search guard pricing for customized edition. and current pricing model for enterprise edition

When asking questions, please provide the following information:

• Search Guard and Elasticsearch version

• Installed and used enterprise modules, if any

• JVM version and operating system version

• Search Guard configuration files

• Elasticsearch log messages on debug level

• Other installed Elasticsearch or Kibana plugins, if any

hello guys,

in our project we have ELK 6.4 stack setup on kubernetes cluster where we wanted to use x-pack features for role based access control. I came across with Search Guard and its features.

I have few questions listed below:-

1. what is the cost/pricing of enterprise edition?

2. for custom edition where i want to use AD/LDAB feature in my community edition. then what will be the cost/pricing?

3. can i use external LDAB and use it in search guard for RBAC?

Hi there,

first, if you want to use ES/SG with Kubernetes, we have just published helm charts which might help you with the setup:

The helm charts are experimental at the moment but can serve as a starting point.

Yes, you can use an external LDAP server for authentication and authorization:

Regarding pricing, I suggest to reach out to the sales team for an individual offer. You can either use the webform:

Or just drop us an email: sales@search-guard.com

Hi,

thank you for highlighting upon helm charts.
our team is focusing upon RBAC facility with respect to kibana dashboard access to customer and users.

while doing this I also got some questions regarding our Prometheus and grafana, as it is also using same elastic search. so definitely we want to implement RBAC for grafana as well.

so my questions are -

1. the roles i will be configuring will be index level which will help kibana to showcase restricted access on its dashboard, how i can achieve the same on Grafana dashboard?

2. our prometheus exporter is also there which is using same elastic search. so how search guard can help in case of Prometheus?

Hi,

all security restrictions are applied directly on the ES cluster. Which basically means it does not matter with which tool you connect. The index-level restrictions for a users role(s) are always applied.

Having said that, it really depends on the tool and if the tool is able to use HTTP Basic authentication for logged in users when talking to Elasticsearch. I know that when configuring an ES datasource in Grafana, you can add HTTP Basic authentication information. However, these credentials are then used for all requests to ES. What you want is that Grafan adds the logged in users credentials for every request it makes to ES. If this is possible is currently out of my knowledge. There seen to be some PRs around it, like this one:

But I don’t know at the moment if this is really what you need. You might want to ask on the Grafana forum if this is something they provide (passing the logged in users credentials when talking to an ES datasource).

I am trying to implement Search guard setup on my ELK cluster(6.3.2). where i have disabled X-pack features.

I tried installing the SG plugin 23.1 which is compatible with my ELK version. but i am getting invalid argument error.

I am using base image of Quay elasticsearch. I also tried installing the same with downloading package first and then elasticsearch-plugin install commnad. still getting same error.

Where do you see the invalid argument error? Can you post your logfiles?

Hi,

I have successfully installed searchguard plugin in elasticsearch. now i am working on searchguard-kibana-plugin.

and during this i am getting below listed error

Attempting to transfer from https://oss.sonatype.org/service/local/repositories/releases/content/com/floragunn/search-guard-kibana-plugin/6.3.2-15/search-guard-kibana-plugin-6.3.2-15.zip

Transferring 2054581 bytes…

Transfer complete

Retrieving metadata from plugin archive

Extracting plugin archive

Extraction complete

Optimizing and caching browser bundles…

Plugin installation was unsuccessful due to error "Command failed: /usr/share/kibana/node/bin/node /usr/share/kibana/src/cli –env.name=production --optimize.useBundleCache=false --server.autoListen=false --plugins.initialize=false --uiSettings.enabled=false

FATAL CLI ERROR Error: ENOENT: no such file or directory, open ‘/usr/share/kibana/config/kibana.yml’

at Object.fs.openSync (fs.js:646:18)

at fs.readFileSync (fs.js:551:33)

at files.map.path (/usr/share/kibana/src/cli/serve/read_yaml_config.js:52:78)

at Array.map ()

at readYamlConfig (/usr/share/kibana/src/cli/serve/read_yaml_config.js:52:23)

at readServerSettings (/usr/share/kibana/src/cli/serve/serve.js:150:57)

at getCurrentSettings (/usr/share/kibana/src/cli/serve/serve.js:32:38)

at Command. (/usr/share/kibana/src/cli/serve/serve.js:33:22)

at Command. (/usr/share/kibana/src/cli/command.js:97:20)

at Command.listener (/usr/share/kibana/node_modules/commander/index.js:301:8)

"

The command ‘/bin/sh -c kibana-plugin install https://oss.sonatype.org/service/local/repositories/releases/content/com/floragunn/search-guard-kibana-plugin/6.3.2-15/search-guard-kibana-plugin-6.3.2-15.zip’ returned a non-zero code: 70

ERROR: Job failed: exit code 1

i did checked my kibana.yml for any spell mistakes but is seems fine to me.

also sending my kibana.yml which contains basic configuration.

please do have a look.

This just seems like the kibana.yml file is not present in /usr/share/kibana/config/. Kibana will check the configuration upon plugin install.

hey,

I am facing issues while logging kibana dashboard.

i have updated elasticsearch.requestHeadersWhitelist: [“Authorization”, “sg_tenant”] in kibana.yml

still on every login i am redirected to the same kibana dashboard.

and when i curl the same it says 401 Authorization Required.

can you please help me with this.

What do you mean exactly by "and when i curl the same " What is the curl call you are executing?