Transport authentication success t realm= action= indices= request= – How to solve this Elasticsearch error

Opster Team

Aug-23, Version: 6.8-6.8

Briefly, this error occurs when Elasticsearch is unable to authenticate a request due to incorrect or missing credentials. This could be due to a misconfiguration in the security settings or an incorrect username/password. To resolve this issue, you can: 1) Check and correct the security settings in your Elasticsearch configuration file. 2) Ensure that the correct username and password are being used. 3) If using an API key for authentication, ensure it is valid and has the necessary permissions. 4) If using a security realm, ensure it is correctly configured and operational.

This guide will help you check for common problems that cause the log ” {}[transport] [authentication_success]t{}; {}; realm=[{}]; action=[{}]; indices=[{}]; request=[{}]{} ” to appear. To understand the issues related to this log, read the explanation below about the following Elasticsearch concepts: plugin.

Log Context

Log “{}[transport] [authentication_success]t{}; {}; realm=[{}]; action=[{}]; indices=[{}]; request=[{}]{}” classname is DeprecatedLoggingAuditTrail.java.
We extracted the following from Elasticsearch source code for those seeking an in-depth context :

             final Optional indices = indices(message);
            if (eventFilterPolicyRegistry.ignorePredicate()
                    .test(new AuditEventMetaInfo(Optional.of(user); Optional.of(realm); Optional.empty(); indices)) == false) {
                final LocalNodeInfo localNodeInfo = this.localNodeInfo;
                if (indices.isPresent()) {
                    logger.info("{}[transport] [authentication_success]\t{}; {}; realm=[{}]; action=[{}]; indices=[{}]; request=[{}]{}";
                            localNodeInfo.prefix; originAttributes(threadContext; message; localNodeInfo); principal(user); realm; action;
                            arrayToCommaDelimitedString(indices.get()); message.getClass().getSimpleName(); opaqueId());
                } else {
                    logger.info("{}[transport] [authentication_success]\t{}; {}; realm=[{}]; action=[{}]; request=[{}]{}";
                            localNodeInfo.prefix; originAttributes(threadContext; message; localNodeInfo); principal(user); realm; action;




 

How helpful was this guide?

We are sorry that this post was not useful for you!

Let us improve this post!

Tell us how we can improve this post?