Hello how to create super user with full access so i will create another user with role of dashboard mode only... I have ELK stack 7 and x pack by default is install in ELK . Can someone help. I have set password in kibana yml file add username password then restart kibana but it will open without asking any username and password
Have you set the Elasticsearch username and password.
You can do it by going to <Elasticsearch_folder>/bin/ (usually /usr/share/elasticsearch/bin) and execute
elasticsearch-setup-passwords interactive.
This will then prompt you to type in the passwords for Elasticsearch. Once you have setup the passwords for Elasticsearch, Logstash, Kibana, etc. you can then login to Kibana with the password you have set here. And you need to set this password on kibana.yml file.
The username for this password is usually 'elastic' and that is a super user.
Did you enable the xpack on elasticsearch.yml?
it should be like,
xpack.security.enabled: true
This is my elasticsearch.yml there is no xpack security
======================== Elasticsearch Configuration =========================
NOTE: Elasticsearch comes with reasonable defaults for most settings.
Before you set out to tweak and tune the configuration, make sure you
understand what are you trying to accomplish and the consequences.
The primary way of configuring a node is via this file. This template lists
the most important settings you may want to configure for a production cluster.
Please consult the documentation for further information on configuration options:
https://www.elastic.co/guide/en/elasticsearch/reference/index.html
---------------------------------- Cluster -----------------------------------
Use a descriptive name for your cluster:
#cluster.name: my-application
------------------------------------ Node ------------------------------------
Use a descriptive name for the node:
#node.name: node-1
Add custom attributes to the node:
#node.attr.rack: r1
----------------------------------- Paths ------------------------------------
Path to directory where to store the data (separate multiple locations by comma):
#path.data: /path/to/data
Path to log files:
#path.logs: /path/to/logs
----------------------------------- Memory -----------------------------------
Lock the memory on startup:
#bootstrap.memory_lock: true
Make sure that the heap size is set to about half the memory available
on the system and that the owner of the process is allowed to use this
limit.
Elasticsearch performs poorly when the system is swapping the memory.
---------------------------------- Network -----------------------------------
Set the bind address to a specific IP (IPv4 or IPv6):
#network.host: 192.168.0.1
Set a custom port for HTTP:
#http.port: 9200
For more information, consult the network module documentation.
--------------------------------- Discovery ----------------------------------
Pass an initial list of hosts to perform discovery when this node is started:
The default list of hosts is ["127.0.0.1", "[::1]"]
#discovery.seed_hosts: ["host1", "host2"]
Bootstrap the cluster using an initial set of master-eligible nodes:
#cluster.initial_master_nodes: ["node-1", "node-2"]
For more information, consult the discovery and cluster formation module documentation.
---------------------------------- Gateway -----------------------------------
Block initial recovery after a full cluster restart until N nodes are started:
#gateway.recover_after_nodes: 3
For more information, consult the gateway module documentation.
---------------------------------- Various -----------------------------------
Require explicit names when deleting indices:
#action.destructive_requires_name: true
Then I guess you have to add it to the elasticsearch.yml file
at which place any sequence or can i write anywhere in the file
Anywhere, even at the end of the file to keep it cleaner
i have enable the xpack.security.enabled: true in the end of file save then close ES then when i try to run ES it show this error
Could you share the elasticsearch.yml file again?
======================== Elasticsearch Configuration =========================
NOTE: Elasticsearch comes with reasonable defaults for most settings.
Before you set out to tweak and tune the configuration, make sure you
understand what are you trying to accomplish and the consequences.
The primary way of configuring a node is via this file. This template lists
the most important settings you may want to configure for a production cluster.
Please consult the documentation for further information on configuration options:
https://www.elastic.co/guide/en/elasticsearch/reference/index.html
---------------------------------- Cluster -----------------------------------
Use a descriptive name for your cluster:
#cluster.name: my-application
------------------------------------ Node ------------------------------------
Use a descriptive name for the node:
#node.name: node-1
Add custom attributes to the node:
#node.attr.rack: r1
----------------------------------- Paths ------------------------------------
Path to directory where to store the data (separate multiple locations by comma):
#path.data: /path/to/data
Path to log files:
#path.logs: /path/to/logs
----------------------------------- Memory -----------------------------------
Lock the memory on startup:
#bootstrap.memory_lock: true
Make sure that the heap size is set to about half the memory available
on the system and that the owner of the process is allowed to use this
limit.
Elasticsearch performs poorly when the system is swapping the memory.
---------------------------------- Network -----------------------------------
Set the bind address to a specific IP (IPv4 or IPv6):
#network.host: 192.168.0.1
Set a custom port for HTTP:
#http.port: 9200
For more information, consult the network module documentation.
--------------------------------- Discovery ----------------------------------
Pass an initial list of hosts to perform discovery when this node is started:
The default list of hosts is ["127.0.0.1", "[::1]"]
#discovery.seed_hosts: ["host1", "host2"]
Bootstrap the cluster using an initial set of master-eligible nodes:
#cluster.initial_master_nodes: ["node-1", "node-2"]
For more information, consult the discovery and cluster formation module documentation.
---------------------------------- Gateway -----------------------------------
Block initial recovery after a full cluster restart until N nodes are started:
#gateway.recover_after_nodes: 3
For more information, consult the gateway module documentation.
---------------------------------- Various -----------------------------------
Require explicit names when deleting indices:
#action.destructive_requires_name: true
xpack.security.enabled:true
I don't know if this might be the issue. sometimes it can be as trivial as a space between ':' and the 'true' on the last line. Could you give it a try?
i have try it but still the same error but when # this security line elastic run perfect
I guess its an issue with the type of license. Which version of ELK do you have? If its >=7.2.x then you can use it with Basic license, although I guess you might need to check if you have setup the basic license on Kibana. If its 7.0 or less then you might need to activate trial license on Kibana first before adding the line on elasticsearch.yml
7.1.1 version of ELK
I guess you might need to activate trial license first. Or if you have a elastic license you can add it. just turn off the security and get into kibana and management -> license management
I guess, you might have to start the trial. xpack with security (to my knowledge) is only from 7.2 and above.
i have activate the trial version then add the security enable true and restart es it gives the same error