Kibana behind AWS ELB


(Choon Ming) #1

I'm trying to get my ELK instance running on a private subnet in the AWS VPC. The ELK stack is working fine on its own. In order to access the Kibana dashboard from the internet, I've created an ELB an attached my ELK instance to it.

The ELB instance is listening on port 5601 on both source/destination. However, when I try to access my Kibana dashboard from the ELB endpoint, I'm not getting anything.

The Kibana is listening on 0.0.0.0 and the security groups are open for port 5601 as well.


(Chris Cowan) #2
  • Make sure your Security group for ELB and EC2 are both open for 5601 and 0.0.0.0
  • Check that the ELB says the EC2 instance is online
  • Check that Kibana is available directing from the EC2 instance using the Public IP

What are you doing about security? Having Kibana open to the internet is probably a bad idea. At a minimum I would put it behind an Nginx Proxy with an SSL and Basic Auth.


(Choon Ming) #3

Chris,

  • EC2 and ELB are using the same security group that is open to 0.0.0.0
  • ELB instance do say its online. I can access it via the internal IP address when I tunnel through our bastion host

Our security group should limit it to our VPN and internal subnet only but for now it's open to 0.0.0.0 for testing purposes. If I can't access it via the ELB, there is no point for Nginx in place aint it?


(Jared Carey) #4

What http response do you get?

curl -vvv kibana_url:5601


(Choon Ming) #5

finally found the issue. I've accidentally assigned my ELB to one of the private subnets that sits behind a NAT.


(system) #6