Authorization issues Kibana

Hi Team,

I am getting security exceptions in kibana for generic index patterns. could some one help to provide solution to this. Below is the use case.

I have below index patterns in ES and have permissions to users.

logstash_iostats_17756_* (* indicates date) -> Gave permissions to Srikanth

logstash_iostats_23857_* (* indicates date) -> Gave permissions to harish

In kibana I have set index pattern logstash_iostats_* and created few visualizations and Dashboard.

when user srikanth logs in to kibana , it is giving security exception like indices-data.read.msearch ,indices-data.read.field_stats but when I create index pattern logstash_iostats_17756_* then able to get data and not getting any issue.

Is searchguard support giving generic pattern in kibana logstash_iostats_*, when user logs in get from specific index where user has access?

Thanks in advance for your help.

Thanks,

srikanth.

please share your sg_roles.yml and sg_action_groups.yml

···

Am 07.03.2017 um 21:40 schrieb srikanth ramineni <ri.srikanth@gmail.com>:

Hi Team,

I am getting security exceptions in kibana for generic index patterns. could some one help to provide solution to this. Below is the use case.

I have below index patterns in ES and have permissions to users.
logstash_iostats_17756_* (* indicates date) -> Gave permissions to Srikanth
logstash_iostats_23857_* (* indicates date) -> Gave permissions to harish

In kibana I have set index pattern logstash_iostats_* and created few visualizations and Dashboard.

when user srikanth logs in to kibana , it is giving security exception like indices-data.read.msearch ,indices-data.read.field_stats but when I create index pattern logstash_iostats_17756_* then able to get data and not getting any issue.

Is searchguard support giving generic pattern in kibana logstash_iostats_*, when user logs in get from specific index where user has access?

Thanks in advance for your help.

Thanks,
srikanth.

--
You received this message because you are subscribed to the Google Groups "Search Guard" group.
To unsubscribe from this group and stop receiving emails from it, send an email to search-guard+unsubscribe@googlegroups.com.
To post to this group, send email to search-guard@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/cf4403d3-8478-4c5b-824b-f90b513a0d71%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Hi,

Please find enclosed sg_roles and sg_action_group files as you requested. Please let me know if you need more information.

Thanks,

Srikanth.

sg_action_groups_2017-Mar-06_20-28-45.yml (1.46 KB)

sg_roles_2017-Mar-06_20-28-45.yml (3.65 KB)

···

On Thursday, 9 March 2017 09:43:25 UTC-6, Search Guard wrote:

please share your sg_roles.yml and sg_action_groups.yml

Am 07.03.2017 um 21:40 schrieb srikanth ramineni ri.sr...@gmail.com:

Hi Team,

I am getting security exceptions in kibana for generic index patterns. could some one help to provide solution to this. Below is the use case.

I have below index patterns in ES and have permissions to users.

logstash_iostats_17756_* (* indicates date) -> Gave permissions to Srikanth

logstash_iostats_23857_* (* indicates date) -> Gave permissions to harish

In kibana I have set index pattern logstash_iostats_* and created few visualizations and Dashboard.

when user srikanth logs in to kibana , it is giving security exception like indices-data.read.msearch ,indices-data.read.field_stats but when I create index pattern logstash_iostats_17756_* then able to get data and not getting any issue.

Is searchguard support giving generic pattern in kibana logstash_iostats_*, when user logs in get from specific index where user has access?

Thanks in advance for your help.

Thanks,

srikanth.


You received this message because you are subscribed to the Google Groups “Search Guard” group.

To unsubscribe from this group and stop receiving emails from it, send an email to search-guard...@googlegroups.com.

To post to this group, send email to search...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/cf4403d3-8478-4c5b-824b-f90b513a0d71%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

What is your Search Guard and Elasticsearch version?

···

On Thursday, 9 March 2017 17:21:57 UTC+1, srikanth ramineni wrote:

Hi,

Please find enclosed sg_roles and sg_action_group files as you requested. Please let me know if you need more information.

Thanks,

Srikanth.

On Thursday, 9 March 2017 09:43:25 UTC-6, Search Guard wrote:

please share your sg_roles.yml and sg_action_groups.yml

Am 07.03.2017 um 21:40 schrieb srikanth ramineni ri.sr...@gmail.com:

Hi Team,

I am getting security exceptions in kibana for generic index patterns. could some one help to provide solution to this. Below is the use case.

I have below index patterns in ES and have permissions to users.

logstash_iostats_17756_* (* indicates date) -> Gave permissions to Srikanth

logstash_iostats_23857_* (* indicates date) -> Gave permissions to harish

In kibana I have set index pattern logstash_iostats_* and created few visualizations and Dashboard.

when user srikanth logs in to kibana , it is giving security exception like indices-data.read.msearch ,indices-data.read.field_stats but when I create index pattern logstash_iostats_17756_* then able to get data and not getting any issue.

Is searchguard support giving generic pattern in kibana logstash_iostats_*, when user logs in get from specific index where user has access?

Thanks in advance for your help.

Thanks,

srikanth.


You received this message because you are subscribed to the Google Groups “Search Guard” group.

To unsubscribe from this group and stop receiving emails from it, send an email to search-guard...@googlegroups.com.

To post to this group, send email to search...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/cf4403d3-8478-4c5b-824b-f90b513a0d71%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

com_att_hfrunmonitor_kibana:

cluster:

  • “indices-data.read.msearch”

  • “indices-data.read.searchANY”

  • “indices-data.read.search”

seems to make no sense, it should be something like

com_att_hfrunmonitor_kibana:

cluster:

  • “indices:data/read/msearch”

  • “indices:data/read/search”

···

On Thursday, 9 March 2017 17:21:57 UTC+1, srikanth ramineni wrote:

Hi,

Please find enclosed sg_roles and sg_action_group files as you requested. Please let me know if you need more information.

Thanks,

Srikanth.

On Thursday, 9 March 2017 09:43:25 UTC-6, Search Guard wrote:

please share your sg_roles.yml and sg_action_groups.yml

Am 07.03.2017 um 21:40 schrieb srikanth ramineni ri.sr...@gmail.com:

Hi Team,

I am getting security exceptions in kibana for generic index patterns. could some one help to provide solution to this. Below is the use case.

I have below index patterns in ES and have permissions to users.

logstash_iostats_17756_* (* indicates date) -> Gave permissions to Srikanth

logstash_iostats_23857_* (* indicates date) -> Gave permissions to harish

In kibana I have set index pattern logstash_iostats_* and created few visualizations and Dashboard.

when user srikanth logs in to kibana , it is giving security exception like indices-data.read.msearch ,indices-data.read.field_stats but when I create index pattern logstash_iostats_17756_* then able to get data and not getting any issue.

Is searchguard support giving generic pattern in kibana logstash_iostats_*, when user logs in get from specific index where user has access?

Thanks in advance for your help.

Thanks,

srikanth.


You received this message because you are subscribed to the Google Groups “Search Guard” group.

To unsubscribe from this group and stop receiving emails from it, send an email to search-guard...@googlegroups.com.

To post to this group, send email to search...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/cf4403d3-8478-4c5b-824b-f90b513a0d71%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.