Kibana sharing security question

jeremyr · May 19, 2016, 9:30am

Hi All,

I have successfully embedded the iframe from the Kibana sharing option into a 3rd party application.

However, when I open Chrome develloper tools, I can see the elasticsearch query with data post and request that was made.

Request URL:https://url.kibana.com/elasticsearch/_msearch?timeout=0&ignore_unavailable=true&preference=1463648533777
Request Method:POST

Request Payload :

{"index":"test","search_type":"count","ignore_unavailable":true}
{"query":{"filtered":{"query":{"query_string":{"analyze_wildcard":true,"query":"place_id:MS000843"}},"filter":{"bool":{"must":[{"range":{"date_ymd":{"gte":1461057992178,"lte":1463649992178,"format":"epoch_millis"}}}],"must_not":}}}},"size":0,"aggs":{}}

My question: Is there a way to avoid the client to update the query to prevent it see no other information in the same index?

Thanks for your help

J.

warkolm · May 19, 2016, 1:03pm

You don't want the query to be shown in the developer tools?

jeremyr · May 19, 2016, 1:20pm

I would like to know, if there a way to hide the Request payload between kibana and elastic search to avoid that clients changes the queries sent to ES.

warkolm · May 23, 2016, 3:52am

There is not.

Topic		Replies	Views
Kibana External Search Link Kibana	2	328	October 5, 2021
List all Kibana embedded Iframe URLs Kibana	5	4625	May 3, 2017
Share the iframe of Kibana Dashboard Kibana	2	427	June 29, 2018
How to modify dashboard request in backend? Kibana	2	350	July 18, 2018
Challenges embedding Kibana visualizations in elasticsearch _site plugin Kibana	4	2654	July 6, 2017

Kibana sharing security question

Related topics