No logs showing in Kibana after integration with X-Pack


(Laura Herrera) #1

Hi there,

I have successfully added xpack to EL and Kibana, and all my traffic is happening via SSL, so far so good.
I am having problems when adding LDAP for authentication tho.

I can authenticate on Kibana, but i get a blank page, i can only see the left menu and the logo, nothing else.
When i authenticate to EL via API, I can search,etc. I have added my user to the 'superuser' role, but the result is the same.

EL 5.3.0
Kibana 5.3.0
Here is my config:
xpack.security.authc:
realms:
file:
type: file
order: 0
native:
type: native
order: 1
ldap:
type: ldap
order: 2
enabled: true
url: "ldaps://ldap:636/"
ssl.key: "/etc/elasticsearch/certs/cert.key"
ssl.certificate: "/etc/elasticsearch/certs/cert.crt"
ssl.certificate_authorities: [ "/etc/elasticsearch/certs/cert.ca" ]
user_search:
base_dn: "ou=People,dc=example,dc=com"
attribute: uid
group_search:
base_dn: "ou=People,dc=example,dc=com"
files:
role_mapping: "/etc/elasticsearch/x-pack/role_mapping.yml"

-- role_mapping.yml
superuser:

  • "uid=adminUser,ou=People,dc=example,dc=com"
    kibana_user:
  • "ou=People,dc=example,dc=com"
    monitoring_user:
  • "ou=People,dc=example,dc=com"
    user:
  • "ou=People,dc=example,dc=com"
  • "uid=myUser,ou=People,dc=example,dc=com"

USER role:
{
"cluster": [ "all" ],
"indices": [
{
"names": [ "events-", "journal", "filebeat*", "%{[@metadata]*" ],
"privileges": [ "read" ]
}
]
}

Authenticating to EL:

curl -u myUser https://elasticsearch01:9200/_xpack/security/_authenticate
Enter host password for user 'myUser':
{"username":"myUser","roles":["user"],"full_name":null,"email":null,"metadata":{},"enabled":true}[

Not adminUser or myUser can see anything when loggin in to kibana. (other than the menu)
I have tried adding myUser to kibana_role and monitoring_role, but that doesn't change anything,
and i understood that it should be enough with the DN string being added to the role.

Hope you can help.
Thanks
Laura


(system) #3

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.