How to configure user permissions based on indices?

Hi,

first things first, here are the desired informations:

-Elasticsearch Version: 6.2.3

-Search Guard Version: 6.2.3-22.0

-no enterprise modules

-openjdk version “1.8.0_131”

-/usr/share/kibana/bin/kibana-plugin list

searchguard@6.2.3

-/usr/share/elasticsearch/bin/elasticsearch-plugin list

search-guard-6

-logstash: logstash-input-redis / logstash-output-file

I configured 2 users (for test purposes I only configured the proxy user completely). Proxy and system and I’d like to grant them access to the almost same-named indices (ex.: proxylogs-2018.04.11 and systemlogs-2018.04.08). Either kiabana shows all indices with the ability to create new indices or nothing is shown except for the panel on the left side. But nothing happens when clicking on “Discover” or any other button.

Can anybody help me with my issue?

Thanks in advance

Best regards,

Simon

sg_roles.yml (5.66 KB)

sg_roles_mapping.yml (685 Bytes)

sg_action_groups.yml (2.37 KB)

sg_config.yml (9.44 KB)

sg_internal_users.yml (1.28 KB)

searchguard.log (3.36 KB)

Easy going!

Found the solution and want to share with the community.

I added my users in sg_roles_mapping.yml to sg_kibana_server:

sg_kibana_server:

readonly: true

users:

• kibanaserver

• proxy

• system

Now it functions.

Cheers!