Kibana config version conflict

Hi,

we ten to get this error for some of our users:

{“message”:“[doc][config:6.6.2]: version conflict, document already exists (current version [2]): [version_conflict_engine_exception] [doc][config:6.6.2]: version conflict, document already exists (current version [2]), with { index_uuid="YQh-2FzIT7awKqFxpptDrg" & shard="0" & index=".kibana_709142132_XXXX" }”,“statusCode”:409,“error”:“Conflict”}

they get this straight after clicking on Kibana URL. In Kibana logs I don’t see anything special:
Aug 22 15:37:14 ip-10-114-226-138 kibana: {“type”:“response”,“@timestamp”:“2019-08-22T15:37:14Z”,“tags”:,“pid”:4229,“method”:“get”,“statusCode”:409,“req”:{“url”:“/app/kibana”,“method”:“get”,“headers”:{“x-forwarded-for”:“78.60.211.243”,“x-forwarded-proto”:“https”,“x-forwarded-port”:“443”,“host”:“www.URL.of.elastic”,“x-amzn-trace-id”:“Root=XXXXX”,“upgrade-insecure-requests”:“1”,“user-agent”:“Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.100 Safari/537.36”,“sec-fetch-mode”:“navigate”,“sec-fetch-user”:“?1”,“accept”:“text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3”,“sec-fetch-site”:“none”,“accept-encoding”:“gzip, deflate, br”,“accept-language”:“en-US,en;q=0.9,lt-LT;q=0.8,lt;q=0.7”,“securitytenant”:“user”},“remoteAddress”:“10.114.224.73”,“userAgent”:“10.114.224.73”},“res”:{“statusCode”:409,“responseTime”:92,“contentLength”:9},“message”:“GET /app/kibana 409 92ms - 9.0B”}

There are no missing privileges under securityauditlog.

I’ve tried to drop the entire .kibana* indices for all users. But it didn’t help. What can be the issue to this and how to solve this? We updated kibana to 6.8.1 but this only changed the error a bit.

{“type”:“log”,“@timestamp”:“2019-08-22T17:04:48Z”,“tags”:[“elasticsearch”,“query”,“debug”,“admin”],“pid”:5430,“message”:“404\nGET /.kibana/doc/config%3A6.8.1\n”}

{“type”:“log”,“@timestamp”:“2019-08-22T17:04:48Z”,“tags”:[“elasticsearch”,“query”,“debug”,“admin”],“pid”:5430,“message”:“200\nPOST /.kibana/_search?size=1000&from=0&rest_total_hits_as_int=true\n{"seq_no_primary_term":true,"query":{"bool":{"filter":[{"bool":{"should":[{"bool":{"must":[{"term":{"type":"config"}}],"must_not":[{"exists":{"field":"namespace"}}]}}],"minimum_should_match":1}}]}},"sort":[{"config.buildNum":{"order":"desc","unmapped_type":"keyword"}}]}”}

{“type”:“log”,“@timestamp”:“2019-08-22T17:04:48Z”,“tags”:[“elasticsearch”,“query”,“debug”,“admin”],“pid”:5430,“message”:“200\nPUT /_template/kibana_index_template%3A.kibana?include_type_name=true\n{"index_patterns":[".kibana"],"settings":{"number_of_shards":1,"auto_expand_replicas":"0-1"},"mappings":{"doc":{"dynamic":"strict","properties":{"config":{"dynamic":"true","properties":{"buildNum":{"type":"keyword"}}},"migrationVersion":{"dynamic":"true","type":"object"},"type":{"type":"keyword"},"namespace":{"type":"keyword"},"updated_at":{"type":"date"},"index-pattern":{"properties":{"fieldFormatMap":{"type":"text"},"fields":{"type":"text"},"intervalName":{"type":"keyword"},"notExpandable":{"type":"boolean"},"sourceFilters":{"type":"text"},"timeFieldName":{"type":"keyword"},"title":{"type":"text"},"type":{"type":"keyword"},"typeMeta":{"type":"keyword"}}},"visualization":{"properties":{"description":{"type":"text"},"kibanaSavedObjectMeta":{"properties":{"searchSourceJSON":{"type":"text"}}},"savedSearchId":{"type":"keyword"},"title":{"type":"text"},"uiStateJSON":{"type":"text"},"version":{"type":"integer"},"visState":{"type":"text"}}},"search":{"properties":{"columns":{"type":"keyword"},"description":{"type":"text"},"hits":{"type":"integer"},"kibanaSavedObjectMeta":{"properties":{"searchSourceJSON":{"type":"text"}}},"sort":{"type":"keyword"},"title":{"type":"text"},"version":{"type":"integer"}}},"dashboard":{"properties":{"description":{"type":"text"},"hits":{"type":"integer"},"kibanaSavedObjectMeta":{"properties":{"searchSourceJSON":{"type":"text"}}},"optionsJSON":{"type":"text"},"panelsJSON":{"type":"text"},"refreshInterval":{"properties":{"display":{"type":"keyword"},"pause":{"type":"boolean"},"section":{"type":"integer"},"value":{"type":"integer"}}},"timeFrom":{"type":"keyword"},"timeRestore":{"type":"boolean"},"timeTo":{"type":"keyword"},"title":{"type":"text"},"uiStateJSON":{"type":"text"},"version":{"type":"integer"}}},"url":{"properties":{"accessCount":{"type":"long"},"accessDate":{"type":"date"},"createDate":{"type":"date"},"url":{"type":"text","fields":{"keyword":{"type":"keyword","ignore_above":2048}}}}},"server":{"properties":{"uuid":{"type":"keyword"}}},"kql-telemetry":{"properties":{"optInCount":{"type":"long"},"optOutCount":{"type":"long"}}},"timelion-sheet":{"properties":{"description":{"type":"text"},"hits":{"type":"integer"},"kibanaSavedObjectMeta":{"properties":{"searchSourceJSON":{"type":"text"}}},"timelion_chart_height":{"type":"integer"},"timelion_columns":{"type":"integer"},"timelion_interval":{"type":"keyword"},"timelion_other_interval":{"type":"keyword"},"timelion_rows":{"type":"integer"},"timelion_sheet":{"type":"text"},"title":{"type":"text"},"version":{"type":"integer"}}}}}}}”}

{“type”:“log”,“@timestamp”:“2019-08-22T17:04:48Z”,“tags”:[“elasticsearch”,“query”,“debug”,“admin”],“pid”:5430,“message”:“409\nPOST /.kibana/doc/config%3A6.8.1/_create?refresh=wait_for\n{"config":{"buildNum":20385},"type":"config","updated_at":"2019-08-22T17:04:48.394Z"}”}

@airot are you still running into these errors? What version of Open Distro are you working with? Please provide more details.

Hi,

the problem was that single user got many roles attached. And some of those roles didn’t have
access to .kibana* indexes. We limited user roles and it started to work again.

Best Regards,

Mike

Great to hear that you got roles to work again @airot