Errors with accessing the kibana

I have changed the config file sg_roles.yml

sg_apache_tomcat:

indices:

’apache-tomcat-*’:

’*’:

- ALL

and the sg_roles_mapping.yml:

sg_apache_tomcat:

users:

  • kirk

and in the kibana.yml, i added the entries

elasticsearch.username: “kibanaserver”

elasticsearch.password: "kibanaserver"

And with the command curl -XGET -u kirk:kirk “http://192.25.97.128:9200/apache-*?pretty” , i can get what i want.

But when i access the kibana with the “kirk”, i got the errors as follow:

               Courier Fetch Error: unhandled courier request error: unknown error
    Error: unhandled courier request error: unknown error
at handleError ([http://192.25.97.128:5601/bundles/kibana.bundle.js?v=9732:78871:23](http://192.25.97.128:5601/bundles/kibana.bundle.js?v=9732:78871:23)    )
at DocRequest.AbstractReqProvider.AbstractReq.handleFailure ([http://192.25.97.128:5601/bundles/kibana.bundle.js?v=9732:78791:15](http://192.25.97.128:5601/bundles/kibana.bundle.js?v=9732:78791:15)    )
at [http://192.25.97.128:5601/bundles/kibana.bundle.js?v=9732:78685:18](http://192.25.97.128:5601/bundles/kibana.bundle.js?v=9732:78685:18)
    at Array.forEach (native)
at [http://192.25.97.128:5601/bundles/kibana.bundle.js?v=9732:78683:19](http://192.25.97.128:5601/bundles/kibana.bundle.js?v=9732:78683:19)
    at processQueue ([http://192.25.97.128:5601/bundles/commons.bundle.js?v=9732:42357:29](http://192.25.97.128:5601/bundles/commons.bundle.js?v=9732:42357:29)    )
at [http://192.25.97.128:5601/bundles/commons.bundle.js?v=9732:42373:28](http://192.25.97.128:5601/bundles/commons.bundle.js?v=9732:42373:28)
    at Scope.$eval ([http://192.25.97.128:5601/bundles/commons.bundle.js?v=9732:43601:29](http://192.25.97.128:5601/bundles/commons.bundle.js?v=9732:43601:29)    )
at Scope.$digest ([http://192.25.97.128:5601/bundles/commons.bundle.js?v=9732:43412:32](http://192.25.97.128:5601/bundles/commons.bundle.js?v=9732:43412:32)    )
at Scope.$apply ([http://192.25.97.128:5601/bundles/commons.bundle.js?v=9732:43709:25](http://192.25.97.128:5601/bundles/commons.bundle.js?v=9732:43709:25))

What’t more, i can access the kibana with the “admin”.

Can you tell me where did i miss?

the elasticsearch debug is here:

_closed=false, allow_alisases_to_multiple_indices=true, forbid_closed_indices=true]

[2016-06-16 17:26:05,666][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] raw indices [.kibana]

[2016-06-16 17:26:05,666][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] Resolved [.kibana] to {}

[2016-06-16 17:26:05,666][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] requested resolved aliases and indices: [.kibana]

[2016-06-16 17:26:05,666][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] requested resolved types: [config]

[2016-06-16 17:26:05,666][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] mapped roles: [sg_kibana4_server, sg_public]

[2016-06-16 17:26:05,666][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] ---------- evaluate sg_role: sg_kibana4_server

[2016-06-16 17:26:05,666][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] Try wildcard match for ?kibana

[2016-06-16 17:26:05,666][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] Wildcard match for ?kibana: [.kibana]

[2016-06-16 17:26:05,666][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] matches for ?kibana, will check now types

[2016-06-16 17:26:05,666][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] resolvedActions for ?kibana/: [indices:]

[2016-06-16 17:26:05,666][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] match requested action indices:data/read/search against ?kibana/: [indices:]

[2016-06-16 17:26:05,666][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] remaining requested aliases and indices:

[2016-06-16 17:26:05,666][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] remaining requested resolved types:

[2016-06-16 17:26:05,666][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] found a match for ‘sg_kibana4_server’, evaluate other roles for fls/dls purposes

[2016-06-16 17:26:05,666][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] sg_role sg_public is empty

Who can help me solve the problem? Thanks!

does this work?

sg_apache_tomcat:
  cluster:
      - cluster:monitor/nodes/info
      - cluster:monitor/health
  indices:
    'apache-tomcat-*':
      '*':
        - ALL
    '?kibana':
      '*':
        - READ
        - indices:admin/mappings/fields/get*
        - indices:admin/validate/query*
        - indices:admin/get*
        - indices:admin/exists*
        - indices:admin/mappings/fields/get*
        - indices:admin/refresh*
        - indices:admin/validate/query*
        - indices:data/read/get*
        - indices:data/read/mget*
        - indices:data/read/search*

···

Am 16.06.2016 um 11:31 schrieb Wei Hong <fzuerhw@gmail.com>:

I have changed the config file sg_roles.yml

sg_apache_tomcat:
  indices:
    'apache-tomcat-*':
      '*':
        - ALL

and the sg_roles_mapping.yml:

sg_apache_tomcat:
  users:
    - kirk

and in the kibana.yml, i added the entries

elasticsearch.username: "kibanaserver"
elasticsearch.password: "kibanaserver"

And with the command curl -XGET -u kirk:kirk "http://192.25.97.128:9200/apache-*?pretty" , i can get what i want.

But when i access the kibana with the "kirk", i got the errors as follow:
                   Courier Fetch Error: unhandled courier request error: unknown error
Error: unhandled courier request error: unknown error
    at handleError (
http://192.25.97.128:5601/bundles/kibana.bundle.js?v=9732:78871:23
)
    at DocRequest.
AbstractReqProvider.AbstractReq.handleFailure (http://192.25.97.128:5601/bundles/kibana.bundle.js?v=9732:78791:15
)
    at
http://192.25.97.128:5601/bundles/kibana.bundle.js?v=9732:78685:18

    at Array.forEach (native)
    at
http://192.25.97.128:5601/bundles/kibana.bundle.js?v=9732:78683:19

    at processQueue (
http://192.25.97.128:5601/bundles/commons.bundle.js?v=9732:42357:29
)
    at
http://192.25.97.128:5601/bundles/commons.bundle.js?v=9732:42373:28

    at Scope.$eval (
http://192.25.97.128:5601/bundles/commons.bundle.js?v=9732:43601:29
)
    at Scope.$digest (
http://192.25.97.128:5601/bundles/commons.bundle.js?v=9732:43412:32
)
    at Scope.$apply (
http://192.25.97.128:5601/bundles/commons.bundle.js?v=9732:43709:25)

What't more, i can access the kibana with the "admin".

Can you tell me where did i miss?

--
You received this message because you are subscribed to the Google Groups "Search Guard" group.
To unsubscribe from this group and stop receiving emails from it, send an email to search-guard+unsubscribe@googlegroups.com.
To post to this group, send email to search-guard@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/039b0253-f9bf-4bd2-a9bf-0ab1fecaccb1%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Sorry, I added these to the role, it still not work. The errors is

“no permissions for indices:data/read/field_stats”

then i added the " indices:data/read/field_stats" behind the “?kibana”

it still not work.

Is there something wrong?

在 2016年6月18日星期六 UTC+8上午3:08:02,SG写道:

···

does this work?

sg_apache_tomcat:

cluster:
- cluster:monitor/nodes/info

  - cluster:monitor/health

indices:

'apache-tomcat-*':

  '*':

    - ALL

'?kibana':

  '*':

    - READ

    - indices:admin/mappings/fields/get*

    - indices:admin/validate/query*

    - indices:admin/get*

    - indices:admin/exists*

    - indices:admin/mappings/fields/get*

    - indices:admin/refresh*

    - indices:admin/validate/query*

    - indices:data/read/get*

    - indices:data/read/mget*

    - indices:data/read/search*

Am 16.06.2016 um 11:31 schrieb Wei Hong fzu...@gmail.com:

I have changed the config file sg_roles.yml

sg_apache_tomcat:

indices:

'apache-tomcat-*':
  '*':
    - ALL

and the sg_roles_mapping.yml:

sg_apache_tomcat:

users:

- kirk

and in the kibana.yml, i added the entries

elasticsearch.username: “kibanaserver”

elasticsearch.password: “kibanaserver”

And with the command curl -XGET -u kirk:kirk “http://192.25.97.128:9200/apache-*?pretty” , i can get what i want.

But when i access the kibana with the “kirk”, i got the errors as follow:

               Courier Fetch Error: unhandled courier request error: unknown error

Error: unhandled courier request error: unknown error

at handleError (

http://192.25.97.128:5601/bundles/kibana.bundle.js?v=9732:78871:23

)

at DocRequest.

AbstractReqProvider.AbstractReq.handleFailure (http://192.25.97.128:5601/bundles/kibana.bundle.js?v=9732:78791:15

)

at

http://192.25.97.128:5601/bundles/kibana.bundle.js?v=9732:78685:18

at Array.forEach (native)
at

http://192.25.97.128:5601/bundles/kibana.bundle.js?v=9732:78683:19

at processQueue (

http://192.25.97.128:5601/bundles/commons.bundle.js?v=9732:42357:29

)

at

http://192.25.97.128:5601/bundles/commons.bundle.js?v=9732:42373:28

at Scope.$eval (

http://192.25.97.128:5601/bundles/commons.bundle.js?v=9732:43601:29

)

at Scope.$digest (

http://192.25.97.128:5601/bundles/commons.bundle.js?v=9732:43412:32

)

at Scope.$apply (

http://192.25.97.128:5601/bundles/commons.bundle.js?v=9732:43709:25)

What’t more, i can access the kibana with the “admin”.

Can you tell me where did i miss?


You received this message because you are subscribed to the Google Groups “Search Guard” group.

To unsubscribe from this group and stop receiving emails from it, send an email to search-guard...@googlegroups.com.

To post to this group, send email to search...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/039b0253-f9bf-4bd2-a9bf-0ab1fecaccb1%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

I met the same problem , if you add the “indices:data/read/field_stats” , it will notice “indieces:data/read/mget”
the config should like this:

sg_apache_tomcat:
cluster:
- cluster:monitor/nodes/info
- cluster:monitor/health
indices:
‘apache-tomcat-’:
'
’:
- ALL

‘?kibana’:
'’:
- READ
- indices:admin/mappings/fields/get

- indices:admin/validate/query*
- indices:admin/get*
- indices:admin/exists*
- indices:admin/mappings/fields/get*
- indices:admin/refresh*
- indices:admin/validate/query*
- indices:data/read/get*
- indices:data/read/mget*
- indices:data/read/search*

‘*’:

‘*’:

  • indices:data/read/field_stats

在 2016年6月20日星期一 UTC+8上午9:24:14,Wei Hong写道:

···

Sorry, I added these to the role, it still not work. The errors is

“no permissions for indices:data/read/field_stats”

then i added the " indices:data/read/field_stats" behind the “?kibana”

it still not work.

Is there something wrong?

在 2016年6月18日星期六 UTC+8上午3:08:02,SG写道:

does this work?

sg_apache_tomcat:

cluster:
- cluster:monitor/nodes/info

  - cluster:monitor/health

indices:

'apache-tomcat-*':

  '*':

    - ALL

'?kibana':

  '*':

    - READ

    - indices:admin/mappings/fields/get*

    - indices:admin/validate/query*

    - indices:admin/get*

    - indices:admin/exists*

    - indices:admin/mappings/fields/get*

    - indices:admin/refresh*

    - indices:admin/validate/query*

    - indices:data/read/get*

    - indices:data/read/mget*

    - indices:data/read/search*

Am 16.06.2016 um 11:31 schrieb Wei Hong fzu...@gmail.com:

I have changed the config file sg_roles.yml

sg_apache_tomcat:

indices:

'apache-tomcat-*':
  '*':
    - ALL

and the sg_roles_mapping.yml:

sg_apache_tomcat:

users:

- kirk

and in the kibana.yml, i added the entries

elasticsearch.username: “kibanaserver”

elasticsearch.password: “kibanaserver”

And with the command curl -XGET -u kirk:kirk “http://192.25.97.128:9200/apache-*?pretty” , i can get what i want.

But when i access the kibana with the “kirk”, i got the errors as follow:

               Courier Fetch Error: unhandled courier request error: unknown error

Error: unhandled courier request error: unknown error

at handleError (

http://192.25.97.128:5601/bundles/kibana.bundle.js?v=9732:78871:23

)

at DocRequest.

AbstractReqProvider.AbstractReq.handleFailure (http://192.25.97.128:5601/bundles/kibana.bundle.js?v=9732:78791:15

)

at

http://192.25.97.128:5601/bundles/kibana.bundle.js?v=9732:78685:18

at Array.forEach (native)
at

http://192.25.97.128:5601/bundles/kibana.bundle.js?v=9732:78683:19

at processQueue (

http://192.25.97.128:5601/bundles/commons.bundle.js?v=9732:42357:29

)

at

http://192.25.97.128:5601/bundles/commons.bundle.js?v=9732:42373:28

at Scope.$eval (

http://192.25.97.128:5601/bundles/commons.bundle.js?v=9732:43601:29

)

at Scope.$digest (

http://192.25.97.128:5601/bundles/commons.bundle.js?v=9732:43412:32

)

at Scope.$apply (

http://192.25.97.128:5601/bundles/commons.bundle.js?v=9732:43709:25)

What’t more, i can access the kibana with the “admin”.

Can you tell me where did i miss?


You received this message because you are subscribed to the Google Groups “Search Guard” group.

To unsubscribe from this group and stop receiving emails from it, send an email to search-guard...@googlegroups.com.

To post to this group, send email to search...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/039b0253-f9bf-4bd2-a9bf-0ab1fecaccb1%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.