Kibana login page

Preethi · July 3, 2018, 3:59pm

Hi,
Referred the video in this URL to set up the login account for Kibana UI(Version 6.3.0).
https://www.elastic.co/webinars/getting-started-kibana

I installed Kibana 6.3.0, but not X-pack separately. Since its not required for this version of Kibana.

In the above video, he installed the x-pack plugin using this command, bin/kibana-plugin install x-pack . If I run the command in terminal, It gave me this message
"Kibana now contains X-Pack by default, there is no longer any need to install it as it is already present.".
Does it mean that no need to install x-pack for Kibana 6.3.0? or Still need to install separately something like this in this guide?
https://www.elastic.co/guide/en/kibana/5.6/installing-xpack-kb.html

As mentioned in the demo,
enabled the elasticserach.username : "user"
elasticserach.password: "pass"

This was the one, when I saw the kibana.yml file.

After I start the cabin service using this command, bin/kibana the Kibana doesn't prompt for any username or password, directly teh home page loaded.

Am I missing any other setting in configuration files?

Can clarify what's wrong in the steps I did?

Thanks

rashmi · July 3, 2018, 5:24pm

Can you clarify what License type are you on ? IF you have installed 6.3.0, it starts with Basic License first. You would have to go to management UI to start the trial license which gives you the login page.

whats the response of GET /_xpack/license if on Basic - you will not get a login screen.

Cheers
Rashmi

Preethi · July 4, 2018, 1:07am

HI,
I updated the trial license yesterday. Bellow is the response that I got, while running GET /_xpack/license

{
"license": {
"status": "active",
"uid": "323b9023-5ade-4477-8a91-2fa5969f7be0",
"type": "trial",
"issue_date": "2018-07-03T06:11:23.130Z",
"issue_date_in_millis": 1530598283130,
"expiry_date": "2018-08-02T06:11:23.130Z",
"expiry_date_in_millis": 1533190283130,
"max_nodes": 1000,
"issued_to": "elasticsearch",
"issuer": "elasticsearch",
"start_date_in_millis": -1
}
}

Under the Management/License Management, can see this

"Your Trial license is active"
Your license will expire on August 2, 2018 2:11 PM +08

Only thing is I enabled these two setting in kibana.yml file, as mentioned in that getting started video link
https://www.elastic.co/webinars/getting-started-kibana

elasticsearch.username: "user"
elasticsearch.password: "pass"

FYI, I downloaded the MAC version of Kibana from this URL and installed.
https://www.elastic.co/downloads/kibana

Noticed that there no folder under the installed location of Kibana. Is there anything wrong in my installation?

Thanks

rashmi · July 10, 2018, 3:17pm

There seems nothing wrong in your installation. You are on Trial License which is valid for 30 days from the date of issue. Can you plz clarify what exactly are you looking for ?Everything seems fine.

Thanks
Rashmi

Preethi · July 11, 2018, 12:59am

Hi Rashmi,

I want to have a login page only for Kibana but not for Elasticsearch.

Thanks

rashmi · July 11, 2018, 4:47am

Elasticsearch is an open-source, broadly-distributable, readily-scalable, enterprise-grade search engine. Accessible through an extensive and elaborate API, Elasticsearch can power extremely fast searches that support your data discovery applications.

Kibana is an open source data visualization plugin for Elasticsearch. It provides visualization capabilities on top of the content indexed on an Elasticsearch. So to answer your question , ES does not have an UI . Kibana is the UI visualization tool for the data indexed into ES and hence provides the login page with the correct license type.

Hope this makes sense.

Cheers
Rashmi

Preethi · July 11, 2018, 7:54am

Yes Rashmi, I understood.
The thing is I need to have a login page for Kibana.
But I am getting that login page, if I add pack.security.enabled: true in both elasticsearch.yml and kibana.yml

So whats happening, when I ping localhost:9200, the elastic search prompts username and pawssword. So my question is without adding the xpack.security.enabled: true in elasticsearch.yml, Can't get the login page in Kibana?

Thanks

rashmi · July 11, 2018, 6:42pm

I think there is a misunderstanding how security works. kibana authentication and credentials are managed by Elasticsearch and Kibana is just passing that info on. I don't believe starting a trial has security enabled by default. Otherwise when you click the start trial button you would be locked out of Kibana and wouldn't be able to login. So to answer your question, you do need the settings in both kibana.yml and elasticsearch.yml

Cheers
Rashmi

Preethi · July 12, 2018, 1:42am

Ok. When I enabled the xpack security setting in both elasticsearch.yml and kibana.yml, the elasticsearch prompts for username and password.
If I don't login, Kiabana fails to start the service.

What would be the username and password to login elasticsearch?

Thanks

rashmi · July 12, 2018, 2:48pm

If you have configured Kibana to use the appropriate built-in user in kibana.yml , those would be the credentials for you to login to Elasticsearch .

elasticsearch.username: "kibana"
elasticsearch.password: "kibanapassword"

The password for the built-in kibana user is typically set as part of the X-Pack security configuration process on Elasticsearch. Ref: https://www.elastic.co/guide/en/elastic-stack-overview/6.3/built-in-users.html

Cheers
Rashmi

rashmi · July 12, 2018, 3:10pm

Here are some useful documentation which might help you understand better :

https://www.elastic.co/guide/en/elasticsearch/reference/6.3/configuring-security.html
there are a number of steps that you must take to get security enabled on Elasticsearch, and then you need to setup all the usernames and passwords before moving on https://www.elastic.co/guide/en/kibana/current/using-kibana-with-security.html.

Also , You must set the passwords for all built-in users. Am thinking you likely missed this part bin/elasticsearch-setup-passwords interactive

you can run the command in an "interactive" mode, which prompts you to enter new passwords for the elastic, kibana, logstash_system, and beats_system users.

Cheers
Rashmi

Preethi · July 14, 2018, 3:58pm

Yes, I also tried to set password for teh default users for elasticsearch. But Throws me newly error. I don't think I changed the password for Elasticsearch or bootstrap before.

I ran this:
bin/elasticsearch-setup-passwords interactive

Error:
Failed to authenticate user 'elastic' against http://127.0.0.1:9200/_xpack/security/_authenticate?pretty
Possible causes include:

The password for the 'elastic' user has already been changed on this cluster
Your elasticsearch node is running against a different keystore
This tool used the keystore at /Path to elasticsearch-6.3.0/config/elasticsearch.keystore

So I referred this thread....

Then created another user and tried to reset the password for elastic user as shown below:

curl -u my_admin -XPUT 'http://localhost:9200/_xpack/security/user/elastic/_password?pretty' -H 'Content-Type: application/json' -d'
{
"password" : "my_password"
}'
Enter host password for user 'my_admin':
{
"error" : {
"root_cause" : [
{
"type" : "cluster_block_exception",
"reason" : "blocked by: [FORBIDDEN/12/index read-only / allow delete (api)];"
}
],
"type" : "cluster_block_exception",
"reason" : "blocked by: [FORBIDDEN/12/index read-only / allow delete (api)];"
},
"status" : 403
}

How to fix it?

Thanks

TimV · July 16, 2018, 2:01am

Your cluster is in a read only state.
You are probably low on disk space, but you should check your elasticsearch logs for more details.

Preethi · July 16, 2018, 2:32am

Yes resolved it.
I changed the password for built-in users such as elastic, kibana and logstash_system successfully.
Now I am able to login kibana. but the problem is I can connect to localhost:9200 in browser but not using curl command. When I run below command,

curl -XGET 'http://localhost:9200/_cat/indices'

getting this error:

{"error":{"root_cause":[{"type":"security_exception","reason":"missing authentication token for REST request [/_cat/indices]","header":{"WWW-Authenticate":"Basic realm="security" charset="UTF-8""}}],"type":"security_exception","reason":"missing authentication token for REST request [/_cat/indices]","header":{"WWW-Authenticate":"Basic realm="security" charset="UTF-8""}},"status":401}

What would be the reason?
Also I could get response from http://localhost:9200/_cat/indices in browser. But I am not able to view the created Elasticsearch index in Kibana. So couldn't create index-pattern.

Could you clarify?

Thanks

TimV · July 16, 2018, 3:22am

You are not providing any credentials to that curl request. Use the --user option.

Preethi · July 16, 2018, 3:35am

Thanks for your reply. When I run below command, Its successfully lists down all the indices created in Elasticsearch.

curl --user <user_name> -XGET 'http://localhost:9200/_cat/indices'

But when I try create the index-pattern in Kibana, the indices are not listed down in selection of teh index. Why?

Thanks

system · August 13, 2018, 3:35am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
What step did I miss? (installing X-pack with basic license and security turned off) Kibana	6	1220	December 17, 2018
Do I need x-pack at all? Elasticsearch	2	877	March 22, 2018
Automated license install not working on first install Elasticsearch	4	598	May 6, 2017
X-Pack basic license and security Elasticsearch	2	1745	August 1, 2018
Disables elastic and kibana users after a while Kibana	6	633	March 23, 2018

Kibana login page

Related Topics