Embedding kibana using iframe

Atul87 · December 28, 2023, 2:41am

Hi team, I am trying to embed kibana url using iframe, but its not working for me.
I am using kibana version 7.17.13, I want to embed overall kibana, with all its functionality not just any one dashbord of it.

Authentication in Kibana | Kibana Guide [8.11] | Elastic I have also tried this documentation for my issue but when i specifically use this parameter in kibana.yml the kibana service fails to start

xpack.security.sameSiteCookies: "None"

This is my kibana.yml file

server.host: 0.0.0.0
server.port: 443
elasticsearch.hosts: https://192.168.9.61:9200
elasticsearch.password: NAIVGddfhgz56D2jMu8

Elasticsearch from/to Kibana

elasticsearch.ssl.certificateAuthorities: /etc/kibana/certs/ca/ca.crt
elasticsearch.ssl.certificate: /etc/kibana/certs/kibana.crt
elasticsearch.ssl.key: /etc/kibana/certs/kibana.key

Browser from/to Kibana

server.ssl.enabled: true
server.ssl.certificate: /etc/kibana/certs/kibana.crt
server.ssl.key: /etc/kibana/certs/kibana.key

Elasticsearch authentication

xpack.security.enabled: true
elasticsearch.username: elastic
uiSettings.overrides.defaultRoute: "/app/wazuh"
elasticsearch.ssl.verificationMode: certificate
telemetry.banner: false

#xpack.security.sameOrigin: false

this is my elastic cluster info
{
"name" : "elasticsearch",
"cluster_name" : "elasticsearch",
"cluster_uuid" : "8JqS2LfoROO7F2OiW4KS_w",
"version" : {
"number" : "7.17.13",
"build_flavor" : "default",
"build_type" : "deb",
"build_hash" : "2b211dbb8bfdecaf7f5b44d356bdfe54b1050c13",
"build_date" : "2023-08-31T17:33:19.958690787Z",
"build_snapshot" : false,
"lucene_version" : "8.11.1",
"minimum_wire_compatibility_version" : "6.8.0",
"minimum_index_compatibility_version" : "6.0.0-beta1"
},
"tagline" : "You Know, for Search"
}

so, can anyone guide me out in the right direction for my issue.

And one more thing I want to discuss can we whitelabel kibana dashboard, because as far as i have seen documentations i get to know that its not working for us to whitelabel kibana so, can anyone guide me out for this also.

Thanks in advance for one helping me out for my issue.

Dzmitry · December 28, 2023, 3:39pm

Hi @Atul87 ,

Make sure to follow the docs matching your stack version, 8.11 docs might be different from 7.17 that you need to follow. I would start with clarifying the access to web page you are embedding Kibana to:

If you’re embedding Kibana in a website that supports single sign-on (SSO) with SAML, OpenID Connect, Kerberos, or PKI, it’s highly advisable to configure Kibana as a part of the SSO setup. Operating in a single and properly configured security domain provides you with the most secure and seamless user experience.

If you have multiple authentication providers enabled, and you want to automatically log in anonymous users when embedding anything other than dashboards and visualizations, then you will need to add the auth_provider_hint= query string parameter to the Kibana URL that you’re embedding.

For security reasons I suggest do not post your actual host/password in public forum.

I think you made a good start with xpack.security.sameSiteCookies: None in kibana.yml. Can you share the error you faced?

Best, Dima

Atul87 · December 29, 2023, 6:50am

Hi Dzmitry,

Thanks for your reply,

As for your knowledge we are not using SSO for our case.

When i use the xpack option in kibana and restart service, then service status is active but kibana UI stops and below are the kibana logs

{"type":"response","@timestamp":"2023-12-29T03:26:26+00:00","tags":,"pid":617,"method":"post","statusCode":200,"req":{"url":"/api/telemetry/v2/clusters/_stats","method":"post","headers":{"host":"192.168.9.61","user-agent":"Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Firefox/102.0","accept":"/","accept-language":"en-US,en;q=0.5","accept-encoding":"gzip, deflate, br","referer":"https://192.168.9.61/app/wazuh","content-type":"application/json","kbn-version":"7.17.13","origin":"https://192.168.9.61","content-length":"42","connection":"keep-alive","sec-fetch-dest":"empty","sec-fetch-mode":"cors","sec-fetch-site":"same-origin"},"remoteAddress":"10.0.0.23","userAgent":"Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Firefox/102.0","referer":"https://192.168.9.61/app/wazuh"},"res":{"statusCode":200,"responseTime":1254,"contentLength":93351},"message":"POST /api/telemetry/v2/clusters/_stats 200 1254ms - 91.2KB"}
{"type":"log","@timestamp":"2023-12-29T03:35:41+00:00","tags":["info","plugins-system","standard"],"pid":617,"message":"Stopping all plugins."}
{"type":"log","@timestamp":"2023-12-29T03:35:41+00:00","tags":["info","plugins","monitoring","monitoring","kibana-monitoring"],"pid":617,"message":"Monitoring stats collection is stopped"}

Thank you once again Dzmitry.

Dzmitry · January 4, 2024, 8:28am

Hey @Atul87

There is no error in the logs you posted, so I assume Kibana server is still running, right?
What do you mean by UI stops? What did you get by running

curl --X <kibana_host:port>/internal/security/login_state

Best, Dima

system · February 1, 2024, 8:29am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.