Xpack security roles

Raj_Kumar · April 27, 2017, 7:52am

I went through the security training course at Xpack security- elearning

Am using Elastic 5.3.1 and we have xpack package for our nodes.

I created a role with name "Test_Role"

I gave index privelige to indice logstash-* and priveleges read and index

and I assigned this role to "Test" user.

I tried login with Test user but am unable to access dev tools.

Then I added Kibana user role to that Test user ,am able to access dev tools but am able to access Management (Kibana 0 index Patterns ,Saved objects , reporting and advanced settings)

I totally agree why am able to see all these under managemt, since I assigned kibana user to that user.

So my question is How to create a user where he read and get the index but not the managemment view ?

Thanks in advance,Please any one help me.
Raj

tsullivan · April 28, 2017, 8:01pm

Are there actually any Index Patterns and Saved Objects in the data?

What do the Elasticsearch logs show?

tsullivan · April 28, 2017, 8:03pm

Also, if you want this user to be able to create reports, see the documentation on https://www.elastic.co/guide/en/x-pack/5.3/secure-reporting.html

The user will need the reporting_user role as well.

Raj_Kumar · April 28, 2017, 8:39pm

Hi Sullivan,

Thank you for the reply

Are there actually any Index Patterns and Saved Objects in the data?

I didnt get it ,sorry any example

You mean index templates ?

if thats the question i have a customised logstash template like geo point for geoip's for creating tile map

My elasticsearch logs

[2017-04-28T22:53:10,447][DEBUG][o.e.a.b.TransportBulkAction] [ca_1] failed to execute pipeline [xpack_monitoring_2] for document [.monitoring-es-2-2017.04.28/shards/3W5zo25zT-GGIGqxBidvHg:xJDkfvVcRVSWW-u2_JQyRg:logstash_cisco-2017.04.15:3:p]
java.lang.IllegalArgumentException: pipeline with id [xpack_monitoring_2] does not exist
at org.elasticsearch.ingest.PipelineExecutionService.getPipeline(PipelineExecutionService.java:193) ~[elasticsearch-5.3.1.jar:5.3.1]
at org.elasticsearch.ingest.PipelineExecutionService.access$100(PipelineExecutionService.java:41) ~[elasticsearch-5.3.1.jar:5.3.1]
at org.elasticsearch.ingest.PipelineExecutionService$2.doRun(PipelineExecutionService.java:88) [elasticsearch-5.3.1.jar:5.3.1]
at org.elasticsearch.common.util.concurrent.ThreadContext$ContextPreservingAbstractRunnable.doRun(ThreadContext.java:638) [elasticsearch-5.3.1.jar:5.3.1]
at org.elasticsearch.common.util.concurrent.AbstractRunnable.run(AbstractRunnable.java:37) [elasticsearch-5.3.1.jar:5.3.1]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [?:1.8.0_111]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [?:1.8.0_111]
at java.lang.Thread.run(Thread.java:745) [?:1.8.0_111]
Thanks,
Raj

Raj_Kumar · May 1, 2017, 9:45am

Hi Tsulivan,

Any idea or suggestion
Thanks in Advance

Raj

system · May 29, 2017, 9:50am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.