I'm having trouble opening my Kibana, the error is displayed:
plugin: email@example.com - [security_exception] action [cluster: admin / xpack / security / privilege / delete] is unauthorized for user [found-internal-kibana4-server]
How to solve this error?
This means that the logged in user doesn't have the right set of privileges. When and where do you see that error? In Kibana? When you log in? Or in a log file?
To Just use Kibana and have access to the data in an index, a user would typically only require;
- a role with
view_index_metadata privs on that particular index (and no cluster privs)
You could turn on audit logging in your Elasticsearch cluster and that would show you what user it is getting the error and what index they are accessing.
You could also query Elasticsearch for your users and roles and paste it here so we could check that you really have everything set correctly.
curl -XGET http://localhost:9200/_xpack/security/role?pretty
curl -XGET http://localhost:9200/_xpack/security/user?pretty
Please let us know if that helps.
This error appears as soon as I log in to Kibana, making any action impossible, as shown in the image below!
I've created new users with the roles superuser and kibana_user but the error persists!
Can we have supporting Kibana logs and ES logs as well when this happens ? what version of the stack are u on ?
I'm sorry, but how do I get the logs? We use Elastic at "https://cloud.elastic.co" and I only have these menus
There seems to be something wrong with the kibana user created - which is unable to talk to ES. . Pinging cloud here :
Since this is a cloud issue, will you please open a support ticket , so that more eyes can get to it ? I have moved this question to Cloud Discuss.
I already opened a ticket with this case.
Thank you very much for your attention and support
Thanks ...hope it gets resolved soon.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.