Hello All,
We wish to lock down access on a customer sites ELK in a way that they can view the Analytics/Discover & Dashboards but not edit. The indices already exist.
I have created a space,role and user with this aim in mind (following this article Securing access to Kibana | Kibana Guide [7.17] | Elastic) but when I check the for the logstash indices below I see nothing,
Is someone able to point me in the right direction?
Are you sure you know the name of the indices?... can you provide a few examples?
What exactly do you mean by this?
a) Are you using the default Space?
b) Did you create a new space and assign the use to that space?
c) Did you enable Discover in the Kibana Section?
d) What version are you on? Are you on 7.17?
Hello Stephen,
Yes, our indices are named logstash-service-date, logstash-server-date and they are included under the role we have created for the customer(the screen shot from the first post)
Sorry if I was a bit vague,
A) Not at first, I was trying to limit access to a space created just for the customer. But After allowing access to all spaces for the customer account,the customer account can view data under discovery. Is this how its supposed to work?
B) Yes we created new space "customer" and new role "customer" and new user account "customer"
C) Yes, we are able to view discovery tab with the customer account not able to view any data, there is a prompt that appears for a short time we must add the indices to view data
D) 7.14
Hope that helps?
Thanks in advance
Yes, creating a space and associate with the role is the best way to do that. So when they log in they'll go to their space and their role.
If you created a new space, you need to create the data view in that space. It does not come automatically
so just go to the new space
Stack Management - Data View and create a Data View for your indices
logstash-*
Technically, you can go to the default space and copy it over through the saved objects, but you can also just simply create the dataviewin the new space
If I go into Stack management in the customers space I dont see the Data View available.
Do I have to temporarily give the space,role or user account higher permissions?
No Saved Objects (Dashboards, Index Patterns etc) are copied to a New Space automatically. Its a blank slate.
Go to the default / original Space
Stack Management
Saved Objects
Find the Index Pattern
Copy to New Space : Three Dot Menu
Perfect, after that change all the indexes I wanted are there in the customer space.
Thanks Stephen
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.
