Reporting not working with shield, getting indices:data/read/mget error is unauthorised for user

reporting

(upendra pisupati) #1

I am trying to run reporting with shield but when I try to do this, I get the following error in Kibana (4.6.1) and ES (2.4.0) with latest reporting plugin.

FInd the error image below.

The roles.yml file is as follows :-

All cluster rights

All operations on all indices

admin:
cluster:
- all
indices:
- names: '*'
privileges:
- all

monitoring cluster privileges

All operations on all indices

power_user:
cluster:
- monitor
indices:
- names: '*'
privileges:
- all

Read-only operations on indices

user:
indices:
- names: '*'
privileges:
- read

Defines the required permissions for transport clients

transport_client:
cluster:
- transport_client

The required permissions for the kibana 4 server

kibana4_server:
cluster:
- monitor
indices:
- names: '.kibana*'
privileges:
- all
- names: '.reporting-*'
privileges:
- all

The required role for kibana 4 users

kibana4:
cluster:
- cluster:monitor/nodes/info
- cluster:monitor/health
indices:
'.reporting-':
- indices:admin/create
- indices:admin/exists
- indices:admin/mapping/put
- indices:admin/mappings/fields/get
- indices:admin/refresh
- indices:admin/validate/query
- indices:data/read/get
- indices:data/read/mget
- indices:data/read/search
- indices:data/read/msearch
- indices:data/write/delete
- indices:data/write/index
- indices:data/write/update
'
':
- indices:admin/mappings/fields/get
- indices:admin/validate/query
- indices:data/read/search
- indices:data/read/msearch
- indices:admin/get
- indices:data/read/field_stats
'.kibana':
- indices:admin/create
- indices:admin/exists
- indices:admin/mapping/put
- indices:admin/mappings/fields/get
- indices:admin/refresh
- indices:admin/validate/query
- indices:data/read/get
- indices:data/read/mget
- indices:data/read/search
- indices:data/write/delete
- indices:data/write/index
- indices:data/write/update
- indices:data/read/msearch

temp can only access the .kibana index

ironman:
cluster:
- cluster:monitor/nodes/info
- cluster:monitor/health
indices:
'*':
- indices:admin/mappings/fields/get
- indices:admin/validate/query
- indices:data/read/search
- indices:data/read/msearch
- indices:admin/get
- indices:data/read/mget

The required role for logstash users

logstash:
cluster:
- manage_index_templates
indices:
- names: 'logstash-*'
privileges:
- write
- read
- create_index

Marvel user role. Assign to marvel users.

marvel_user:
indices:
- names: '.marvel-es-*'
privileges: [ "read" ]
- names: '.kibana'
privileges:
- view_index_metadata
- read

Marvel remote agent role. Assign to the agent user on the remote marvel cluster

to which the marvel agent will export all its data

remote_marvel_agent:
cluster: [ "manage_index_templates" ]
indices:
- names: '.marvel-es-*'
privileges: [ "all" ]


(Lee Drengenberg) #2

Hi Upendra,

What user are you logged into Kibana as? And what role(s) does that user have?

And does it work OK with the admin user?

Thanks,
Lee


(system) #3