What governs visibility of configured rules in Rules and Connectors tab?


I wanted to allow low lvl user to see configured rules. The rules are configured in separated to user main dashboard so I had to start by adding rights to see the rules's dashboard. So I added the right to check "stack rules" in that dashboard

Added rights to check "Rules and Connectors"the to user role.

This is what the user can see

This is what is there

When I was setting this rules I was using "elastic" user

This are the overall rights of the user

Current Stack ver is 7.17-5

I also think that I was adding the alerts that are not visible on the Kib version 7.17-1 and the one that are visible on the 7.17-5 maybe 7.17-4.

Hi - thanks for writing in. Let me cite the following:

  • The 'Stack Rules' Privilege determines if you can see the Rules management at all, and also allows the non-solution-specific rules to display (as you are seeing)
  • The 'Security' privilege in a role determines if a user can see the Security App and any rules in it.
  • The Analytics level privilege 'Machine Learning' governs if a user can see the ML relating rules

Then, the Observability group of rules is broken into 2 sections:

  • the built in role 'monitoring_user' is required for users to see any Stack Monitoring UI and its relating Rules
  • and finally the individual Observability feature sets govern the access/use of their relating rules, APM, Uptime, Logs, Metrics, are required to see the rules of those specific types.

So it is a combination of up to 7 privileges and the 'monitoring_user' role (if you wish to use stack monitoring rules)

see screenshot below. If you set it to 'read' the user can see any existing rules, and when set to 'all' they can create and edit them. Hope this helps!

1 Like

Thank you Eric. Without your help, I would probably use a lot of time figuring this out.

I can confirm that this works as explained by you

What bothers me is why I did not get this from the documentation. Did I miss or misunderstand some part of It or is it just lacking?

Hi - I think you have found a documentation bug, it wasn't fully clear to me either. I have put this ticket in to the Kibana repo and raised it to the Documentation team for review:

Please feel free to add more context or add any separate concerns you have now or in the future.


1 Like

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.