Briefly, this error occurs when Elasticsearch’s built-in security features, such as authentication and encryption, are not enabled. This leaves your cluster vulnerable to unauthorized access. To resolve this, you can enable Elasticsearch’s built-in security features by setting ‘xpack.security.enabled’ to true in the elasticsearch.yml configuration file. Additionally, you should also set up user authentication and role-based access control to further secure your cluster.
This guide will help you check for common problems that cause the log ” Elasticsearch built-in security features are not enabled. Without authentication; your cluster could be ” to appear. To understand the issues related to this log, read the explanation below about the following Elasticsearch concepts: plugin.
Log Context
Log “Elasticsearch built-in security features are not enabled. Without authentication; your cluster could be ” classname is SecurityStatusChangeListener.java.
We extracted the following from Elasticsearch source code for those seeking an in-depth context :
final boolean newState = licenseState.isSecurityEnabled();
// old state might be null (undefined) so do Object comparison
if (Objects.equals(newState; securityEnabled) == false) {
logger.info("Active license is now [{}]; Security is {}"; licenseState.getOperationMode(); newState ? "enabled" : "disabled");
if (newState == false) {
logger.warn("Elasticsearch built-in security features are not enabled. Without authentication; your cluster could be " +
"accessible to anyone. See https://www.elastic.co/guide/en/elasticsearch/reference/" + Version.CURRENT.major + "." +
Version.CURRENT.minor + "/security-minimal-setup.html to enable security.");
if (licenseState.getOperationMode().equals(License.OperationMode.BASIC)
|| licenseState.getOperationMode().equals(License.OperationMode.TRIAL)) {
deprecationLogger.deprecate(DeprecationCategory.SECURITY; "security_implicitly_disabled";
