-
Notifications
You must be signed in to change notification settings - Fork 24.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Spectacularly Annoying: Warning: 299 Elasticsearch-7.15.0-79d65f6e357953a5b3cbcc5e2c7c21073d89aa29 #78500
Comments
It's unclear what warning you are talking about: every deprecation warning emitted by Elasticsearch v7.15.0 starts with |
Pinging @elastic/es-security (Team:Security) |
IMO there's some kind of a docs bug here, this new warning is pretty chatty but doesn't get a mention in the release notes and I don't see anything obvious which suggests that setting |
Pinging @elastic/es-docs (Team:Docs) |
The same message also appears at the top of every response in Console. There's no way to dismiss this message unless you explicitly enable security. It's a very good thing to enable security, but not having the ability to dismiss the toast notifications or suppress the warning in responses is not ideal and creates a frustrating UX. cc: @thomheymann and @bytebilly |
This message was added to Elasticsearch in 7.13 through the changes in #70114. Oddly, the notification issues don't seem to occur in Kibana until 7.15. |
Thanks for raising this issue. The warning is intentional, the annoying UX clearly is not, and may be due to a mix of changes. You can disable all security warnings by setting We are discussing possible ways to improve the experience, even if the problem will not be there in 8.x where security will be enabled by default for all tiers. |
I've got ...this is when I'm trying to view the |
Hi @drenze-athene, thanks for reporting that. What you see is not a security-related warning, so it's not disabled by that setting. Where in Kibana are you getting this message? Is this flooding the UI, or is it just a single instance? Thanks. |
This is flooding the UI, every time I attempt to view something in Discover or Dashboard. If there's a way to suppress this for now, I'd be obliged... |
I'm not sure why accessing |
Yes.
Douglas J. Renze
INFRASTRUCTURE ENGINEER III
From: Fabio Busatto ***@***.***>
Date: Tuesday, November 16, 2021 at 4:15 AM
To: elastic/elasticsearch ***@***.***>
Cc: Douglas Renze ***@***.***>, Mention ***@***.***>
Subject: Re: [elastic/elasticsearch] Spectacularly Annoying: Warning: 299 Elasticsearch-7.15.0-79d65f6e357953a5b3cbcc5e2c7c21073d89aa29 (#78500)
ATTENTION: External Email - Be Suspicious of Attachments, Links and Requests for Login Information.
I'm not sure why accessing filebeat-* imply access to .tasks. They seem two unrelated events. Is that happening with other patterns too?
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub<https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Felastic%2Felasticsearch%2Fissues%2F78500%23issuecomment-970121650&data=04%7C01%7Cdrenze%40athene.com%7Cf61c10d93fe441d819aa08d9a8ea0758%7C70559d03915449e19e59be933c7f8440%7C0%7C0%7C637726545381023837%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=nZ6tWkSOCbs7GY7fQWDyOQEjUHTU3%2F2eqet026b4bfk%3D&reserved=0>, or unsubscribe<https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FATNKTFGS6GYDSCV7FSNHDKDUMIVMNANCNFSM5FBUD65A&data=04%7C01%7Cdrenze%40athene.com%7Cf61c10d93fe441d819aa08d9a8ea0758%7C70559d03915449e19e59be933c7f8440%7C0%7C0%7C637726545381033790%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=mGbT1kxMMPybWyRZs9UPDyRJ1NSHmEPj%2Fgja93LmrQ0%3D&reserved=0>.
Triage notifications on the go with GitHub Mobile for iOS<https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fapps.apple.com%2Fapp%2Fapple-store%2Fid1477376905%3Fct%3Dnotification-email%26mt%3D8%26pt%3D524675&data=04%7C01%7Cdrenze%40athene.com%7Cf61c10d93fe441d819aa08d9a8ea0758%7C70559d03915449e19e59be933c7f8440%7C0%7C0%7C637726545381043749%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=u%2ByJJ6hLSfLgQBahcCTFLw3%2FQqaHhZm3AFTSm3RJc1E%3D&reserved=0> or Android<https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fplay.google.com%2Fstore%2Fapps%2Fdetails%3Fid%3Dcom.github.android%26referrer%3Dutm_campaign%253Dnotification-email%2526utm_medium%253Demail%2526utm_source%253Dgithub&data=04%7C01%7Cdrenze%40athene.com%7Cf61c10d93fe441d819aa08d9a8ea0758%7C70559d03915449e19e59be933c7f8440%7C0%7C0%7C637726545381043749%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=HLHfyOkEMTd5sISc69gUnXklGiusHtfJp78HZQLU7ig%3D&reserved=0>.
Electronic communication sent through the internet is not secure and its delivery is not guaranteed. This e-mail communication and any attachments may contain confidential and privileged information for the use of the designated recipients named above. If you are not the intended recipient, you are hereby notified that you have received this communication in error and that any review, disclosure, dissemination, distribution or copying of it or its contents is prohibited. If you have received this communication in error, please notify me immediately by replying to this message and deleting it from your computer. All annuity products and services are offered through Athene Annuity & Life Assurance Company and Athene Annuity and Life Company, in all states except New York, and in New York through Athene Annuity & Life Assurance Company of New York and Athene Life Insurance Company of New York. All investment advisory services are rendered solely through Apollo Insurance Solutions Group LLC. None of the information contained herein should be construed as an offer or sale of any security, product, or service of Apollo Insurance Solutions Group LLC. Past performance is not indicative of future success.
|
Having recently run apt upgrade on an Ubuntu 20.04 box I see that I've now got Elasticsearch 7.15.0 and it comes with a spectacular misfeature - an endless cascade of Warning: 299 regarding network security settings when accessing Kibana.
"Warning: 299 Elasticsearch-7.15.0-79d65f6e357953a5b3cbcc5e2c7c21073d89aa29"
The URL, which can not simply be selected and accessed from the warning, is this:
https://www.elastic.co/guide/en/elasticsearch/reference/7.15/security-minimal-setup.html
I get that Elasticsearch is just trying to head off trouble for people who might install an unprotected system on an internet accessible machine. My system is very well protected by an outer layer access control and I have zero interest in having to jump through hoops like this. It's the middle of the night, and now I have to do this meaningless stuff, then reach out to a dozen users and explain to them that they're going to have to enter a username and password after they get through Cloudflare Access.
This really needs a configuration option like this:
xpack.security.stfu: immediately
The text was updated successfully, but these errors were encountered: