminated by realm [reserved] - failed to authenticate user [elastic]
2)在windwos下尝试命令的方式修改elasticsearch的密码,失败的几种情况:
curl命令中,参数的单引号和双引号混用,会引起如下错误:
D:\devsofts\elk7.6.2\elasticsearch-7.6.2-windows-x86_64\elasticsearch-7.6.2\bin>curl -H "Content-Type:application/json" -XPOST -u elastic -d '{ "password" : "1234567" }' 'http://127.0.0.1:9200/_xpack/security/user/elastic/_password'
Enter host password for user 'elastic':
curl: (6) Could not resolve host: password
curl: (3) URL using bad/illegal format or missing URL
curl: (7) Failed to connect to 0.18.214.135 port 80 after 0 ms: Network unreachable
curl: (3) unmatched close brace/bracket in URL position 1:
}'
curl命令中,json格式数据中双引号没有加\转义
D:\devsofts\elk7.6.2\elasticsearch-7.6.2-windows-x86_64\elasticsearch-7.6.2\bin>curl -H "Content-Type:application/json" -XPOST -u elastic -d "{"password" : "666666" }" "http://127.0.0.1:9200/_xpack/security/user/elastic/_password"
Enter host password for user 'elastic':
{"error":{"root_cause":[{"type":"json_parse_exception","reason":"Unexpected character ('p' (code 112)): was expecting double-quote to start field name\n at [Source: org.elasticsearch.transport.netty4.ByteBufStreamInput@5f92bad8; line: 1, column: 3]"}],"type":"json_parse_exception","reason":"Unexpected character ('p' (code 112)): was expecting double-quote to start field name\n at [Source: org.elasticsearch.transport.netty4.ByteBufStreamInput@5f92bad8; line: 1, column: 3]"},"status":400}
为开发者提供学习成长、分享交流、生态实践、资源工具等服务,帮助开发者快速成长。
更多推荐
2
0- 0
已为社区贡献3条内容
所有评论(0)