Kibana screen empty after DLS

Hi,
I am using SG 5 and ES 5.3. I am trying new DLS feature by downloading a module 5.3 with dependencies and restarted the node to activate it.

I configured this for single user by defining the role in sg_roles.yml; I tried in two steps as shown below:

sg_user_apache:
cluster:
- CLUSTER_COMPOSITE_OPS
indices:
‘':
'’:
- ‘*’
dls: ‘{ “term” : {“LogType”: “Apache_Logs”} }’

‘?kibana’:
‘':
- '’

sg_user_apache:
cluster:
- CLUSTER_COMPOSITE_OPS
indices:
‘':
'’:
- ‘’
‘?kibana’:
'’:
- ‘*’
dls: ‘{ “term” : {“LogType”: “Apache_Logs”} }’

But the result was blank screen in kibana. Is DLS works only with the field _type or with any field.

Thanks,
Yash

Hi,
Sorry my ES version is 5.2. but I get an Internal server error 500 when I enable dls.

Which query should I use from these two

dls: ‘{ “term” : {“LogType”: “Apache_Logs”} }’

or

dls: ‘{ “bool” : { “must” : { “match” : {“LogType”: “Apache_Logs”} } } }’

The error which I get in the log is

[2017-06-08T11:28:49,096][WARN ][r.suppressed ]path: /.kibana/config/5.2.2, params: {index=.kibana, id=5.2.2, type=config}
org.elasticsearch.common.settings.SettingsException: Failed to get setting group for [.indices.] setting prefix and setting [.indices._
dls_] because of a missing ‘.’

Thanks,
Yash

Please post your sg_roles.yml where you tried to use DLS, we need to see the whole picture.