Hide Forgot
Created attachment 1212017 [details] es_log
This is a non-issue. This comes from the fact that Searchguard prints out ACL violations as stack traces. The most common case for seeing this is if you connect to Kibana and view the 'settings' tab. Initially Kibana tries to fetch the index mapping data for the 'logstash-*' index pattern which is not allowed via a user's ACL unless they happen to have access to a project that matches that pattern. The stacktrace is only printed once when the ACL prevents a user from doing the performed action, in this case it is 'indices:data/read/msearch'. There is no disruption to processing within Elasticsearch when this occurs. This should be resolved with the 3.4 images which utilize a newer version of Searchguard.
(In reply to ewolinet from comment #2) > This is a non-issue. > > This comes from the fact that Searchguard prints out ACL violations as stack > traces. The most common case for seeing this is if you connect to Kibana and > view the 'settings' tab. Initially Kibana tries to fetch the index mapping > data for the 'logstash-*' index pattern which is not allowed via a user's > ACL unless they happen to have access to a project that matches that pattern. > > The stacktrace is only printed once when the ACL prevents a user from doing > the performed action, in this case it is 'indices:data/read/msearch'. There > is no disruption to processing within Elasticsearch when this occurs. > > This should be resolved with the 3.4 images which utilize a newer version of > Searchguard. Hi Eric, Yes, this exception was not observed any more with 3.4.0 level of logging. Thanks for the detailed explanation, Xia