Add users in Kibana with basic license using 7.10.1

Hi,

I recently upgraded my ELK stack from 6.6 to 7.10. I wanted to use the role management feature to allow users to only view dashboards specific to them which would be secured via authentication. I tried this functionality out in 6.8 and worked perfectly before. Is it possible to achieve this with a basic licence using version 7.10.1?

Moved to the Kibana area for discussion, you will get better answers there! The Endpoint Security area is for discussions on the Endpoint Security product.

I think you might be able to use Spaces depending on how many users and unique configurations you are thinking of.

For example, you have a Space called Executive Users and assign all executive users to that Space. Then within that Space you put only the dashboards you want them to see.

Hi Aaron, thank you for replying so quickly. Thats exactly what i did in 6.8 but in 7.10.1 where do I create the users and assign them to their specific spaces?

I was thinking about creating just the spaces and adding the dashboards into them but there is no authentication and i cant utilise the kibana_dashboard_only_user function like i could with 6.8.

This was under the assumption you would Create Users for each person and Create/Assign Roles to group them. The option for assigning a Space is located at the bottom of the Roles page Add Kibana Privilege.

Ahh sorry. You need to enable security to get those options. If you go through these steps then you will be able to.

image664×578 21.7 KB

Cool, thanks Aaron.

I'm getting a little stuck on the elasticsearch-setup-passwords command as its throwing the following error "'elasticsearch-setup-passwords' is not recognized as an internal or external command,
operable program or batch file." My OS is windows 10. I'd really appreciate your help

Scratch that question

When entering "elasticsearch-setup-passwords interactive" I got this error "Failed to connect to elasticsearch at http://XX.XXX.X.XXX:9200/_security/_authenticate?pretty. Is the URL correct and elasticsearch running?"

I had a look at your website to troubleshoot and found this URL: https://www.elastic.co/guide/en/elasticsearch/reference/master/trb-security-setup.html. And entered the following to the elasticsearch.yml file.

xpack.security.http.ssl.enabled: true
xpack.security.http.ssl.verification_mode: certificate
xpack.security.http.ssl.truststore.path: ?

Do I need to generate a certificate for the truststore path?

Do you need to setup SSL and certificates? If not then I wouldn't do those options. I am not familiar with Windows OS and certificates to help. So if you need to go that route I'd open a new topic for those.

To get Users and Roles to work you just need to enable xpack security and then generate passwords.

No I dont need to setup SSL and certificates for want i actually need. I did enable xpack in the elasticsearch.yml file. xpack.security.enabled: true. Is it at this point I generate the passwords via the elasticsearch-setup-passwords function?

Apologies if i'm explaining this poorly

Correct. I should have stated the bare minimum to achieve what you are looking to do.

Those steps include a lot of additional security which might not be useful to what you are doing.

I'd remove all the other settings in your .yml and then run the password tool. Might need to edit your kibana.yml with new authentication properties also.

I tried that to the elasticsearch-setup-passwords function again and i'm still getting the "failed to connect to elasticsearch at http://XX.XXX.X.XXX:9200/_security/_authenticate?pretty. Is the URL correct and elasticsearch running?"

Did you start Elastic before running the command?

If so what do you get with a basic curl command curl localhost:9200?

I noticed elasticsearch is momentarily staying up when xpack is set to true and then shuts down. This must be my problem

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.