Having a password-protected Kibana with Basic License

Disclaimer: it's my first experience with ELK, just keep that in mind.

I use ELK stack version 6.5.1 all loaded in a Docker container, by using the sebp/elk Docker image. This comes pre-loaded with the Basic license. I have only 1 ElasticSearch node and I plan to keep it that way.

I use all this together with Filebeat to collect logs from my machines and see them in Kibana.

The problem I run into is the fact that, right now, anyone who knows the URL to my Kibana can just go there and see everything.

In order to prevent this, I figured I need to enable XPack, which will allow me to set up some user account(s). At least that's what I understood from the documentation.

I tried following this guide: https://www.elastic.co/guide/en/elastic-stack-overview/6.5/elasticsearch-security.html

What I did is to add to the "elasticsearch.yml" the line:

xpack.security.enabled: true

When I got to the next step there, which is to execute this:

./bin/elasticsearch-setup-passwords interactive

That's when I got the error:

Unexpected response code [403] from calling GET http://172.17.0.2:9200/_xpack/security/_authenticate?pretty
It doesn't look like the X-Pack security feature is available on this Elasticsearch node.
Please check if you have installed a license that allows access to X-Pack Security feature.

ERROR: X-Pack Security is not available.

And now I'm stuck.

I searched around a bit and what I found is that I need some paid-license to have XPack. This is not something that I want because:

  • I don't want premium features
  • I don't want customer support
  • etc

All I want is to somehow prevent public access to my Kibana instance. Even if it's only 1 account it's fine for me.

Is there some way I can achieve something like this by using the Basic License?

Hello, have you enabled premium trial in Kibana license management? you must be enrolled under premium to use xpack security.

You can try 30 days of premium for free in 6.5 version, i recommend that you upgrade as some security features including authentication are free under basic tier now.

Security features have been included in the basic level license, but requires you to upgrade to 6.8.

@Christian_Dahlqvist Are you sure? That would be awesome. I'll take a look at the release notes (if I can find them :smiley: ).

@kmohd No I haven't enabled Premium-Trial. Even if it would work that way, I want a more permanent solution.

Refer to https://www.elastic.co/blog/security-for-elasticsearch-is-now-free

1 Like

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.