dockerでelastiflowを構築するときにkibanaが動作しない

elastiflowをdockerで構築しようと思っています。下記の公式のドキュメントを参考にしました。
https://docs.elastiflow.com/docs/elasticsearch_xsmall

ブラウザでkibanaに入ろうとすると"Kibana server is not ready yet"と表示されました。kibanaのログを見てみると"Unable to retrieve version information from Elasticsearch nodes"と表示されます。通信自体ができないのかと思ってkibanaのコンテナにアタッチし、elasticsearchへpingしてみましたが応答が帰ってきたので普通に通信できてるようです。
elasticsearchのログは"Authentication of [kibana_system] was terminated by realm [reserved] - failed to authenticate user [kibana_system]"と表示されていました。そもそも"kibana_system"も"CHANGEME"も公式が示しているdocker-composeに書かれてあったものなので、デフォルト値であり、こちらが何もしなくてもこの値であれば特に変更しなくても認証されると思っていたのですが違うのでしょうか？それに関する言及が公式ドキュメント上に一切なく途方に暮れています。だれかELKに詳しい方教えていただけないでしょうか？

yml
version: '3'
services:
  kibana:
    image: docker.elastic.co/kibana/kibana:7.13.1
    restart: unless-stopped
    hostname: kibana
    # network_mode: bridge
    networks:
      elastic:
      proxy_network:
    ports:
      # HTTP/REST
      - 5601:5601/tcp
    environment:
      TZ: Asia/Tokyo
      VIRTUAL_HOST: hogehoge.com
      VIRTUAL_PORT: 5601
      
      TELEMETRY_ENABLED: 'false'
      NEWSFEED_ENABLED: 'false'

      SERVER_NAME: 'kibana'
      SERVER_HOST: '0.0.0.0'
      SERVER_PORT: 5601
      SERVER_MAXPAYLOADBYTES: 8388608

      ELASTICSEARCH_HOSTS: 'http://elasticsearch:9200'
      ELASTICSEARCH_USERNAME: 'kibana_system'
      ELASTICSEARCH_PASSWORD: 'CHANGEME'
      ELASTICSEARCH_REQUESTTIMEOUT: 132000
      ELASTICSEARCH_SHARDTIMEOUT: 120000

      ELASTICSEARCH_SSL_VERIFICATIONMODE: 'none' 

      KIBANA_AUTOCOMPLETETIMEOUT: 3000
      KIBANA_AUTOCOMPLETETERMINATEAFTER: 2500000

      VIS_TYPE_VEGA_ENABLEEXTERNALURLS: 'true'

      XPACK_MAPS_SHOWMAPVISUALIZATIONTYPES: 'true'
      XPACK_ENCRYPTEDSAVEDOBJECTS_ENCRYPTIONKEY: 'ElastiFlow_0123456789_0123456789_0123456789'

  elasticsearch:
    image: docker.elastic.co/elasticsearch/elasticsearch:7.13.1
    container_name: elasticsearch
    restart: unless-stopped
    hostname: elasticsearch
    ulimits:
      memlock:
        soft: -1
        hard: -1
      nofile:
        soft: 131072
        hard: 131072
      nproc: 8192
      fsize: -1
    networks:
      elastic:
    ports:
      - 9200:9200/tcp
    volumes:
        - ./elasticsearch:/usr/share/elasticsearch/data
        - ./certs:/usr/share/elasticsearch/config/certificates
    environment:
      ES_JAVA_OPTS: '-Xms2g -Xmx2g'
      ELASTIC_PASSWORD: 'CHANGEME'
      cluster.name: elastiflow
      node.name: elasticsearch

      bootstrap.memory_lock: 'true'

      network.host: 0.0.0.0
      http.port: 9200

      discovery.type: 'single-node'

      indices.query.bool.max_clause_count: 8192
      search.max_buckets: 250000

      action.destructive_requires_name: 'true'

      reindex.remote.whitelist: '*:*'
      reindex.ssl.verification_mode: 'none'

      xpack.security.http.ssl.enabled: 'false'

      xpack.monitoring.collection.enabled: 'true'
      xpack.monitoring.collection.interval: 30s

      xpack.security.enabled: 'true'
      xpack.security.audit.enabled: 'false'
  # ElastiFlow Unified Flow Collector
  flow-collector:
    image: elastiflow/flow-collector:5.3.5
    container_name: flow-collector
    restart: 'unless-stopped'
    network_mode: 'host'
    volumes:
      - /etc/elastiflow:/etc/elastiflow
    environment:

      EF_FLOW_SERVER_UDP_IP: '0.0.0.0'
      EF_FLOW_SERVER_UDP_PORT: 9995
        
      EF_FLOW_DECODER_ENRICH_IPADDR_METADATA_ENABLE: 'false'

      EF_FLOW_DECODER_ENRICH_DNS_ENABLE: 'true'
      EF_FLOW_DECODER_ENRICH_DNS_NAMESERVER_IP: '1.1.1.1'
      EF_FLOW_DECODER_ENRICH_DNS_NAMESERVER_TIMEOUT: 3000

      EF_FLOW_DECODER_ENRICH_MAXMIND_ASN_ENABLE: 'false'

      EF_FLOW_DECODER_ENRICH_MAXMIND_GEOIP_ENABLE: 'false'

      EF_FLOW_DECODER_ENRICH_RISKIQ_ASN_ENABLE: 'false'
      EF_FLOW_DECODER_ENRICH_RISKIQ_THREAT_ENABLE: 'false

      # Elasticsearch
      EF_FLOW_OUTPUT_ELASTICSEARCH_ENABLE: 'true'
      EF_FLOW_OUTPUT_ELASTICSEARCH_ECS_ENABLE: 'false'

      EF_FLOW_OUTPUT_ELASTICSEARCH_INDEX_TEMPLATE_SHARDS: 1
      EF_FLOW_OUTPUT_ELASTICSEARCH_INDEX_TEMPLATE_REPLICAS: 0

      # A comma separated list of Elasticsearch nodes to use. DO NOT include "http://" or "https://"
      EF_FLOW_OUTPUT_ELASTICSEARCH_ADDRESSES: '127.0.0.1:9200'
      EF_FLOW_OUTPUT_ELASTICSEARCH_USERNAME: 'kibana_system'
      EF_FLOW_OUTPUT_ELASTICSEARCH_PASSWORD: 'CHANGEME'

      EF_FLOW_OUTPUT_ELASTICSEARCH_TLS_ENABLE: 'false'
      EF_FLOW_OUTPUT_ELASTICSEARCH_TLS_SKIP_VERIFICATION: 'false'
      EF_FLOW_OUTPUT_ELASTICSEARCH_TLS_CA_CERT_FILEPATH: ''


      # Splunk
      EF_FLOW_OUTPUT_SPLUNK_HEC_ENABLE: 'false'
      EF_FLOW_OUTPUT_SPLUNK_HEC_ADDRESSES: '127.0.0.1:8088'
      EF_FLOW_OUTPUT_SPLUNK_HEC_TOKEN: ''

      # Logz.io
      EF_FLOW_OUTPUT_LOGZIO_ENABLE: 'false'
      EF_FLOW_OUTPUT_LOGZIO_ADDRESSES: 'listener.logz.io:8070'
      EF_FLOW_OUTPUT_LOGZIO_TOKEN: ''

      # Kafka
      EF_FLOW_OUTPUT_KAFKA_ENABLE: 'false'
      EF_FLOW_OUTPUT_KAFKA_BROKERS: ''
      #EF_FLOW_OUTPUT_KAFKA_VERSION: '1.0.0'
      #EF_FLOW_OUTPUT_KAFKA_TOPIC: 'elastiflow-flow-codex'
      #EF_FLOW_OUTPUT_KAFKA_PARTITION_KEY: 'flow.export.ip.addr'
      #EF_FLOW_OUTPUT_KAFKA_CLIENT_ID: 'elastiflow-flowcoll'
      #EF_FLOW_OUTPUT_KAFKA_RACK_ID: ''
      #EF_FLOW_OUTPUT_KAFKA_TIMEOUT: 30

      EF_FLOW_OUTPUT_KAFKA_SASL_ENABLE: 'false'

      # Cribl
      EF_FLOW_OUTPUT_CRIBL_ENABLE: 'false'
      EF_FLOW_OUTPUT_CRIBL_ADDRESSES: '127.0.0.1:10080'
      EF_FLOW_OUTPUT_CRIBL_TOKEN: ''
      
      # RiskIQ
      EF_FLOW_OUTPUT_RISKIQ_ENABLE: 'false'


networks:
  elastic:
    driver: bridge
    driver_opts:
      com.docker.network.bridge.enable_icc: "true"
  proxy_network:
    external: true