Kibana connecting to AWS ES via a proxy

Elastic Stack Kibana
1

Hi all,

I am trying to connect to my Kibana box to the AWS ES service I have through a proxy. Currently, the kibana.yml config is:

server.port: 5601
server.host: "0.0.0.0"
elasticsearch_url: "http://search-xxxxx.eu-west-1.es.amazonaws.com:80"

Therefore, this box sits behind a proxy, and the elasticsearch_url is over HTTP/80, and I want to push it through it.

I have managed to find the logstash_output_plugin to push logs to AWS ES via a proxy - all works fine.

I have tried using export http_proxy="x.x.x.x:3128" from the CLI, in rc.local and in /etc/environment but it appears that kibana is either not using these env settings, or ignoring.

Any ideas?

2

elasticsearch_url: "http://search-xxxxx.eu-west-1.es.amazonaws.com:80"

That's not a valid config setting according to the Kibana documentation on Server Properties. I think you want elasticsearch.url (use a dot not an underscore).

See Configuring Kibana | Kibana User Guide [5.1] | Elastic

3

Thanks Tim.

I am using kibana 4.5.0, which works perfectly fine when not going through a proxy, so I know the configuration is valid at this version.

My design does not permit the server with kibana on to have direct access to the internet to access AWS ES - i.e. has to go through a proxy.

4

Documentation for Kibana 4.5.x Server Properties is here: Setting Kibana Server Properties | Kibana User Guide [4.5] | Elastic and in that version as well, the config option for setting the URL to Elasticsearch is elasticsearch.url not elasticsearch_url.

Sorry, when I read your original post, I forgot to reply about this part:

I have tried using export http_proxy="x.x.x.x:3128" from the CLI, in rc.local and in /etc/environment but it appears that kibana is either not using these env settings, or ignoring.

Applications need to be built to honor that environment variable, and the HTTP client that Kibana uses internally doesn't look for that environment variable.

I think you might be encountering a problem similar to this open issue: HTTP_PROXY support for connections towards Elasticsearch · Issue #5211 · elastic/kibana · GitHub

5

Perfect - that is the exact thing I was hoping you'd say!

Doesn't help me solve my issue, but now I know that it cannot be done and should think of alternative methods.

Current thinking is via a (source) NAT iptables box so it can route to AWS ES without a proxy, but not exposed directly to the internet.

Thanks again.

6

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.