Search guard kibana not working.

When asking questions, please provide the following information:

  • Search Guard and Elasticsearch version 6

  • Installed and used enterprise modules, if any No

  • JVM version and operating system version Windows 7 & Jdk 1.7

  • Search Guard configuration files

  • Elasticsearch log messages on debug level

  • Other installed Elasticsearch or Kibana plugins, if any

Hi, I have installed search guard and created two index using admin. I have created 1 user and action group. But after login I an getting security exception no permission mapping for fieldcaps and data/read/search.

I have assign ?kibana index with READ permission. Please give some tips to assign roles and permissions to user so that I will never face exceptions after login.

Thanks,

Ajit

I had the same error:

[2018-01-25T10:13:37,065][INFO ][c.f.s.c.PrivilegesEvaluator] No cluster-level perm match for User [name=kibanaro, roles=[sg_all_access, kibanaus

er, readall], requestedTenant=null] [IndexType [index=_all, type=*]] [Action [[cluster:monitor/main]]] [RolesChecked [sg_kibana_user, sg_own_inde

x, sg_readall]]

The fix was to add it to the admin role :confused:

joi, 25 ianuarie 2018, 10:24:04 UTC+2, Ajit Bhosale a scris:

···

When asking questions, please provide the following information:

  • Search Guard and Elasticsearch version 6
  • Installed and used enterprise modules, if any No
  • JVM version and operating system version Windows 7 & Jdk 1.7
  • Search Guard configuration files
  • Elasticsearch log messages on debug level
  • Other installed Elasticsearch or Kibana plugins, if any

Hi, I have installed search guard and created two index using admin. I have created 1 user and action group. But after login I an getting security exception no permission mapping for fieldcaps and data/read/search.

I have assign ?kibana index with READ permission. Please give some tips to assign roles and permissions to user so that I will never face exceptions after login.

Thanks,

Ajit

I want this for customised role. I dont want to give all permissions to user like admin have. For customised user permissions it is giving me errors. Please help.

···

On Thursday, January 25, 2018 at 2:16:07 PM UTC+5:30, Kernel wrote:

I had the same error:

[2018-01-25T10:13:37,065][INFO ][c.f.s.c.PrivilegesEvaluator] No cluster-level perm match for User [name=kibanaro, roles=[sg_all_access, kibanaus

er, readall], requestedTenant=null] [IndexType [index=_all, type=*]] [Action [[cluster:monitor/main]]] [RolesChecked [sg_kibana_user, sg_own_inde

x, sg_readall]]

The fix was to add it to the admin role :confused:

joi, 25 ianuarie 2018, 10:24:04 UTC+2, Ajit Bhosale a scris:

When asking questions, please provide the following information:

  • Search Guard and Elasticsearch version 6
  • Installed and used enterprise modules, if any No
  • JVM version and operating system version Windows 7 & Jdk 1.7
  • Search Guard configuration files
  • Elasticsearch log messages on debug level
  • Other installed Elasticsearch or Kibana plugins, if any

Hi, I have installed search guard and created two index using admin. I have created 1 user and action group. But after login I an getting security exception no permission mapping for fieldcaps and data/read/search.

I have assign ?kibana index with READ permission. Please give some tips to assign roles and permissions to user so that I will never face exceptions after login.

Thanks,

Ajit

When asking questions, please provide the following information:

  • Search Guard and Elasticsearch version 6
  • Installed and used enterprise modules, if any No
  • JVM version and operating system version Windows 7 & Jdk 1.7
  • Search Guard configuration files
  • Elasticsearch log messages on debug level
  • Other installed Elasticsearch or Kibana plugins, if any

Hi, I have installed search guard and created two index using admin. I have created 1 user and action group. But after login I an getting security exception no permission mapping for fieldcaps and data/read/search.

I have assign ?kibana index with READ permission. Please give some tips to assign roles and permissions to user so that I will never face exceptions after login.

Thanks,

Ajit

···

On Thursday, January 25, 2018 at 1:54:04 PM UTC+5:30, Ajit Bhosale wrote:

The usage of roles and permissions within the context of Kibana is documented here:

“Configuring Elasticsearch: Adding Kibana users”

If you use the demo configuration we ship, assign the sg_kibana_user role to the user. This gives the user the minimum permissions to access Kibana. In addition give the user at least READ permissions to the indices he should have access to.

You can also use the sg_kibana_user role as a blueprint for your own customized roles.

The demo users and roles are documented here:

···

On Thursday, January 25, 2018 at 11:42:02 AM UTC+1, Ajit Bhosale wrote:

I want this for customised role. I dont want to give all permissions to user like admin have. For customised user permissions it is giving me errors. Please help.

On Thursday, January 25, 2018 at 2:16:07 PM UTC+5:30, Kernel wrote:

I had the same error:

[2018-01-25T10:13:37,065][INFO ][c.f.s.c.PrivilegesEvaluator] No cluster-level perm match for User [name=kibanaro, roles=[sg_all_access, kibanaus

er, readall], requestedTenant=null] [IndexType [index=_all, type=*]] [Action [[cluster:monitor/main]]] [RolesChecked [sg_kibana_user, sg_own_inde

x, sg_readall]]

The fix was to add it to the admin role :confused:

joi, 25 ianuarie 2018, 10:24:04 UTC+2, Ajit Bhosale a scris:

When asking questions, please provide the following information:

  • Search Guard and Elasticsearch version 6
  • Installed and used enterprise modules, if any No
  • JVM version and operating system version Windows 7 & Jdk 1.7
  • Search Guard configuration files
  • Elasticsearch log messages on debug level
  • Other installed Elasticsearch or Kibana plugins, if any

Hi, I have installed search guard and created two index using admin. I have created 1 user and action group. But after login I an getting security exception no permission mapping for fieldcaps and data/read/search.

I have assign ?kibana index with READ permission. Please give some tips to assign roles and permissions to user so that I will never face exceptions after login.

Thanks,

Ajit