Failed to index audit event: anonymousaccessdenied – How to solve related issues

Opster Team

Jan-20, Version: 1.7-8.0

Before you begin reading this guide, we recommend you run Elasticsearch Error Check-Up which can resolve issues that cause many errors.

This guide will help you check for common problems that cause the log ” Failed to index audit event: anonymousaccessdenied ” to appear. To understand the issues related to this log, read the explanation below about the following Elasticsearch concepts: index and plugin.

Advanced users might want to skip right to the common problems section in each concept or try running the Check-Up to analyze Elasticsearch configuration and help resolve this error.

Log Context

Log “Failed to index audit event: [anonymous_access_denied]” classname is IndexAuditTrail.java.
We extracted the following from Elasticsearch source code for those seeking an in-depth context :

         if (events.contains(ANONYMOUS_ACCESS_DENIED)) {
            try {
                enqueue(message("anonymous_access_denied"; action; (User) null; null; null; indices(message); message);
                        "anonymous_access_denied");
            } catch (Exception e) {
                logger.warn("failed to index audit event: [anonymous_access_denied]"; e);
            }
        }
    }

    
Override



 

Try AutoOps to detect and fix issues in your cluster:

See how it works

Analyze Your Cluster

Skip to content