Logs UI along with spaces

sl1729 · April 17, 2019, 7:26am

I created a space called 'dev' and then created objects like index-pattern, visualization and dashboards etc .. And then a role with read permission to that space and read access to the related indexes. Created a user 'dev-user' under that role.

But now when I login as admin [navigate to the dev space], I am able to view the the logs in Logs UI.

But when login as dev-user [navigate to the dev space], I am only seeing message " Looks like you don't have any metrics indices.". Even though I am able to view the dashboards without problem with all visualizations.

How can I provide dev-user access to view the logs in Logs-UI ?.

simianhacker · April 18, 2019, 3:10pm

@sl1729 For the Infrastructure UI, the users will need read permission for the metricbeat-* indices (in Elasticsearch). The index patterns (not Kibana index pattern but the pattern used to match the data in Elasticsearch) are described here: https://www.elastic.co/guide/en/kibana/current/infrastructure-ui-settings-kb.html

Users will need to read access to the indices listed in xpack.infra.sources.default.metricAlias and xpack.infra.sources.default.logAlias. If you need to use different index patterns per space, you can set these values using the settings UI for both the Infrastructure UI and Logs UI. Whatever these values are set to, the user will need read access to the matching indices.

sl1729 · April 22, 2019, 7:31am

Apology to not mention it in previous post. I am using 6.6.2 version of the stack.

"xpack.infra.sources.default.logAlias" setting is set to logs-* (this is the index under which filebeat logs are redirected).

metric beat index is the default one.

After I give access to index logs-* and metricbeat-*, I get the below error, when navigating to either Logs UI or Infrastructure UI.

"Error: GraphQL error: [security_exception] action [indices:admin/aliases/get] is unauthorized for user [appl-user]"

weltenwort · April 23, 2019, 8:39am

In order to support the use of aliases, the infra ui currently requires the manage permission on the alias name and the target indices.

sl1729 · April 24, 2019, 3:31am

Thanks for the reply, I tested and it is working.

But with the manage access and having the dev tools option available, the developer is also able to drop or modify the index. Hope we should be able to achieve it with only read permission in future.

weltenwort · May 8, 2019, 2:23pm

Hm, that is true. You could check whether the view_index_metadata permission is sufficient, because the Logs UI doesn't really need write access to the aliases.

system · June 5, 2019, 2:23pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Kibana Metrics UI with different user Kibana	3	302	July 16, 2020
Dashboard user and dashboard crator user Kibana	4	356	February 12, 2020
Infrastructure Logs UI change index? Metrics	3	785	February 6, 2019
View Specific Index-pattern data in a specific kibana space Kibana	2	220	August 11, 2022
Kibana roles / Errors - warning showing after login Kibana elastic-stack-security	4	494	June 9, 2021

Logs UI along with spaces

Related topics