Hi all
Just a quick question:
Using the free/community version is it possible to have an user that logs into Kibana but only sees a specific index? Or a set of indexes?
Example:
I have 3 indexes:
Is it possible to setup 3 users that, using kibana, can only access the data in the following way:
User-1 can see data from index rsp-1
User-2 can see data from index rsp-*
User-3 can see all data from all indexes
All my testes using the Kibana GUI have failled since all users I’ve created are “user-3” type.
I’m using latest versions of SG and ELK.
Is there a place were I can go and see a setup like this?
Thanks!
Sure, this is possible with the Community Edition. You need three users, three roles and you then map the users to their respective role(s).
For your third user you can use the built-in readall role. This role grants read access to all indices. For the other two set up roles like:
sg_rsp_1:
cluster:
indices:
‘rsp-1’:
‘*’:
sg_rsp_all:
cluster:
indices:
‘rsp-*’:
‘*’:
``
Then set up your users in sg_internalusers.yml. Because you say you use Kibana, you need give them the “kibanauser” role in addition. We will do that by assigning the respective backend roles in the sg_internalusers.yml:
user1:
hash: …
roles:
- kibanauser
- sg_rsp_1
user2:
hash: …
roles:
- kibanauser
- sg_rsp_all
user3:
hash: …
roles:
- kibanauser
- readall
``
Finally, map the backend roles sg_rsp_1 and sg_rsp_all to the new Search Guard roles. In sg_roles_mapping.yml:
sg_rsp_1:
backendroles:
- sg_rsp_1
sg_rsp_all:
backendroles:
- sg_rsp_all
``
n Thursday, September 27, 2018 at 12:09:12 PM UTC+2, Pedro Reis wrote:
···
On Thursday, September 27, 2018 at 12:09:12 PM UTC+2, Pedro Reis wrote:
Hi all
Just a quick question:
Using the free/community version is it possible to have an user that logs into Kibana but only sees a specific index? Or a set of indexes?
Example:
I have 3 indexes:
Is it possible to setup 3 users that, using kibana, can only access the data in the following way:
User-1 can see data from index rsp-1
User-2 can see data from index rsp-*
User-3 can see all data from all indexes
All my testes using the Kibana GUI have failled since all users I’ve created are “user-3” type.
I’m using latest versions of SG and ELK.
Is there a place were I can go and see a setup like this?
Thanks!
Aquick followup question, again using community edition, after logged in kibana, how can I know which user is the logged user?
All the suggested confs worked, thanks.
I did had a problem using .pem certificates however, I was always getting “unknown certificate” with the certificates and CA generated by the example.sh script when trying to use the sgadmin.sh script. But I changed the configuration to trust/key stores and all went ok.
Thanks.
···
On Friday, 28 September 2018 14:04:08 UTC+1, Pedro Reis wrote:
Thanks!
Will try this!
PR
On Thursday, 27 September 2018 11:09:12 UTC+1, Pedro Reis wrote:
Hi all
Just a quick question:
Using the free/community version is it possible to have an user that logs into Kibana but only sees a specific index? Or a set of indexes?
Example:
I have 3 indexes:
Is it possible to setup 3 users that, using kibana, can only access the data in the following way:
User-1 can see data from index rsp-1
User-2 can see data from index rsp-*
User-3 can see all data from all indexes
All my testes using the Kibana GUI have failled since all users I’ve created are “user-3” type.
I’m using latest versions of SG and ELK.
Is there a place were I can go and see a setup like this?
Thanks!
At the moment, unfortunately, there is no indication about the logged in user apart from the multi tenancy page, which is not part of the community edition. But fear not 
we are working on this exact feature at the moment, so you can expect it in the next version of the Kibana plugin.
···
On Wednesday, October 3, 2018 at 2:28:49 PM UTC+2, Pedro Reis wrote:
Aquick followup question, again using community edition, after logged in kibana, how can I know which user is the logged user?
All the suggested confs worked, thanks.
I did had a problem using .pem certificates however, I was always getting “unknown certificate” with the certificates and CA generated by the example.sh script when trying to use the sgadmin.sh script. But I changed the configuration to trust/key stores and all went ok.
Thanks.
On Friday, 28 September 2018 14:04:08 UTC+1, Pedro Reis wrote:
Thanks!
Will try this!
PR
On Thursday, 27 September 2018 11:09:12 UTC+1, Pedro Reis wrote:
Hi all
Just a quick question:
Using the free/community version is it possible to have an user that logs into Kibana but only sees a specific index? Or a set of indexes?
Example:
I have 3 indexes:
Is it possible to setup 3 users that, using kibana, can only access the data in the following way:
User-1 can see data from index rsp-1
User-2 can see data from index rsp-*
User-3 can see all data from all indexes
All my testes using the Kibana GUI have failled since all users I’ve created are “user-3” type.
I’m using latest versions of SG and ELK.
Is there a place were I can go and see a setup like this?
Thanks!