I'm trying to design some Kibana dashboards for my team, but I don't want them editing the dashboard or deleting them.
My Kibana is currently situated behind Nginx and only accessible on localhost. What would happen if Nginx blocked all PUT and POST requests? I could only see those requests being useful to edit dashboards. Am I missing something?
After some experimentation I figured that blocking all POST/PUT requests blocked pretty much everything. To fix this I managed to use NGINX to block URL's with the regexp comparators. Note how the code is extremely dirty (almost disgustingly so) due to NGINX's bad implementation of an if directive.
In Nginx.conf:
if ($request_uri ~ ^/elasticsearch/.kibana/dashboard/.) {
set $test K;
}
if ($request_uri !~ ^/elasticsearch/.kibana/dashboard/_search.) {
set $test "${test}K";
}
if ($test = KK){
return 403;
}
This blocks all requests to permanently change/delete the dashboard saved on the server, but still allows opening all available ones or temporarily change dashboards to then export/import them.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.