I'd like to create a public page on my website which shows live data from Elasticsearch, and I'm trying to figure out the best approach. Ideally I'd just like to embed a Canvas workpad but I can't quite find a way to do that. From my understanding, the "share on a website" only exports a static version of the workpad. Also when I go to "share on a website", it says my drop-down filter is incompatible with that feature, and I'd like to include the drop-down filter on my public dashboard.
From my understanding, the "share on a website" only exports a static version of the workpad. Also when I go to "share on a website", it says my drop-down filter is incompatible with that feature, and I'd like to include the drop-down filter on my public dashboard.
This is correct; the shareable is not connected to Kibana at all and only contains the static data from the JSON file. This is also why elements which manipulate/re-query data (like a drop-down filter) are disabled, as it would require fetching new data from Elasticsearch.
If you need users to be able to query Elasticsearch, you'll need to look into embedding Kibana in an iframe. For example, you could create the Canvas workpad you want to embed, lock the controls to prevent editing, and view fullscreen. Then use that URL in your iframe so that the fullscreen view loads up by default:
One important thing to note is that you will need to set up a dedicated user/role for the iframe, to prevent visitors from having full access to everything in Kibana. To do this, you'd want to do something like create a role with read permissions on the index you need to query, and a spaces-level permission that only provides access to the Canvas app.
You can then assign a user to this role and set up a proxy to auto-authenticate the embedded iframe to the new user as described in this thread.
Technically a user would still be able to hit "escape" to back out of the workpad's full-screen mode, but if the security permissions are set carefully, they shouldn't be able to do much else.
Hope this helps point you in the right direction! Longer term, we are looking at ways to make it easier to embed pieces of Kibana externally, but in the meantime this is probably your best bet.
Thanks for the suggestion lukeelmers, I was able to get it working following these instructions!
For the record, if anyone else is trying to do this, I set up an nginx server using the following configuration:
server {
listen 4443 ssl; # non-standard port to separate from apache traffic
server_name <your url>;
ssl_certificate <path to public key>;
ssl_certificate_key <path to private key>;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Authorization "Basic <Base64 encoded credentials>"; # base64-encoded username:password to pass in header
proxy_set_header X-Found-Cluster <instance-id>;
proxy_pass <kibana-endpoint-uri>:9243;
}
}
As tsullivan said in the other thread, the crednetials can be encoded using echo -n username:password | base64
The one thing that was unclear in that thread was the X-Found-Cluster header which must be set for this to work with an Elastic Cloud instance. The instance ID you need is the alphanumeric code which appears as the subdomain in your kibana endpoint, e.g. https://<instance-id>.us-east-1.aws.found.io:9234.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.