security talk & philosophizing

FF E4

ELK Migration Woes: PUT values without Kibana

I’ve been upgrading my home ELK stack from from 7.17.* to 8.7.*. In the process I got to a state where elasticsearch was running, filebeat was running, but Kibana was failing. Doing a systemctl status kibana reported something about :

cluster.routing.allocation.enable needing to be set to 'All'

Looking this up, got me to this ElasticSearch documentation explaining the simple solution (an update or PUT that needs to be performed).

According to the docs I needed to run a PUT:



PUT _cluster/settings
{
  "persistent" : {
    "cluster.routing.allocation.enable" : "all" 
  }
}

Running Updates Outside of Kibana

Since Kibana wasn’t running, I couldn’t run the developer console to execute the above command. If you check out the Elastic Search documentation though you’ll see a little tab or dropdown asking if you want to copy this as a CURL. Now you can rune the command via the command line like so:

curl -X PUT "localhost:9200/_cluster/settings?pretty" -H 'Content-Type: application/json' -d'
{
  "persistent" : {
    "cluster.routing.allocation.enable" : "all" 
  }
}
' --user "elastic:<password for elastic user>"

Me

,

FF
EF

a moment now is worth a thousand moments from the before, or next.

letting go is the hardest, but most rewarding aspect of everything

© 2025 FF E4 • Powered by