Uploaded image for project: 'OpenShift Logging'
  1. OpenShift Logging
  2. LOG-2754

ES logs show "no data for audit while retrieving configuration" with .security index

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Can't Do
    • Icon: Critical Critical
    • None
    • Logging 5.4.2
    • Log Storage
    • False
    • None
    • False
    • NEW
    • NEW
    • Log Storage - Sprint 222

      After upgrading ClusterLogging to 5.4.2, Kibana consistently shows "Application not available". The logs were showing:

      sslv3 alert bad certificate

      Regenerated the secrets, but Kibana continues to not load. Elasticsearch has errors related to .security index:

      2022-06-21T18:48:06.187869529Z [2022-06-21T18:48:06,187][INFO ][o.e.c.r.a.AllocationService] [elasticsearch-cdm-9adco1g4-2] Cluster health status changed from [YELLOW] to [GREEN] (reason: [shards started [[.security][0]] ...]).
2022-06-21T18:48:06.222218784Z [2022-06-21T18:48:06,222][INFO ][o.e.c.m.MetaDataMappingService] [elasticsearch-cdm-9adco1g4-2] [.security/6K9ixU00S-y8OzxeKNuQHQ] create_mapping [security]
2022-06-21T18:48:06.313960165Z [2022-06-21T18:48:06,313][INFO ][o.e.c.m.MetaDataMappingService] [elasticsearch-cdm-9adco1g4-2] [.security/6K9ixU00S-y8OzxeKNuQHQ] update_mapping [security]
2022-06-21T18:48:06.379022648Z [2022-06-21T18:48:06,378][INFO ][o.e.c.m.MetaDataMappingService] [elasticsearch-cdm-9adco1g4-2] [.security/6K9ixU00S-y8OzxeKNuQHQ] update_mapping [security]
2022-06-21T18:48:06.440692905Z [2022-06-21T18:48:06,440][INFO ][o.e.c.m.MetaDataMappingService] [elasticsearch-cdm-9adco1g4-2] [.security/6K9ixU00S-y8OzxeKNuQHQ] update_mapping [security]
2022-06-21T18:48:06.501945560Z [2022-06-21T18:48:06,501][INFO ][o.e.c.m.MetaDataMappingService] [elasticsearch-cdm-9adco1g4-2] [.security/6K9ixU00S-y8OzxeKNuQHQ] update_mapping [security]
2022-06-21T18:48:06.556805867Z [2022-06-21T18:48:06,556][INFO ][o.e.c.m.MetaDataMappingService] [elasticsearch-cdm-9adco1g4-2] [.security/6K9ixU00S-y8OzxeKNuQHQ] update_mapping [security]
2022-06-21T18:48:06.617530917Z [2022-06-21T18:48:06,617][WARN ][c.a.o.s.c.ConfigurationLoader] [elasticsearch-cdm-9adco1g4-2] No data for audit while retrieving configuration for [config, roles, rolesmapping, internalusers, actiongroups, nodesdn, audit]  (index=.security)

      Elasticsearch itself is green; low load, low ram.percent, all indices initialized. As well, the elasticsearch-im pods seem to work normally. We've tried recreating `.security` index using `es_seed_acl` which succeeds, but no change in behavior.

              rh-ee-mbouqsim Mohamed-Amine Bouqsimi (Inactive)
              rhn-support-stwalter Steven Walter
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: