Hello,
I'm new to elastic search and having some issues with securing it together with Kibana security. This is what I've done:
1- Secure elasticsearch in the yaml with file realm
xpack.security.enabled: true
#File realm
xpack:
security:
authc:
realms:
file:
file1:
order: 0
2- Create new user with role using the command line
client_user:
run_as: [ '' ]
cluster: [ 'monitor' ]
indices:
- names: [ 'events-*' ]
privileges: [ 'read' ]
field_security:
grant: ['category', '@timestamp', 'message' ]
query: '{"match": {"category": "click"}}'
- names: ['logstash-*']
privileges:
- view_index_metadata
- read
- names: ['.kibana*']
privileges:
- manage
- read
- index
3- In our application code, I added basic authentication to use the ElasticClient
4- Allow user to login in Kibana by adding security in kibana.yml
Now whenever I run the application, the NEST response i always empty. However without enabling security I always get the response for all previous indexes.
I'm stuck with this. Any help is highly appreciated!