Issue securing Elastic Search and Kibana

Hello,
I'm new to elastic search and having some issues with securing it together with Kibana security. This is what I've done:
1- Secure elasticsearch in the yaml with file realm

     xpack.security.enabled: true
     #File realm
     xpack:
     security:
       authc:
         realms:
           file:
             file1:
               order: 0

2- Create new user with role using the command line

  client_user:

  run_as: [ '' ]

  cluster: [ 'monitor' ]

  indices:

       - names: [ 'events-*' ]
         privileges: [ 'read' ]
         field_security:
         grant: ['category', '@timestamp', 'message' ]
         query: '{"match": {"category": "click"}}'
  
       - names: ['logstash-*']
             privileges:
        - view_index_metadata
        - read
	
         - names: ['.kibana*'] 
            privileges:
                  - manage
                  - read
                  - index

3- In our application code, I added basic authentication to use the ElasticClient
4- Allow user to login in Kibana by adding security in kibana.yml

Now whenever I run the application, the NEST response i always empty. However without enabling security I always get the response for all previous indexes.
I'm stuck with this. Any help is highly appreciated!

Please don't post unformatted code, logs, or configuration as it's very hard to read.

Instead, paste the text and format it with </> icon or pairs of triple backticks (```), and check the preview window to make sure it's properly formatted before posting it. This makes it more likely that your question will receive a useful answer.

It would be great if you could update your post to solve this.

1 Like

Basically What I'm trying to do is:

1- Secure Elastic Search with username and password credentials
2- Add basic authentication on ElasticClient in my applications to use these credentials
3- Make Kibana users login with username/password to visualize.

After that I need to still get response from a search(just like before securing it)

Any working advise is very welcomed! Thank you!

I would urge you to read through the documentation. Start with https://www.elastic.co/guide/en/elastic-stack-overview/current/elasticsearch-security.html that describes everything and then maybe follow the Getting Started guide at https://www.elastic.co/guide/en/elastic-stack-overview/current/security-getting-started.html

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.