I'm following the docs here https://www.elastic.co/guide/en/x-pack/6.1/field-and-document-access-control.html#document-level-security
And I've set up a role and a user as shown in the screenshots below.
I think I originally did something wrong because when I logged in as that user and went to the Kibana/Discover page I got a
Error 400 Bad Request: [parse_exception] Failed to derive xcontent However, since changing to what you see in the screenshots when I login the user sees no data at all.
Any ideas why? The user should see at least 2 other documents that have the name not of Tom Cruise. I've also included a screenshot that shows the query I put in the role works in the console tool.