dockerでelastiflowを構築するときにkibanaが動作しない

elastiflowをdockerで構築しようと思っています。下記の公式のドキュメントを参考にしました。
https://docs.elastiflow.com/docs/elasticsearch_xsmall

ブラウザでkibanaに入ろうとすると"Kibana server is not ready yet"と表示されました。kibanaのログを見てみると"Unable to retrieve version information from Elasticsearch nodes"と表示されます。通信自体ができないのかと思ってkibanaのコンテナにアタッチし、elasticsearchへpingしてみましたが応答が帰ってきたので普通に通信できてるようです。
elasticsearchのログは"Authentication of [kibana_system] was terminated by realm [reserved] - failed to authenticate user [kibana_system]"と表示されていました。そもそも"kibana_system"も"CHANGEME"も公式が示しているdocker-composeに書かれてあったものなので、デフォルト値であり、こちらが何もしなくてもこの値であれば特に変更しなくても認証されると思っていたのですが違うのでしょうか？それに関する言及が公式ドキュメント上に一切なく途方に暮れています。だれかELKに詳しい方教えていただけないでしょうか？

yml
1version: '3'
2services:
3  kibana:
4    image: docker.elastic.co/kibana/kibana:7.13.1
5    restart: unless-stopped
6    hostname: kibana
7    # network_mode: bridge
8    networks:
9      elastic:
10      proxy_network:
11    ports:
12      # HTTP/REST
13      - 5601:5601/tcp
14    environment:
15      TZ: Asia/Tokyo
16      VIRTUAL_HOST: hogehoge.com
17      VIRTUAL_PORT: 5601
18      
19      TELEMETRY_ENABLED: 'false'
20      NEWSFEED_ENABLED: 'false'
21
22      SERVER_NAME: 'kibana'
23      SERVER_HOST: '0.0.0.0'
24      SERVER_PORT: 5601
25      SERVER_MAXPAYLOADBYTES: 8388608
26
27      ELASTICSEARCH_HOSTS: 'http://elasticsearch:9200'
28      ELASTICSEARCH_USERNAME: 'kibana_system'
29      ELASTICSEARCH_PASSWORD: 'CHANGEME'
30      ELASTICSEARCH_REQUESTTIMEOUT: 132000
31      ELASTICSEARCH_SHARDTIMEOUT: 120000
32
33      ELASTICSEARCH_SSL_VERIFICATIONMODE: 'none' 
34
35      KIBANA_AUTOCOMPLETETIMEOUT: 3000
36      KIBANA_AUTOCOMPLETETERMINATEAFTER: 2500000
37
38      VIS_TYPE_VEGA_ENABLEEXTERNALURLS: 'true'
39
40      XPACK_MAPS_SHOWMAPVISUALIZATIONTYPES: 'true'
41      XPACK_ENCRYPTEDSAVEDOBJECTS_ENCRYPTIONKEY: 'ElastiFlow_0123456789_0123456789_0123456789'
42
43  elasticsearch:
44    image: docker.elastic.co/elasticsearch/elasticsearch:7.13.1
45    container_name: elasticsearch
46    restart: unless-stopped
47    hostname: elasticsearch
48    ulimits:
49      memlock:
50        soft: -1
51        hard: -1
52      nofile:
53        soft: 131072
54        hard: 131072
55      nproc: 8192
56      fsize: -1
57    networks:
58      elastic:
59    ports:
60      - 9200:9200/tcp
61    volumes:
62        - ./elasticsearch:/usr/share/elasticsearch/data
63        - ./certs:/usr/share/elasticsearch/config/certificates
64    environment:
65      ES_JAVA_OPTS: '-Xms2g -Xmx2g'
66      ELASTIC_PASSWORD: 'CHANGEME'
67      cluster.name: elastiflow
68      node.name: elasticsearch
69
70      bootstrap.memory_lock: 'true'
71
72      network.host: 0.0.0.0
73      http.port: 9200
74
75      discovery.type: 'single-node'
76
77      indices.query.bool.max_clause_count: 8192
78      search.max_buckets: 250000
79
80      action.destructive_requires_name: 'true'
81
82      reindex.remote.whitelist: '*:*'
83      reindex.ssl.verification_mode: 'none'
84
85      xpack.security.http.ssl.enabled: 'false'
86
87      xpack.monitoring.collection.enabled: 'true'
88      xpack.monitoring.collection.interval: 30s
89
90      xpack.security.enabled: 'true'
91      xpack.security.audit.enabled: 'false'
92  # ElastiFlow Unified Flow Collector
93  flow-collector:
94    image: elastiflow/flow-collector:5.3.5
95    container_name: flow-collector
96    restart: 'unless-stopped'
97    network_mode: 'host'
98    volumes:
99      - /etc/elastiflow:/etc/elastiflow
100    environment:
101
102      EF_FLOW_SERVER_UDP_IP: '0.0.0.0'
103      EF_FLOW_SERVER_UDP_PORT: 9995
104        
105      EF_FLOW_DECODER_ENRICH_IPADDR_METADATA_ENABLE: 'false'
106
107      EF_FLOW_DECODER_ENRICH_DNS_ENABLE: 'true'
108      EF_FLOW_DECODER_ENRICH_DNS_NAMESERVER_IP: '1.1.1.1'
109      EF_FLOW_DECODER_ENRICH_DNS_NAMESERVER_TIMEOUT: 3000
110
111      EF_FLOW_DECODER_ENRICH_MAXMIND_ASN_ENABLE: 'false'
112
113      EF_FLOW_DECODER_ENRICH_MAXMIND_GEOIP_ENABLE: 'false'
114
115      EF_FLOW_DECODER_ENRICH_RISKIQ_ASN_ENABLE: 'false'
116      EF_FLOW_DECODER_ENRICH_RISKIQ_THREAT_ENABLE: 'false
117
118      # Elasticsearch
119      EF_FLOW_OUTPUT_ELASTICSEARCH_ENABLE: 'true'
120      EF_FLOW_OUTPUT_ELASTICSEARCH_ECS_ENABLE: 'false'
121
122      EF_FLOW_OUTPUT_ELASTICSEARCH_INDEX_TEMPLATE_SHARDS: 1
123      EF_FLOW_OUTPUT_ELASTICSEARCH_INDEX_TEMPLATE_REPLICAS: 0
124
125      # A comma separated list of Elasticsearch nodes to use. DO NOT include "http://" or "https://"
126      EF_FLOW_OUTPUT_ELASTICSEARCH_ADDRESSES: '127.0.0.1:9200'
127      EF_FLOW_OUTPUT_ELASTICSEARCH_USERNAME: 'kibana_system'
128      EF_FLOW_OUTPUT_ELASTICSEARCH_PASSWORD: 'CHANGEME'
129
130      EF_FLOW_OUTPUT_ELASTICSEARCH_TLS_ENABLE: 'false'
131      EF_FLOW_OUTPUT_ELASTICSEARCH_TLS_SKIP_VERIFICATION: 'false'
132      EF_FLOW_OUTPUT_ELASTICSEARCH_TLS_CA_CERT_FILEPATH: ''
133
134
135      # Splunk
136      EF_FLOW_OUTPUT_SPLUNK_HEC_ENABLE: 'false'
137      EF_FLOW_OUTPUT_SPLUNK_HEC_ADDRESSES: '127.0.0.1:8088'
138      EF_FLOW_OUTPUT_SPLUNK_HEC_TOKEN: ''
139
140      # Logz.io
141      EF_FLOW_OUTPUT_LOGZIO_ENABLE: 'false'
142      EF_FLOW_OUTPUT_LOGZIO_ADDRESSES: 'listener.logz.io:8070'
143      EF_FLOW_OUTPUT_LOGZIO_TOKEN: ''
144
145      # Kafka
146      EF_FLOW_OUTPUT_KAFKA_ENABLE: 'false'
147      EF_FLOW_OUTPUT_KAFKA_BROKERS: ''
148      #EF_FLOW_OUTPUT_KAFKA_VERSION: '1.0.0'
149      #EF_FLOW_OUTPUT_KAFKA_TOPIC: 'elastiflow-flow-codex'
150      #EF_FLOW_OUTPUT_KAFKA_PARTITION_KEY: 'flow.export.ip.addr'
151      #EF_FLOW_OUTPUT_KAFKA_CLIENT_ID: 'elastiflow-flowcoll'
152      #EF_FLOW_OUTPUT_KAFKA_RACK_ID: ''
153      #EF_FLOW_OUTPUT_KAFKA_TIMEOUT: 30
154
155      EF_FLOW_OUTPUT_KAFKA_SASL_ENABLE: 'false'
156
157      # Cribl
158      EF_FLOW_OUTPUT_CRIBL_ENABLE: 'false'
159      EF_FLOW_OUTPUT_CRIBL_ADDRESSES: '127.0.0.1:10080'
160      EF_FLOW_OUTPUT_CRIBL_TOKEN: ''
161      
162      # RiskIQ
163      EF_FLOW_OUTPUT_RISKIQ_ENABLE: 'false'
164
165
166networks:
167  elastic:
168    driver: bridge
169    driver_opts:
170      com.docker.network.bridge.enable_icc: "true"
171  proxy_network:
172    external: true