Hello, I am new to the ELK stack technology, and had a question. My
organization uses Siteminder to authenticate against their AD environment.
In order to have this work with ELK, I was going to do the following:
Send log data to 1 of 5 different indices, based on source
Configure a separate Apache vhost and configure each based on what is
accessible, i.e. using the LIMIT directives to limit everything except GET
and POST for a certain index, for example.
Configure Siteminder for each vhost, allowing a certain subset of users
access to each vhost based on what their permissions to each index should
be (IE security gets access to the vhost that can send all methods, Network
group can access the vhost that can only send GET and POST to the
networking index, etc)
I am in the process of testing this, and I got port 80 to work, but I can't
get another port to work (in my test environment, I do not have access to
the DNS server yet so I've been using IP vhosts). I've allowed CORS to
wildcard, I believe, and I've configured ES to bind to the localhost and
use reverse proxy via apache. It all works on port 80, but when I go on
port 8080 for example I get the Kibana-ES "Connection Failed" error.
Here are my configs (rough draft, not complete):
elasticsearch.yml:
http.cors.enabled: true
http.cors.allow-origin: "/.*/"
network.host:"127.0.0.1"
Hello, I am new to the ELK stack technology, and had a question. My
organization uses Siteminder to authenticate against their AD environment.
In order to have this work with ELK, I was going to do the following:
Send log data to 1 of 5 different indices, based on source
Configure a separate Apache vhost and configure each based on what is
accessible, i.e. using the LIMIT directives to limit everything except GET
and POST for a certain index, for example.
Configure Siteminder for each vhost, allowing a certain subset of users
access to each vhost based on what their permissions to each index should
be (IE security gets access to the vhost that can send all methods, Network
group can access the vhost that can only send GET and POST to the
networking index, etc)
I am in the process of testing this, and I got port 80 to work, but I
can't get another port to work (in my test environment, I do not have
access to the DNS server yet so I've been using IP vhosts). I've allowed
CORS to wildcard, I believe, and I've configured ES to bind to the
localhost and use reverse proxy via apache. It all works on port 80, but
when I go on port 8080 for example I get the Kibana-ES "Connection Failed"
error.
Here are my configs (rough draft, not complete):
elasticsearch.yml:
http.cors.enabled: true
http.cors.allow-origin: "/.*/"
network.host:"127.0.0.1"
On Friday, January 23, 2015 at 5:08:59 PM UTC-5, Mark Walkom wrote:
Can you post the applicable line from your kibana config that points to ES?
On 24 January 2015 at 07:50, Scott Lee <sl...@navteca.com <javascript:>>
wrote:
Hello, I am new to the ELK stack technology, and had a question. My
organization uses Siteminder to authenticate against their AD environment.
In order to have this work with ELK, I was going to do the following:
Send log data to 1 of 5 different indices, based on source
Configure a separate Apache vhost and configure each based on what is
accessible, i.e. using the LIMIT directives to limit everything except GET
and POST for a certain index, for example.
Configure Siteminder for each vhost, allowing a certain subset of
users access to each vhost based on what their permissions to each index
should be (IE security gets access to the vhost that can send all methods,
Network group can access the vhost that can only send GET and POST to the
networking index, etc)
I am in the process of testing this, and I got port 80 to work, but I
can't get another port to work (in my test environment, I do not have
access to the DNS server yet so I've been using IP vhosts). I've allowed
CORS to wildcard, I believe, and I've configured ES to bind to the
localhost and use reverse proxy via apache. It all works on port 80, but
when I go on port 8080 for example I get the Kibana-ES "Connection Failed"
error.
Here are my configs (rough draft, not complete):
elasticsearch.yml:
http.cors.enabled: true
http.cors.allow-origin: "/.*/"
network.host:"127.0.0.1"
Hello, I am new to the ELK stack technology, and had a question. My
organization uses Siteminder to authenticate against their AD environment.
In order to have this work with ELK, I was going to do the following:
Send log data to 1 of 5 different indices, based on source
Configure a separate Apache vhost and configure each based on what is
accessible, i.e. using the LIMIT directives to limit everything except GET
and POST for a certain index, for example.
Configure Siteminder for each vhost, allowing a certain subset of
users access to each vhost based on what their permissions to each index
should be (IE security gets access to the vhost that can send all methods,
Network group can access the vhost that can only send GET and POST to the
networking index, etc)
I am in the process of testing this, and I got port 80 to work, but I
can't get another port to work (in my test environment, I do not have
access to the DNS server yet so I've been using IP vhosts). I've allowed
CORS to wildcard, I believe, and I've configured ES to bind to the
localhost and use reverse proxy via apache. It all works on port 80, but
when I go on port 8080 for example I get the Kibana-ES "Connection Failed"
error.
Here are my configs (rough draft, not complete):
elasticsearch.yml:
http.cors.enabled: true
http.cors.allow-origin: "/.*/"
network.host:"127.0.0.1"
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.