Permission configuration for Logstash

Cyrille · September 20, 2016, 3:57pm

Hi,

I’m trying to configure SG to allow Logstash to load data to some indices in my cluster.
It seems that my configuration is not working correctly, I’m receiving the following error :
“no permissions for indices:data/write/bulk”

My configuration :

ES 2.3.3
search-guard-2-2.3.3.6
search-guard-ssl-2.3.3.16
logstash configuration :
hosts => [“http://server1:9203”,“http://server2:9203”]
index => “%{[@metadata][indexname]}”
document_id => “%{[@metadata][generated_id]}”
document_type => “%{type}”
manage_template => “false”
user => “my_account”
password => “my_password”
%{[@metadata][indexname]} could be indice1-yy-mm, indice2-yy-mm,indice3-yy-mm
role :
sg_logstash:
indices:
‘indice1-':
'’:
- CRUD
- CREATE_INDEX
‘indice2-':
'’:
- CRUD
- CREATE_INDEX
‘indice3-':
'’:
- CRUD
- CREATE_INDEX

Thanks for your help

Cyrille · September 20, 2016, 3:59pm

I forgot 1 information : it works with the following permission :
sg_logstash:
indices:
‘':
'’:
- CRUD
- CREATE_INDEX

Topic		Replies	Views
Logstash not working with SG - no permissions for indices:data/write/bulk Search Guard	6	604	November 11, 2016
How to config indices:admin/create permisson in version 7 Search Guard	3	2450	August 9, 2019
No permissions for for indices:data/write/index and indices:data/write/bulk[s] and User [name=logsta Search Guard	4	3648	April 12, 2018
No permission in version 7.2 Search Guard	6	1502	August 7, 2019
Sgs_cluster_manage_index this doesn't have permission when the specific index pattern is configured as 'log-test'. But the same works when index pattern is configured as '' Search Guard	6	399	March 11, 2021

Permission configuration for Logstash

Related Topics