Xpack.security.enabled: true Enable Kibana Security Features (Elasticsearch 7.10)

Hi Everyone!
I am making my way through the install of Elasticsearch/Kibana/Auditbeat and I am running into an issue. When I open up the Security/Detections I have an error "Detection Engine permissions required" I also have an error that states "Failed to retrieve list privileges'"

I was curious how I should go about adding the xpack.security.enabled: true statement to the elasticsearch.yml file - Should I be adding the statement to the end of the file under the "various" section?

I ask because the documentation is not explicit with how I am supposed to add these new statements to these files. I have tried and when I restart the services the webpage states "Kibana server not ready"

I am following these instructions:



Also. I am installing on latest version of Ubuntu.

any assistance is appreciated - Thanks

You can add it anywhere in the file.

If you are seeing errors, it'd be helpful if you posted them :slight_smile: Please don't post pictures of text, they are difficult to read, impossible to search and replicate (if it's code), and some people may not be even able to see them.

Alright, so I added the configurations to the Kibana and Elastricsearch.yml files. Now when I access elastic share I am getting an authentication error.

{"statusCode":401,"error":"Unauthorized","message":"missing authentication credentials for REST request [/.kibana/_search?size=1000&from=0&rest_total_hits_as_int=true]: security_exception"}

I followed the steps for self-managed Elastic Stack deployments, which states, In the kibana.yml configuration file, add the xpack.encryptedSavedObjects.encryptionKey setting with any alphanumeric value of at least 32 characters. For example:

xpack.encryptedSavedObjects.encryptionKey: 'fhjskloppd678ehkdfdlliverpoolfcr'

Below are my .yml configurations
Kibana.yml file: https://pastebin.com/7sMm0Y2y
Elasticsearch.yml: https://pastebin.com/R7CvsKGK

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.