Index privileges

Hi there

I was trying to give access to user with this query.

"match": {
"path.raw": {
"query": "/var/log/top10/customer.log",
"type": "phrase"

I would like log in and directly get all info about it "customer.log".

Can you help me?


Are you using the Kibana Roles interface?

Here's a screenshot from a test case. We create a role and specify the index dlstest in our test case.

We give read and view_index_metadata privileges which are both required to access that data in Kibana.

And we set the Granted Documents Query to {"match": {"region": "EAST"}} where "region" is a field with value of "EAST" in some documents.

We create a user and give the user this "myroleEast" role and "kibana_user" role.

Then when we go to Discover tab in Kibana we only see those documents.

How are you giving access to the user with the query? What happens in your case.



Hi there @LeeDr

Thanks for all. This happens in my case.

This is my indexed document, that contains a file, ccg.log. I would like give access for example, a "test" user with the privileges only "read" all the documents that contains ccg.log

When I filter "path" in my dashboard, this shows me.

This is what I want, but with no admin user. This query.

Are you saying you want to do this without using the x-pack plugin for security?

No, using the x-pack.

This querty that you made was my solution ahahhaha

{"match": {"region": "EAST"}}

and the user roles were missing "ingest_admin and transport_client".

For example in the case that you showed me " ROLES: myrolesEast, Kibana_user, Ingest_admin, transport_client"

I just added those roles and everything did work.

Can you tell me what "ingest_admin and transport_client" works for?

Thanks for all.


This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.