So, after reading that the security features came to ES for free I tried to set it up.
I went through the how to here: https://www.elastic.co/guide/en/elastic-stack-overview/current/security-getting-started.html
But it looks like there is no Management / Security / Users page in Kibana. I am authenticated with the elastic user.
Any ideas what I am doing wrong?
License is basic
Version is 7.3.1
Can you share the screenshot of the management screen: http://localhost:5601/app/kibana#/management (assuming you're running at
Also what do you see if you try to go to
roles page directly: http://localhost:5601/app/kibana#/management/security/roles?
If you set
xpack.security.enabled: true in
config.yml of Elasticsearch and set up all the passwords it should work out of the box..... Let's see.
I connect via nginx proxy, but this is just "map port 5601 to port 443 with ssl".
Here the screenshot:
When I go to
/app/kibana#/management/security/roles I got redirected to
# grep xpack /etc/elasticsearch/elasticsearch.yml
I use the user
elastic to open Kibana with the password which was generated by
If this matters:
The elk cluster was freshly set up 4-5 month ago and just updated via apt from time to time. I don't know if I fucked up some config while trying to get elk with filebeat running. I've just set up a pipeline which removes the client ip address when I reindex after 7 days.
Logstash sends logs to requests-.
Did you log in with Kibana own login page or with browser native "basic auth" dialog? I've been suggested that you might have disabled security plugin in Kibana, can you check that you don't have
xpack.security.enabled: false in
Also if you used browser native username/password dialog you may need to close browser at some point as browsers tend to cache that info that can lead to all sort of issues.
# grep xpack /etc/kibana/kibana.yml
I removed the option from kibana.yml and restartet kibana AND THERE IT IS.
Thank you a lot <3
Even with the basic auth it worked, but now I got this beautiful login screen where 1password can fill the password. Oh thats so beautiful.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.