On kibana - manage web interface, I created one new role that give ALL permission to one index and also assigned the new role to one user. When I logged in as this user, all functions do not work. No index was shown on the right side. If I assigned Superuser role to this user, it works fine like built-in user elastic. Note that XPACK has been installed in elasticsearch and kibana.
By checking the logs, it seems that the connection can not be established between kibana and elasticsearch if it is logged in as this user?
Could anyone know what happened?
Much appreciated.
I did not give this user a role as kibana_user. Instead, I create a new role with the same permission as Superuser does. Also, when I checked the role kibana_user via kibana manage interface, it is strange that it is listed in the roles, but clicking the role "kibana_user" and I got the message "the role kibana_user does not exist". Did you experience the same problem?
Your messages are hard to read with the formatting you've used. Anyway, it seems like the kibana role is being confused with the kibana_user role. Those are two distinct roles.
+++++++++
I did not give this user a role as kibana_user. Instead, I create a new role with the same permission as Superuser does. Also, when I checked the role kibana_user via kibana manage interface, it is strange that it is listed in the roles, but clicking the role "kibana_user" and I got the message "the role kibana_user does not exist". Did you experience the same problem?
+++++++++
I also resent my first message (see below). Hope that it is formatted readable. In addition, I use ELK ver 5.1.1.
+++++++++
On kibana - manage web interface, I created one new role that give ALL permission to one index and also assigned the new role to one user. When I logged in as this user, all functions do not work. No index was shown on the right side. If I assigned Superuser role to this user, it works fine like built-in user elastic. Note that XPACK has been installed in elasticsearch and kibana.
By checking the logs, it seems that the connection can not be established between kibana and elasticsearch if it is logged in as this user?
These statements are contradictory. The superuser role has more permissions than just ALL on a single index. If it your second statement is accurate, and your new role only has access to a single index, then those users will not be able to use Kibana. There are additional permissions that are required in order to use Kibana.
The supported method for granting Kibana access to an X-Pack secured Elasticsearch cluster is via the kibana_user role.
Is there a specific reason you're avoiding that advice? You will find your task is much simpler if you follow the official recommendations.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.