Not able to Generate report

reporting

(upendra pisupati) #1

Hi,

I have installed Shield on production cluster. When I try to generate report by clicking on Printable PDF, I get the following error :-

"Reporting: Error 403 Forbidden: Cannot determine license type because authorization failed"

I have specified Reporting privileges in my roles.yml as well. I am not getting where I am going wrong.

Thanks,


(Lee Drengenberg) #2

Hi Upendra,

Have you resolved your problem? Can you tell us what version of Kibana you're on?

And what license type you have in production. You can check with something like this;
http://localhost:9200/_license (changing your host and port).

Any errors in your Kibana or Elasticsearch log?

Thanks,
Lee


(Yashodhara) #3

Hi Lee/Upendra,

I too am facing the same isse, i am using ES 2.4.1, Kibana 4.6.3 with Shield.

Here is the esusers list -
xxxxxx_user1: xxxxxx,kibana
yyyyyy_user1: yyyyyyy,kibana
zzzzzz_user1: zzzzzzz,kibana
kibana_admin : reporting_user,kibana
report_master : reporting_user,kibana
es_admin : reporting_user,admin,kibana

the Roles file

kibana:
cluster:
- cluster:monitor/nodes/info
- cluster:monitor/health
indices:
'.kibana,kibana-test,kibana-local':
- indices:admin/exists
- indices:admin/mapping/put
- indices:admin/mappings/fields/get
- indices:admin/refresh
- indices:admin/validate/query
- indices:data/read/get
- indices:data/read/mget
- indices:data/read/search
- indices:data/read/msearch
- indices:data/write/delete
- indices:data/write/index
- indices:data/write/update
- indices:admin/create

#Reporting
reporting_user:
indices:
- names: '.reporting-*'
privileges:
- write
- read
- create_index


(Yashodhara) #4

Hi Got the fix after a bit of searching in the forum, below is the config that worked for me..

kibana4_server:
cluster:
- cluster:monitor/nodes/info
- cluster:monitor/health
- cluster:monitor/plugin/license/get
indices:
'.kibana':
privileges: indices:admin/create, indices:admin/exists, indices:admin/mapping/put, indices:admin/mappings/fields/get, indices:admin/refresh, indices:admin/validate/query, indices:data/read/get, indices:data/read/mget, indices:data/read/search, indices:data/write/delete, indices:data/write/index, indices:data/write/update
'.reporting-*':
privileges: all


(system) #5