kibana w/ saml, tribe nodes, multisearch

I need to have SAML auth on exactly one host, and have multiple clusters I need to search, assumably as tribe nodes. How exactly is this possible? Purchasing hundreds of searchguard licenses doesnt make much sense when I really have only one host that needs the auth mechanism.

When asking questions, please provide the following information:

  • Search Guard and Elasticsearch version

  • Installed and used enterprise modules, if any

  • JVM version and operating system version

  • Search Guard configuration files

  • Elasticsearch log messages on debug level

  • Other installed Elasticsearch or Kibana plugins, if any

You only need a license per cluster (not per node). How many clusters do you have?

(Please keep in mind that the tribe node is deprecated since 5.4.0 in favor of cross cluster search and will be removed as of ES 7)

···

Am 24.09.2018 um 16:57 schrieb erik clark <philosnef@gmail.com>:

I need to have SAML auth on exactly one host, and have multiple clusters I need to search, assumably as tribe nodes. How exactly is this possible? Purchasing hundreds of searchguard licenses doesnt make much sense when I really have only one host that needs the auth mechanism.

When asking questions, please provide the following information:

* Search Guard and Elasticsearch version
* Installed and used enterprise modules, if any
* JVM version and operating system version
* Search Guard configuration files
* Elasticsearch log messages on debug level
* Other installed Elasticsearch or Kibana plugins, if any

--
You received this message because you are subscribed to the Google Groups "Search Guard Community Forum" group.
To unsubscribe from this group and stop receiving emails from it, send an email to search-guard+unsubscribe@googlegroups.com.
To post to this group, send email to search-guard@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/4a1cd85b-321e-4565-8f5a-9e6e471987b0%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

We would have 10 clusters or so, possibly as many as 15. The only part we care about is a single pane of glass visibility into all the clusters, protected at a single point with SAML auth.

···

On Monday, September 24, 2018 at 4:24:42 PM UTC-4, Search Guard wrote:

You only need a license per cluster (not per node). How many clusters do you have?

(Please keep in mind that the tribe node is deprecated since 5.4.0 in favor of cross cluster search and will be removed as of ES 7)

Am 24.09.2018 um 16:57 schrieb erik clark phil...@gmail.com:

I need to have SAML auth on exactly one host, and have multiple clusters I need to search, assumably as tribe nodes. How exactly is this possible? Purchasing hundreds of searchguard licenses doesnt make much sense when I really have only one host that needs the auth mechanism.

When asking questions, please provide the following information:

  • Search Guard and Elasticsearch version
  • Installed and used enterprise modules, if any
  • JVM version and operating system version
  • Search Guard configuration files
  • Elasticsearch log messages on debug level
  • Other installed Elasticsearch or Kibana plugins, if any


You received this message because you are subscribed to the Google Groups “Search Guard Community Forum” group.

To unsubscribe from this group and stop receiving emails from it, send an email to search-guard...@googlegroups.com.

To post to this group, send email to search...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/4a1cd85b-321e-4565-8f5a-9e6e471987b0%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

It's not a setup which is tested (or currently supported) by us but you can try:

- Setup one cluster with sg enterprise and configured saml auth as the tribe node/ccs node
- Setup all other clusters with the community version of sg

Check also https://docs.search-guard.com/latest/cross-cluster-tribe#tribe-nodes and https://docs.search-guard.com/latest/cross-cluster-tribe#cross-cluster-search-support

Please report back your experiences and/or issues.

···

Am 25.09.2018 um 15:21 schrieb erik clark <philosnef@gmail.com>:

We would have 10 clusters or so, possibly as many as 15. The only part we care about is a single pane of glass visibility into all the clusters, protected at a single point with SAML auth.

On Monday, September 24, 2018 at 4:24:42 PM UTC-4, Search Guard wrote:
You only need a license per cluster (not per node). How many clusters do you have?

(Please keep in mind that the tribe node is deprecated since 5.4.0 in favor of cross cluster search and will be removed as of ES 7)

> Am 24.09.2018 um 16:57 schrieb erik clark <phil...@gmail.com>:
>
> I need to have SAML auth on exactly one host, and have multiple clusters I need to search, assumably as tribe nodes. How exactly is this possible? Purchasing hundreds of searchguard licenses doesnt make much sense when I really have only one host that needs the auth mechanism.
>
> When asking questions, please provide the following information:
>
> * Search Guard and Elasticsearch version
> * Installed and used enterprise modules, if any
> * JVM version and operating system version
> * Search Guard configuration files
> * Elasticsearch log messages on debug level
> * Other installed Elasticsearch or Kibana plugins, if any
>
> --
> You received this message because you are subscribed to the Google Groups "Search Guard Community Forum" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to search-guard...@googlegroups.com.
> To post to this group, send email to search...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/4a1cd85b-321e-4565-8f5a-9e6e471987b0%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups "Search Guard Community Forum" group.
To unsubscribe from this group and stop receiving emails from it, send an email to search-guard+unsubscribe@googlegroups.com.
To post to this group, send email to search-guard@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/c9494bde-322d-4b7e-9fad-ebbec71aae57%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.