Maintain confidentiality of agents and user in kibana

Hi team,

Please have a look at below screenshots.

I wanted to implement Elasticsearch in such a way that we can have seperate users for seperate projects so that one user can not see the agent and traces of another project.

Can we do it? is it already implemented in ELK? how can we achive this scenario? I wanted to :\

  1. Map users to projects.
  2. Specify the agents to specific projects.
  3. In kibana/elasticsearch, wanted to maintain the confidentiality of data i.e. one user must not see the traces/agent of another user.

refering the screenshot above, i wanted to create 2 users one for client1 and one for client2 in such a way that user1 when logged in in kibana, must not be able to see the traces and agent of user2 respectively.

I tried creating users in kibana, but the users were able to see the agent and traces of one another.

Thanks and Regards,

Thanks and regards

You will need to look at using Elasticsearch's Security features to do this, along with using Kibana Spaces.

Things like document and field level security can help.

Hi @warkolm ,

I performed following steps :

  1. tried creating multiple spaces from kibana. e.g Space1- client1, Space2- client2.
  2. created 2 different users for client1 and client 2.
  3. started 2 different apm server,
  4. in apm-server.yml, used client

enabled: true

host: "http://x.x.x.x.:5601"

# protocol: "https"
username: "client1"
password: "xxxxxxx"

hosts: ["https://x.x.x.x:9200"]
enabled: true
protocol: "https"

username: "client1"
password: "xxxxx"

above is configurations in apm-server.yml where a user is created and assigned to kibana space but still the traces of this agent is visible in another kibana space as well.

please provide feedback and suggestions if any on how can i limit the traces from being visible to all users of elasticsearch.

Please refer following screenshot :

C2 - kibana space of client2
client1Agnt - agent configured for client2 kibana space.

Thanks and regards.

This topic was automatically closed 20 days after the last reply. New replies are no longer allowed.