Missing security options after enabling security in 7.3 ELK Stack

So, after reading that the security features came to ES for free I tried to set it up.

I went through the how to here: https://www.elastic.co/guide/en/elastic-stack-overview/current/security-getting-started.html

But it looks like there is no Management / Security / Users page in Kibana. I am authenticated with the elastic user.

Any ideas what I am doing wrong?

License is basic
Version is 7.3.1

Cheers

Hey @KervyN,

Can you share the screenshot of the management screen: http://localhost:5601/app/kibana#/management (assuming you're running at http://localhost:5601)?

Also what do you see if you try to go to roles page directly: http://localhost:5601/app/kibana#/management/security/roles?

If you set xpack.security.enabled: true in config.yml of Elasticsearch and set up all the passwords it should work out of the box..... Let's see.

Best,
Oleg

Hi,
I connect via nginx proxy, but this is just "map port 5601 to port 443 with ssl".
Here the screenshot:

When I go to /app/kibana#/management/security/roles I got redirected to /app/kibana#/home?_g=()

# grep xpack /etc/elasticsearch/elasticsearch.yml
xpack.security.enabled: true

I use the user elastic to open Kibana with the password which was generated by /usr/share/elasticsearch/bin/elasticsearch-setup-passwords auto

If this matters:
The elk cluster was freshly set up 4-5 month ago and just updated via apt from time to time. I don't know if I fucked up some config while trying to get elk with filebeat running. I've just set up a pipeline which removes the client ip address when I reindex after 7 days.
Logstash sends logs to requests-.

Did you log in with Kibana own login page or with browser native "basic auth" dialog? I've been suggested that you might have disabled security plugin in Kibana, can you check that you don't have xpack.security.enabled: false in kibana.yml?

Also if you used browser native username/password dialog you may need to close browser at some point as browsers tend to cache that info that can lead to all sort of issues.

HA!

got ya

# grep xpack /etc/kibana/kibana.yml
xpack.security.encryptionKey: "mystrongkeywhichshouldbe32bytelong"
xpack.security.enabled: false

I removed the option from kibana.yml and restartet kibana AND THERE IT IS.
Thank you a lot <3

Even with the basic auth it worked, but now I got this beautiful login screen where 1password can fill the password. Oh thats so beautiful.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.