Customized UI for Elastic Security as SIEM

I am working on deploying Elastic Security in an on-prem environment.

After installing Elasticsearch, Kibana, Logstash, I managed to configure to ingest different log sources such as firewall, proxy gateway, intrusion detection system, and so on.

Our team will use Elastic Stack as a SIEM, so there are lots of features that may not be necessary for most coworkers.

After deploying, I would like to hide many UI components because I don't want to give confusion them with menu items that they would not use with. For example, we don't use K8s, or Elastic Agent as XDR(We have our own XDR).

First, I am looking into Kibana if it has such features, but I could not find them.

So alternatively, I am trying to make a Web UI frontend with ASP.NET or Python/Flask.
But then I might give up the benefits which Kibana provides, such as visualization components.
Or there might be using Grafana as a frontend tool. But I don't know if Grafana can do such a thing, because I've never used it.

Could you please give me some advice on how I can approach my use case?


Hi @camiyu1 Welcome to the community...

Did you look at Kibana Spaces and Kibana Privileges you can control many aspects of Kibana and what a user has access to. This is the normal approach, it may not be able to control every aspect but you can certainly simplify the UI greatly.

Thank you sir, I will try that.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.