Modify Elasticsearch URLs generated by Kibana - Avoid Special Characters

shashi0905 · January 30, 2017, 1:17pm

Hello,

We need to use kibana (with Logstash and Elasticsearch) through an additional server for security within our intranet applications.
Everything works fine, but our 'Guardian' Server seems to have problem with some special characters in the intermediate url, generated by Kibana for communicating with elasticsearch. For Example : http://IP/elasticsearch/.kibana/_mapping/*/field/source?=1485776369021

Is there a way to modify these URLs (to avoid or encode the special characters) generated while Kibana is loaded?

What I tried so far : As we cannot make the guardian server allow some specific characters, we are trying to find some solution at the kibana side. I tried to use alternate URLs :

e.g., replace * with specific names that are actually used - index-pattern,search,config so the url becomes /elasticsearch/.kibana/_mapping/index-pattern,search,config/field/_source?

through apache mod proxy but there seems to be two issues -

While other reverse proxy configs successfully work on kibana, this one with * character doesn't seems to have any effect
The alternate URL itself contains , character (which might again cause issue, though we're still in process of confirming the restricted characters on our guardian server)

I also tried to use encoded URL and nocanon flag with reverse proxy, but no success.

Is there any configuration or alternate way to avoid internal URLs from using these special characters (at kibana or elasticsearch end) ?

Kibana Version : 4.5.1
Elasticsearch Version : 2.4.0

lukas · January 30, 2017, 10:37pm

Are you able to share your configuration for your reverse proxy?

shashi0905 · January 31, 2017, 11:16am

Below is my reverse proxy configuration (there are commented lines, which are the things I tried doing to redirect the url with character * ) -

<VirtualHost *:80>
ProxyPreserveHost On
ProxyRequests Off

ProxyPass /kibana http://10.192.20.32:5601/app/kibana
ProxyPassReverse /kibana http://10.192.20.32:5601/app/kibana

ProxyPass /bundles http://10.192.20.32:5601/bundles
ProxyPassReverse /bundles http://10.192.20.32:5601/bundles

ProxyPass /elasticsearch http://10.192.20.32:5601/elasticsearch
ProxyPassReverse /elasticsearch http://10.192.20.32:5601/elasticsearch

ProxyPass /elasticsearch/.kibana/_mapping/*/field/_source http://10.192.20.32:5601/elasticsearch/%2Ekibana/%5Fmapping/%2A/
ProxyPassReverse /elasticsearch/.kibana/_mapping/*/field/_source http://10.192.20.32:5601/elasticsearch/%2Ekibana/%5Fmapping/%2A/

#ProxyPass /elasticsearch/%2Ekibana/%5Fmapping/%2A/ http://10.192.20.32:5601/elasticsearch/%2Ekibana/%5Fmapping/index-pattern%2Csearch%2Cconfig/ nocanon
#ProxyPassReverse /elasticsearch/%2Ekibana/%5Fmapping/%2A/ http://10.192.20.32:5601/elasticsearch/%2Ekibana/%5Fmapping/index-pattern%2Csearch%2Cconfig/

#ProxyPass /elasticsearch/.kibana/_mapping/*/field/_source? http://10.192.20.32:5601/elasticsearch/.kibana/_mapping/index-pattern,search,config/field/_source? nocanon
#ProxyPassReverse /elasticsearch/.kibana/_mapping/*/field/_source? http://10.192.20.32:5601/elasticsearch/.kibana/_mapping/index-pattern,search,config/field/_source?

  <Proxy *>
     Order deny,allow
     Allow from all
  </Proxy>
 </VirtualHost>

system · February 28, 2017, 11:16am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.