Security must be explicitly enabled when using a – How to solve this Elasticsearch exception

Opster Team

August-23, Version: 6.8-7.15

Briefly, this error occurs when Elasticsearch is configured to use a feature that requires security, but security is not explicitly enabled. This could be due to a missing or incorrect configuration in the elasticsearch.yml file. To resolve this issue, you can enable security by setting ‘xpack.security.enabled’ to true in the elasticsearch.yml file. Also, ensure that the license supports security features. If not, you may need to upgrade your Elasticsearch license. Additionally, check if the Elasticsearch version supports security, as older versions may not have this feature.

This guide will help you check for common problems that cause the log ” Security must be explicitly enabled when using a [ ” to appear. To understand the issues related to this log, read the explanation below about the following Elasticsearch concepts: plugin, filter.

 
 

plugins

 
 

filter

Overview

When a query is executed, Elasticsearch by default calculates the relevance score of the matching documents. But in some conditions, it does not require scores to be calculated. For instance, if a document falls in the range of two given timestamps or if a document contains a given list of tags. For all these Yes/No criteria, also known as structured search, a filter clause is used.

When it is not desired or not necessary to compute scores, filters should be used instead of queries, as frequently used filters can be cached automatically by Elasticsearch to improve performance.

There are multiple ways to specify filters, such as when using the `filter` and `must_not` parameters of the `bool` query, the `filter` parameter of the `constant_score` query or the `filter` aggregation.

What it is used for

When a query is executed, Elasticsearch by default calculates the relevance score of the matching documents. But in some conditions it does not require scores to be calculated, for instance if a document falls in the range of two given timestamps. For all these Yes/No criteria, a filter clause is used.

Examples

To return all the documents of a given index that fall between a date range, we can use the `range` filter, as shown below:

GET my_index/_search
{
  "query": {
    "bool": {
      "filter": [
        {
          "range": {
            "created_at": {
              "gte": "2020-01-01",
              "lte": "2020-01-10"
            }
          }
        }
      ]
    }
  }
}

To retrieve all the documents that contain at least one tag from a given list, we can use the `terms` filter, as shown below:

GET my_index/_search
{
  "query": {
    "bool": {
      "filter": [
        {
          "terms": {
            "tags": ["tag1", "tag2", "tag3"]
          }
        }
      ]
    }
  }
}

To retrieve all the documents that contain a given field having a non-null value, we can use the `exists` filter, as shown below:

GET my_index/_search
{
  "query": {
    "bool": {
      "filter": [
        {
          "exists": {
            "field": "field_name"
          }
        }
      ]
    }
  }
}

There are many other filters that we can use in order to reduce the document set that needs to be scored, such as `fuzzy`, `prefix`, `wildcard`, `regexp`, `script`, and many more. 

It is also worth noting that filters can be combined since the `bool/filter` and `bool/must_not` parameters are arrays. In the example below, we retrieve all documents falling within a data range, containing a list of tags and not having a specific field:

GET my_index/_search
{
  "query": {
    "bool": {
      "filter": [
        {
          "range": {
            "created_at": {
              "gte": "2020-01-01",
              "lte": "2020-01-10"
            }
          }
        },
        {
          "terms": {
            "tags": ["tag1", "tag2", "tag3"]
          }
        }
      ],
      "must_not": [
        {
          "exists": {
            "field": "field_name"
          }
        }
      ]
    }
  }
}

Notes

  • Queries are used to find out how relevant a document is to a particular query by calculating a score for each document, whereas filters are used to match certain criteria and are cacheable to enable faster execution.
  • Filters do not contribute to scoring and thus are faster to execute.
  • There are major changes introduced in Elasticsearch version 2.x onward related to how query and filters are written and performed internally and each newer version comes with its load of new improvements.

Common problems

  • The most common problem with filters is incorrect use inside the query. If filters are not used correctly, query performance can be significantly affected. So filters must be used wherever there is scope of not calculating the score. 
  • Another problem often arises when using date range filters, if “now” is used to represent the current time. It has to be noted that “now” is continuously changing the timestamp and thus Elasticsearch cannot use caching of the response since the data set will keep changing.
 
 

Log Context

Log “Security must be explicitly enabled when using a [” class name is SecurityActionFilter.java. We extracted the following from Elasticsearch source code for those seeking an in-depth context :

 } catch (Exception e) {
 listener.onFailure(e);
 }
 } else if (SECURITY_ACTION_MATCHER.test(action)) {
 if (licenseState.isSecurityEnabled() == false) {
 listener.onFailure(new ElasticsearchException("Security must be explicitly enabled when using a [" +
 licenseState.getOperationMode().description() + "] license. " +
 "Enable security by setting [xpack.security.enabled] to [true] in the elasticsearch.yml file " +
 "and restart the node."));
 } else {
 listener.onFailure(LicenseUtils.newComplianceException(XPackField.SECURITY));

 

 [ratemypost]

Related Articles

Back to all articles