Hello,

I am getting this in Kibana:

plugin:elasticsearch [security_exception] action [indices:data/read/search] is unauthorized for user [kibana-server]

XGET /_shield/user?pretty gives me this
{
"kibana-server" : {
"username" : "kibana-server",
"roles" : [ "kibana4_server" ],
"full_name" : null,
"email" : null,
"metadata" : { }
}

in my roles.yml on the ES data nodes, I have the following

The required permissions for the kibana 4 server

kibana4_server:
cluster:
- monitor
indices:
- names: '.kibana*'
privileges:
- all

XGET _shield/role?pretty gives me this

"kibana4_server" : {
"cluster" : [ "all" ],
"indices" : [ {
"names" : [ "*" ],
"privileges" : [ "all" ]
} ],
"run_as" : [ "test" ]
}

The first thing to do is to remove the duplicated roles. The role in the file is being used, but it looks like you want the role in the API to be used? If so, I would remove the role in the roles.yml file on all nodes.