How to Create Super User in Kibana

Elastic Stack Kibana
1

Hello how to create super user with full access so i will create another user with role of dashboard mode only... I have ELK stack 7 and x pack by default is install in ELK . Can someone help. I have set password in kibana yml file add username password then restart kibana but it will open without asking any username and password

2

Have you set the Elasticsearch username and password.

You can do it by going to <Elasticsearch_folder>/bin/ (usually /usr/share/elasticsearch/bin) and execute

elasticsearch-setup-passwords interactive.

This will then prompt you to type in the passwords for Elasticsearch. Once you have setup the passwords for Elasticsearch, Logstash, Kibana, etc. you can then login to Kibana with the password you have set here. And you need to set this password on kibana.yml file.

The username for this password is usually 'elastic' and that is a super user.

3

image
image.png1366×768 70.5 KB

4

Did you enable the xpack on elasticsearch.yml?
it should be like,
xpack.security.enabled: true

5

This is my elasticsearch.yml there is no xpack security

======================== Elasticsearch Configuration =========================

NOTE: Elasticsearch comes with reasonable defaults for most settings.

Before you set out to tweak and tune the configuration, make sure you

understand what are you trying to accomplish and the consequences.

The primary way of configuring a node is via this file. This template lists

the most important settings you may want to configure for a production cluster.

Please consult the documentation for further information on configuration options:

https://www.elastic.co/guide/en/elasticsearch/reference/index.html

---------------------------------- Cluster -----------------------------------

Use a descriptive name for your cluster:

#cluster.name: my-application

------------------------------------ Node ------------------------------------

Use a descriptive name for the node:

#node.name: node-1

Add custom attributes to the node:

#node.attr.rack: r1

----------------------------------- Paths ------------------------------------

Path to directory where to store the data (separate multiple locations by comma):

#path.data: /path/to/data

Path to log files:

#path.logs: /path/to/logs

----------------------------------- Memory -----------------------------------

Lock the memory on startup:

#bootstrap.memory_lock: true

Make sure that the heap size is set to about half the memory available

on the system and that the owner of the process is allowed to use this

limit.

Elasticsearch performs poorly when the system is swapping the memory.

---------------------------------- Network -----------------------------------

Set the bind address to a specific IP (IPv4 or IPv6):

#network.host: 192.168.0.1

Set a custom port for HTTP:

#http.port: 9200

For more information, consult the network module documentation.

--------------------------------- Discovery ----------------------------------

Pass an initial list of hosts to perform discovery when this node is started:

The default list of hosts is ["127.0.0.1", "[::1]"]

#discovery.seed_hosts: ["host1", "host2"]

Bootstrap the cluster using an initial set of master-eligible nodes:

#cluster.initial_master_nodes: ["node-1", "node-2"]

For more information, consult the discovery and cluster formation module documentation.

---------------------------------- Gateway -----------------------------------

Block initial recovery after a full cluster restart until N nodes are started:

#gateway.recover_after_nodes: 3

For more information, consult the gateway module documentation.

---------------------------------- Various -----------------------------------

Require explicit names when deleting indices:

#action.destructive_requires_name: true

6

Then I guess you have to add it to the elasticsearch.yml file

7

at which place any sequence or can i write anywhere in the file

8

Anywhere, even at the end of the file to keep it cleaner :wink:

9

i have enable the xpack.security.enabled: true in the end of file save then close ES then when i try to run ES it show this error

image
image.png1366×768 76.4 KB

10

Could you share the elasticsearch.yml file again?

11

======================== Elasticsearch Configuration =========================

NOTE: Elasticsearch comes with reasonable defaults for most settings.

Before you set out to tweak and tune the configuration, make sure you

understand what are you trying to accomplish and the consequences.

The primary way of configuring a node is via this file. This template lists

the most important settings you may want to configure for a production cluster.

Please consult the documentation for further information on configuration options:

https://www.elastic.co/guide/en/elasticsearch/reference/index.html

---------------------------------- Cluster -----------------------------------

Use a descriptive name for your cluster:

#cluster.name: my-application

------------------------------------ Node ------------------------------------

Use a descriptive name for the node:

#node.name: node-1

Add custom attributes to the node:

#node.attr.rack: r1

----------------------------------- Paths ------------------------------------

Path to directory where to store the data (separate multiple locations by comma):

#path.data: /path/to/data

Path to log files:

#path.logs: /path/to/logs

----------------------------------- Memory -----------------------------------

Lock the memory on startup:

#bootstrap.memory_lock: true

Make sure that the heap size is set to about half the memory available

on the system and that the owner of the process is allowed to use this

limit.

Elasticsearch performs poorly when the system is swapping the memory.

---------------------------------- Network -----------------------------------

Set the bind address to a specific IP (IPv4 or IPv6):

#network.host: 192.168.0.1

Set a custom port for HTTP:

#http.port: 9200

For more information, consult the network module documentation.

--------------------------------- Discovery ----------------------------------

Pass an initial list of hosts to perform discovery when this node is started:

The default list of hosts is ["127.0.0.1", "[::1]"]

#discovery.seed_hosts: ["host1", "host2"]

Bootstrap the cluster using an initial set of master-eligible nodes:

#cluster.initial_master_nodes: ["node-1", "node-2"]

For more information, consult the discovery and cluster formation module documentation.

---------------------------------- Gateway -----------------------------------

Block initial recovery after a full cluster restart until N nodes are started:

#gateway.recover_after_nodes: 3

For more information, consult the gateway module documentation.

---------------------------------- Various -----------------------------------

Require explicit names when deleting indices:

#action.destructive_requires_name: true
xpack.security.enabled:true

12

I don't know if this might be the issue. sometimes it can be as trivial as a space between ':' and the 'true' on the last line. Could you give it a try?

13

i have try it but still the same error but when # this security line elastic run perfect

14

I guess its an issue with the type of license. Which version of ELK do you have? If its >=7.2.x then you can use it with Basic license, although I guess you might need to check if you have setup the basic license on Kibana. If its 7.0 or less then you might need to activate trial license on Kibana first before adding the line on elasticsearch.yml

15

7.1.1 version of ELK

16

I guess you might need to activate trial license first. Or if you have a elastic license you can add it. just turn off the security and get into kibana and management -> license management

17

image
image.png1366×768 94.6 KB

18

I guess, you might have to start the trial. xpack with security (to my knowledge) is only from 7.2 and above.

19

i have activate the trial version then add the security enable true and restart es it gives the same error

20

image
image.png1366×768 111 KB