Accountinfo and Multitenancy disabled at GUI

Elasticsearch version: 7.10.0

Kibana version (if relevant): 7.10.0

Describe the issue:
I have installed and configured searchguard for elasticsearch and kibana. The problem is that “Accountinfo” and “Multitenancy” are disabled at kibana.

I´ve configured multitenancy options at sg_config.yml and kibana.yml, but “Multitenancy” is still disabled.

¿How can I enable Multitenancy and Accountinfo at kibana?

Screenshots (if relevant):
searchguard

Thanks,
AdminUnix.

Hi.
You have to do the following configurations to make it work.

sg_config.yml

sg_config:
  dynamic:
      kibana:
        multitenancy_enabled: true

kibana.yml

elasticsearch.requestHeadersWhitelist: [ "sgtenant", "authorization" ]
searchguard.multitenancy.enabled: true
searchguard.accountinfo.enabled: true

If you still have the problem, share the following

  • kibana.yml
  • elasticsearch.yml
  • sg_config.yml
  • Kibana log
  • Elasticsearch log

Hi Sergii,

Thank you for your answer. I´ve configured all you posted but Accountinfo and Multitenancy are still disabled. I dont know why.

ELASTICSEARCH CONFIG
elasticsearch.yml (1.1 KB)

KIBANA CONFIG
Kibana has these environment variables:

SERVER_HOST=0.0.0.0
SERVER_NAME=kibana
XPACK_SECURITY_ENABLED=false
ELASTICSEARCH_USERNAME=kibanaserver
ELASTICSEARCH_PASSWORD=******
ELASTICSEARCH_HOSTS=https://myurl:9200
ELASTICSEARCH_SSL_VERIFICATIONMODE=none
SEARCHGUARD_AUTH_TYPE=basicauth
SEARCHGUARD_MULTITENANCY_ENABLED=true
SEARCHGUARD_ACCOUNTINFO_ENABLED=true

kibana.yml file has this line:
elasticsearch.requestHeadersWhitelist: [ "sgtenant", "Authorization", "authorization" ]

LOGS
kibana.log (12.2 KB) elasticsearch.log (146.8 KB)

Thank you,
Regards.

Can you share kibana.yml?
Are you sure the Kibana has access to the environment variables? Try to hardcode the the following values.
kibana.yml

searchguard.multitenancy.enabled: true
searchguard.accountinfo.enabled: true

I´ve configured searchguard.multitenancy.enabled and searchguard.accountinfo.enabled at kibana.yml and now are enable.
It seems Kibana not load correctly environment variables.

For example, multitenancy show me this error at kibana if I configure ELASTICSEARCH_USERNAME=kibanaserver environment variable:

Mismatch… Configured username on Kibana: ‘kibana_system’, configured username on Elasticsearch: ‘kibanaserver’

If I configure elasticsearch.username: kibanaserver at kibana.yml, everything works fine.

First, double-check that you put all the environment variables in the kibana.yml properly, for example, elasticsearch.username=${ELASTICSEARCH_USERNAME}. Read more Use environment variables in the configuration | Packetbeat Reference [7.10] | Elastic

Second, access the Kibana server as the Kibana system user. Then verify if you see the environment variables. For example, on Linux

su kibana
echo $ELASTICSEARCH_USERNAME

We have a infra with a kubernetes cluster so the environment variables we use are described at Install Kibana with Docker | Kibana Guide [7.10] | Elastic

Environment variables are not inside kibana.yml file in this case. The solution for us is configured kibana.yml file and copied it inside the container with the Dockerfile.

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.