Issue securing Elastic Search and Kibana

I'm new to elastic search and having some issues with securing it together with Kibana security. This is what I've done:
1- Secure elasticsearch in the yaml with file realm true
     #File realm
               order: 0

2- Create new user with role using the command line


  run_as: [ '' ]

  cluster: [ 'monitor' ]


       - names: [ 'events-*' ]
         privileges: [ 'read' ]
         grant: ['category', '@timestamp', 'message' ]
         query: '{"match": {"category": "click"}}'
       - names: ['logstash-*']
        - view_index_metadata
        - read
         - names: ['.kibana*'] 
                  - manage
                  - read
                  - index

3- In our application code, I added basic authentication to use the ElasticClient
4- Allow user to login in Kibana by adding security in kibana.yml

Now whenever I run the application, the NEST response i always empty. However without enabling security I always get the response for all previous indexes.
I'm stuck with this. Any help is highly appreciated!

Please don't post unformatted code, logs, or configuration as it's very hard to read.

Instead, paste the text and format it with </> icon or pairs of triple backticks (```), and check the preview window to make sure it's properly formatted before posting it. This makes it more likely that your question will receive a useful answer.

It would be great if you could update your post to solve this.

1 Like

Basically What I'm trying to do is:

1- Secure Elastic Search with username and password credentials
2- Add basic authentication on ElasticClient in my applications to use these credentials
3- Make Kibana users login with username/password to visualize.

After that I need to still get response from a search(just like before securing it)

Any working advise is very welcomed! Thank you!

I would urge you to read through the documentation. Start with that describes everything and then maybe follow the Getting Started guide at

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.