Hello All,
I just want to figure out like how the searchguard is internally storing the user,roles, and rolesmapping data? I think it’s creating index called searchguard, but whenever I tried to look into that index I didn’t get any data. When I looked into searchguard index mapping I found like, Whenever we are creating any user or role(via running sgadmin utility), It’s getting updated in mapping. But I really want to know about, where the data is stored inside elasticsearch. IF it’s strong in searchguard index, then How Can I retrieve those data ?
Let me know if any one need further clarifications. Your help will be really appreciated.
Here is the mapping of searchguard index :
{
“searchguard”: {
“mappings”: {
“internalusers”: {
“properties”: {
“admin”: {
“properties”: {
“hash”: {
“type”: “string”
}
}
},
“dlsflsuser”: {
“properties”: {
“hash”: {
“type”: “string”
}
}
},
“kibanaro”: {
“properties”: {
“hash”: {
“type”: “string”
}
}
},
“kibanaserver”: {
“properties”: {
“hash”: {
“type”: “string”
}
}
},
“kirk”: {
“properties”: {
“hash”: {
“type”: “string”
},
“roles”: {
“type”: “string”
}
}
},
“logstash”: {
“properties”: {
“hash”: {
“type”: “string”
}
}
},
“mister_picard”: {
“properties”: {
“hash”: {
“type”: “string”
},
“username”: {
“type”: “string”
}
}
},
“readall”: {
“properties”: {
“hash”: {
“type”: “string”
}
}
},
“spock”: {
“properties”: {
“hash”: {
“type”: “string”
},
“roles”: {
“type”: “string”
}
}
},
“test”: {
“properties”: {
“hash”: {
“type”: “string”
}
}
},
“worf”: {
“properties”: {
“hash”: {
“type”: “string”
}
}
}
}
},
“roles”: {
“properties”: {
“sg_all_access”: {
“properties”: {
“cluster”: {
“type”: “string”
},
“indices”: {
“properties”: {
“*”: {
“properties”: {
“*”: {
“type”: “string”
}
}
}
}
}
}
},
“sg_kibana4”: {
“properties”: {
“indices”: {
“properties”: {
“*”: {
“properties”: {
“*”: {
“type”: “string”
}
}
},
“?kibana”: {
“properties”: {
“*”: {
“type”: “string”
}
}
}
}
}
}
},
“sg_kibana4_server”: {
“properties”: {
“cluster”: {
“type”: “string”
},
“indices”: {
“properties”: {
“?kibana”: {
“properties”: {
“*”: {
“type”: “string”
}
}
}
}
}
}
},
“sg_kibana4_testindex”: {
“properties”: {
“indices”: {
“properties”: {
“?kibana”: {
“properties”: {
“*”: {
“type”: “string”
}
}
},
“test*”: {
“properties”: {
“*”: {
“type”: “string”
}
}
}
}
}
}
},
“sg_logstash”: {
“properties”: {
“cluster”: {
“type”: “string”
},
“indices”: {
“properties”: {
“beat”: {
“properties”: {
“*”: {
“type”: “string”
}
}
},
“logstash-*”: {
“properties”: {
“*”: {
“type”: “string”
}
}
}
}
}
}
},
“sg_readall”: {
“properties”: {
“indices”: {
“properties”: {
“*”: {
“properties”: {
“*”: {
“type”: “string”
}
}
}
}
}
}
},
“sg_readonly_and_monitor”: {
“properties”: {
“cluster”: {
“type”: “string”
},
“indices”: {
“properties”: {
“*”: {
“properties”: {
“*”: {
“type”: “string”
}
}
}
}
}
}
},
“sg_readonly_dlsfls”: {
“properties”: {
“indices”: {
“properties”: {
“/\S*/”: {
“properties”: {
“*”: {
“type”: “string”
},
“dls”: {
“type”: “string”
},
“fls”: {
“type”: “string”
}
}
}
}
}
}
},
“sg_role_starfleet”: {
“properties”: {
“indices”: {
“properties”: {
“pub*”: {
“properties”: {
“*”: {
“type”: “string”
}
}
},
“sf”: {
“properties”: {
“alumni”: {
“type”: “string”
},
“public”: {
“type”: “string”
},
“ships”: {
“type”: “string”
},
“students”: {
“type”: “string”
}
}
}
}
}
}
},
“sg_role_starfleet_captains”: {
“properties”: {
“cluster”: {
“type”: “string”
},
“indices”: {
“properties”: {
“pub*”: {
“properties”: {
“*”: {
“type”: “string”
}
}
},
“sf”: {
“properties”: {
“*”: {
“type”: “string”
}
}
}
}
}
}
},
“sg_transport_client”: {
“properties”: {
“cluster”: {
“type”: “string”
}
}
}
}
},
“config”: {
“properties”: {
“searchguard”: {
“properties”: {
“dynamic”: {
“properties”: {
“authc”: {
“properties”: {
“basic_internal_auth_domain”: {
“properties”: {
“authentication_backend”: {
“properties”: {
“type”: {
“type”: “string”
}
}
},
“enabled”: {
“type”: “boolean”
},
“http_authenticator”: {
“properties”: {
“challenge”: {
“type”: “boolean”
},
“type”: {
“type”: “string”
}
}
},
“order”: {
“type”: “long”
}
}
},
“clientcert_auth_domain”: {
“properties”: {
“authentication_backend”: {
“properties”: {
“type”: {
“type”: “string”
}
}
},
“enabled”: {
“type”: “boolean”
},
“http_authenticator”: {
“properties”: {
“challenge”: {
“type”: “boolean”
},
“type”: {
“type”: “string”
}
}
},
“order”: {
“type”: “long”
}
}
},
“host_auth_domain”: {
“properties”: {
“authentication_backend”: {
“properties”: {
“type”: {
“type”: “string”
}
}
},
“enabled”: {
“type”: “boolean”
},
“http_authenticator”: {
“properties”: {
“challenge”: {
“type”: “boolean”
},
“type”: {
“type”: “string”
}
}
},
“order”: {
“type”: “long”
}
}
},
“jwt_auth_domain”: {
“properties”: {
“authentication_backend”: {
“properties”: {
“type”: {
“type”: “string”
}
}
},
“enabled”: {
“type”: “boolean”
},
“http_authenticator”: {
“properties”: {
“challenge”: {
“type”: “boolean”
},
“config”: {
“properties”: {
“jwt_header”: {
“type”: “string”
},
“signing_key”: {
“type”: “string”
}
}
},
“type”: {
“type”: “string”
}
}
},
“order”: {
“type”: “long”
}
}
},
“kerberos_auth_domain”: {
“properties”: {
“authentication_backend”: {
“properties”: {
“type”: {
“type”: “string”
}
}
},
“enabled”: {
“type”: “boolean”
},
“http_authenticator”: {
“properties”: {
“challenge”: {
“type”: “boolean”
},
“config”: {
“properties”: {
“acceptor_principal”: {
“type”: “string”
},
“krb_debug”: {
“type”: “boolean”
},
“strip_realm_from_principal”: {
“type”: “boolean”
}
}
},
“type”: {
“type”: “string”
}
}
},
“order”: {
“type”: “long”
}
}
},
“ldap”: {
“properties”: {
“authentication_backend”: {
“properties”: {
“config”: {
“properties”: {
“enable_ssl”: {
“type”: “boolean”
},
“enable_ssl_client_auth”: {
“type”: “boolean”
},
“enable_start_tls”: {
“type”: “boolean”
},
“hosts”: {
“type”: “string”
},
“userbase”: {
“type”: “string”
},
“usersearch”: {
“type”: “string”
},
“verify_hostnames”: {
“type”: “boolean”
}
}
},
“type”: {
“type”: “string”
}
}
},
“enabled”: {
“type”: “boolean”
},
“http_authenticator”: {
“properties”: {
“challenge”: {
“type”: “boolean”
},
“type”: {
“type”: “string”
}
}
},
“order”: {
“type”: “long”
}
}
},
“proxy_auth_domain”: {
“properties”: {
“authentication_backend”: {
“properties”: {
“type”: {
“type”: “string”
}
}
},
“enabled”: {
“type”: “boolean”
},
“http_authenticator”: {
“properties”: {
“challenge”: {
“type”: “boolean”
},
“config”: {
“properties”: {
“roles_header”: {
“type”: “string”
},
“user_header”: {
“type”: “string”
}
}
},
“type”: {
“type”: “string”
}
}
},
“order”: {
“type”: “long”
}
}
}
}
},
“authz”: {
“properties”: {
“roles_from_another_ldap”: {
“properties”: {
“authorization_backend”: {
“properties”: {
“type”: {
“type”: “string”
}
}
},
“enabled”: {
“type”: “boolean”
}
}
},
“roles_from_myldap”: {
“properties”: {
“authorization_backend”: {
“properties”: {
“config”: {
“properties”: {
“enable_ssl”: {
“type”: “boolean”
},
“enable_ssl_client_auth”: {
“type”: “boolean”
},
“enable_start_tls”: {
“type”: “boolean”
},
“hosts”: {
“type”: “string”
},
“resolve_nested_roles”: {
“type”: “boolean”
},
“rolebase”: {
“type”: “string”
},
“rolename”: {
“type”: “string”
},
“rolesearch”: {
“type”: “string”
},
“userbase”: {
“type”: “string”
},
“userrolename”: {
“type”: “string”
},
“usersearch”: {
“type”: “string”
},
“verify_hostnames”: {
“type”: “boolean”
}
}
},
“type”: {
“type”: “string”
}
}
},
“enabled”: {
“type”: “boolean”
}
}
}
}
},
“http”: {
“properties”: {
“anonymous_auth_enabled”: {
“type”: “boolean”
},
“xff”: {
“properties”: {
“enabled”: {
“type”: “boolean”
},
“internalProxies”: {
“type”: “string”
},
“proxiesHeader”: {
“type”: “string”
},
“remoteIpHeader”: {
“type”: “string”
}
}
}
}
}
}
}
}
}
}
},
“rolesmapping”: {
“properties”: {
“sg_all_access”: {
“properties”: {
“users”: {
“type”: “string”
}
}
},
“sg_kibana4”: {
“properties”: {
“backendroles”: {
“type”: “string”
},
“users”: {
“type”: “string”
}
}
},
“sg_kibana4_server”: {
“properties”: {
“users”: {
“type”: “string”
}
}
},
“sg_kibana4_testindex”: {
“properties”: {
“users”: {
“type”: “string”
}
}
},
“sg_logstash”: {
“properties”: {
“users”: {
“type”: “string”
}
}
},
“sg_public”: {
“properties”: {
“users”: {
“type”: “string”
}
}
},
“sg_readall”: {
“properties”: {
“users”: {
“type”: “string”
}
}
},
“sg_readonly_dlsfls”: {
“properties”: {
“users”: {
“type”: “string”
}
}
},
“sg_role_klingons1”: {
“properties”: {
“backendroles”: {
“type”: “string”
},
“hosts”: {
“type”: “string”
},
“users”: {
“type”: “string”
}
}
},
“sg_role_starfleet”: {
“properties”: {
“backendroles”: {
“type”: “string”
},
“hosts”: {
“type”: “string”
},
“users”: {
“type”: “string”
}
}
},
“sg_role_starfleet_captains”: {
“properties”: {
“backendroles”: {
“type”: “string”
}
}
}
}
},
“actiongroups”: {
“properties”: {
“ALL”: {
“type”: “string”
},
“CLUSTER_ALL”: {
“type”: “string”
},
“CLUSTER_MONITOR”: {
“type”: “string”
},
“CREATE_INDEX”: {
“type”: “string”
},
“CRUD”: {
“type”: “string”
},
“DATA_ACCESS”: {
“type”: “string”
},
“DELETE”: {
“type”: “string”
},
“GET”: {
“type”: “string”
},
“INDEX”: {
“type”: “string”
},
“MANAGE”: {
“type”: “string”
},
“MANAGE_ALIASES”: {
“type”: “string”
},
“MONITOR”: {
“type”: “string”
},
“READ”: {
“type”: “string”
},
“SEARCH”: {
“type”: “string”
},
“SUGGEST”: {
“type”: “string”
},
“WRITE”: {
“type”: “string”
}
}
}
}
}
}…
``