Hi,
Does Kibana client (the part that runs inside my browser) ever send queries directly to ES? Or it always go through Kibana server? I'm trying to decide if I need to expose ES endpoint to all my Kibana users or just the Kibana endpoint is enough.
Thanks.
Yongtao
Does Kibana client (the part that runs inside my browser) ever send queries directly to ES?
No.
Or it always go through Kibana server?
Yes.
(The above is true for Kibana 4 and later.)
To be clear, every request from the browser does go through the Kibana server, but if you look at the requests, you'll see they are all prefixed with /elasticsearch. The Kibana server proxies the request to elasticsearch (preserving your user session if you are using Shield/Security).
This was mostly done to avoid CORS issues, but we also do a very small amount of query protection as well, like stopping DELETE requests, for example.
Thank you both!
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.