Help needed in creating role to create index and alias but not view log data

Hi All,

Is there a role that I can define which will have permission to create index and alias but not view log data?

I tried the following but had issues:

  • Tried INDICES_ALL but I was able to see the log data as well.

  • Used logstash role where,

beat’:

‘*’:

  • CRUD

  • CREATE_INDEX

I was able to create index with this but not alias.

Any suggestions on this will be very helpful.

Kibana version:5.5.1

Searchguard-elasticsearch: 5.5.1-16

Searchguard-Kibana: 5.5.1-4

Thanks & Regards,

Shwetha Mittur

When asking questions, please provide the following information:

  • Search Guard and Elasticsearch version

  • Installed and used enterprise modules, if any

  • JVM version and operating system version

  • Search Guard configuration files

  • Elasticsearch log messages on debug level

  • Other installed Elasticsearch or Kibana plugins, if any

sg_rolexxx:
  cluster:
    - "indices:admin/aliases*"
  indices:
    '*beat*':
      '*':
        - CREATE_INDEX

···

Am 13.11.2017 um 10:43 schrieb Shwetha M <shuthu12@gmail.com>:

Hi All,

Is there a role that I can define which will have permission to create index and alias but not view log data?

I tried the following but had issues:

* Tried INDICES_ALL but I was able to see the log data as well.
* Used logstash role where,
    '*beat*':
      '*':
        - CRUD
        - CREATE_INDEX
I was able to create index with this but not alias.

Any suggestions on this will be very helpful.

Kibana version:5.5.1
Searchguard-elasticsearch: 5.5.1-16
Searchguard-Kibana: 5.5.1-4

Thanks & Regards,
Shwetha Mittur

When asking questions, please provide the following information:

* Search Guard and Elasticsearch version
* Installed and used enterprise modules, if any
* JVM version and operating system version
* Search Guard configuration files
* Elasticsearch log messages on debug level
* Other installed Elasticsearch or Kibana plugins, if any

--
You received this message because you are subscribed to the Google Groups "Search Guard Community Forum" group.
To unsubscribe from this group and stop receiving emails from it, send an email to search-guard+unsubscribe@googlegroups.com.
To post to this group, send email to search-guard@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/23dec696-ec89-485b-a06f-4bead595cb72%40googlegroups.com\.
For more options, visit https://groups.google.com/d/optout\.

Thank you for your prompt response. We were able to achieve this by using MANAGE option to do the index/alias operation.

Regards,

Shwetha Mittur

···

On Monday, November 13, 2017 at 8:22:26 PM UTC+5:30, Search Guard wrote:

sg_rolexxx:

cluster:

- "indices:admin/aliases*"

indices:

'*beat*':

  '*':

    - CREATE_INDEX

Am 13.11.2017 um 10:43 schrieb Shwetha M shut...@gmail.com:

Hi All,

Is there a role that I can define which will have permission to create index and alias but not view log data?

I tried the following but had issues:

  • Tried INDICES_ALL but I was able to see the log data as well.
  • Used logstash role where,
    beat’:
  '*':
    - CRUD
    - CREATE_INDEX

I was able to create index with this but not alias.

Any suggestions on this will be very helpful.

Kibana version:5.5.1

Searchguard-elasticsearch: 5.5.1-16

Searchguard-Kibana: 5.5.1-4

Thanks & Regards,

Shwetha Mittur

When asking questions, please provide the following information:

  • Search Guard and Elasticsearch version
  • Installed and used enterprise modules, if any
  • JVM version and operating system version
  • Search Guard configuration files
  • Elasticsearch log messages on debug level
  • Other installed Elasticsearch or Kibana plugins, if any


You received this message because you are subscribed to the Google Groups “Search Guard Community Forum” group.

To unsubscribe from this group and stop receiving emails from it, send an email to search-guard...@googlegroups.com.

To post to this group, send email to search...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/23dec696-ec89-485b-a06f-4bead595cb72%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.