cluster.name: Sysop-Logstash
node.name: XXX
path.data: /data/elasticsearch/indices
path.logs: /data/elasticsearch/logs
discovery.zen.ping.unicast.hosts: [“XX”, “XX”, “XX”]
discovery.zen.minimum_master_nodes: 2
network.host: 0.0.0.0
http.cors.enabled: true
http.cors.allow-origin: “*”
Needed to true because of kibana
rest.action.multi.allow_explicit_index: true
node.master: true
node.data: true
node.ingest: true
searchguard.enterprise_modules_enabled: false
searchguard.allow_unsafe_democertificates: false
searchguard.allow_default_init_sgindex: false
######## Start Search Guard Demo Configuration ########
searchguard.ssl.transport.pemkey_filepath: host.key
searchguard.ssl.transport.pemcert_filepath: host.cert
searchguard.ssl.transport.pemtrustedcas_filepath: alldsca.crt
searchguard.ssl.transport.enforce_hostname_verification: true
searchguard.ssl.transport.resolve_hostname: true
searchguard.ssl.transport.enabled: true
searchguard.ssl.http.enabled: false
searchguard.authcz.admin_dn:
- 'XXX,CN=sgadmin'
searchguard.nodes_dn:
- CN=XX
- CN=XX
- CN=XX
node.max_local_storage_nodes: 3
xpack.security.enabled: false
searchguard.restapi.roles_enabled: [“sg_all_access”]
For CAS
http.max_header_size: 64kb
######## End Search Guard Demo Configuration ########
curl -sS -L --negotiate -u : -L http://localhost:9200/_searchguard/license | jq .
{
“_nodes”: {
“total”: 3**,**
“successful”: 3**,**
“failed”: 0
},
“cluster_name”: “Sysop-Logstash”,
“sg_license”: {
“msgs”: [
****“No license required because enterprise modules not enabled.”
],
“license_required”: false
},
“modules”: {
“HTTP_CLIENTCERT_AUTHENTICATOR”: {
“default_implementation”: “com.floragunn.searchguard.http.HTTPClientCertAuthenticator”,
“gitsha1”: “a73761a7204d9da260d43044ee682518b7d9b179”,
“buildTime”: “2018-02-21T22:43:07Z”,
“is_enterprise”: “false”,
“actual_implementation”: “com.floragunn.searchguard.http.HTTPClientCertAuthenticator”,
“description”: “HTTP Client Certificate Authenticator”,
“type”: “HTTP_CLIENTCERT_AUTHENTICATOR”,
“version”: “6.2.2-21.0”
},
“INTERNAL_USERS_AUTHENTICATION_BACKEND”: {
“default_implementation”: “com.floragunn.searchguard.auth.internal.InternalAuthenticationBackend”,
“gitsha1”: “a73761a7204d9da260d43044ee682518b7d9b179”,
“buildTime”: “2018-02-21T22:43:07Z”,
“is_enterprise”: “false”,
“actual_implementation”: “com.floragunn.searchguard.auth.internal.InternalAuthenticationBackend”,
“description”: “Internal users authorization backend”,
“type”: “INTERNAL_USERS_AUTHENTICATION_BACKEND”,
“version”: “6.2.2-21.0”
},
“NOOP_AUTHENTICATION_BACKEND”: {
“default_implementation”: “com.floragunn.searchguard.auth.internal.NoOpAuthenticationBackend”,
“gitsha1”: “a73761a7204d9da260d43044ee682518b7d9b179”,
“buildTime”: “2018-02-21T22:43:07Z”,
“is_enterprise”: “false”,
“actual_implementation”: “com.floragunn.searchguard.auth.internal.NoOpAuthenticationBackend”,
“description”: “Noop authentication backend”,
“type”: “NOOP_AUTHENTICATION_BACKEND”,
“version”: “6.2.2-21.0”
},
“HTTP_PROXY_AUTHENTICATOR”: {
“default_implementation”: “com.floragunn.searchguard.http.HTTPProxyAuthenticator”,
“gitsha1”: “a73761a7204d9da260d43044ee682518b7d9b179”,
“buildTime”: “2018-02-21T22:43:07Z”,
“is_enterprise”: “false”,
“actual_implementation”: “com.floragunn.searchguard.http.HTTPProxyAuthenticator”,
“description”: “HTTP Proxy Authenticator”,
“type”: “HTTP_PROXY_AUTHENTICATOR”,
“version”: “6.2.2-21.0”
},
“HTTP_BASIC_AUTHENTICATOR”: {
“default_implementation”: “com.floragunn.searchguard.http.HTTPBasicAuthenticator”,
“gitsha1”: “a73761a7204d9da260d43044ee682518b7d9b179”,
“buildTime”: “2018-02-21T22:43:07Z”,
“is_enterprise”: “false”,
“actual_implementation”: “com.floragunn.searchguard.http.HTTPBasicAuthenticator”,
“description”: “HTTP Basic Authenticator”,
“type”: “HTTP_BASIC_AUTHENTICATOR”,
“version”: “6.2.2-21.0”
}
},
“compatibility”: {
“modules_mismatch”: false
}
}
···
Le 16 mars 2018 à 15:47, SG info@search-guard.com a écrit :
Pls. post your elasticsearch.yml and the output of
curl -Ss http://myIP:9200/_searchguard/license
Am 16.03.2018 um 14:55 schrieb Fabrice Bacchella fbacchella@gmail.com:
I have a searchguard setup using aperos’ CAS (https://www.apereo.org/projects/cas), so using proxy authentication. It works well. I have kibana working on it too. So far so good.
But I don’t have access to the configuration GUI, no mater how I try. I have no error log nowhere, in the navigator javascript console, kibana stdout or ES logs
My kibana.yaml is:
elasticsearch.url: “http://myIP:9200”
server.host: “127.0.0.1”
elasticsearch.username: “admin”
elasticsearch.password: “admin”
elasticsearch.requestHeadersWhitelist: [ “authorization”, “x-forwarded-for”, “x-forwarded-host”, , “x-forwarded-server”, “x-forwarded-by”, “x-proxy-user”, “x-proxy-roles”, “x-remote-user”, “cas_memberof”, “CAS_uid” ]
searchguard.basicauth.enabled: false
elasticsearch.ssl.certificateAuthorities: [ “/etc/pki/tls/certs/myCA.pem” ]
logging.verbose: true
logging.useUTC: false
path.data: /data/kibana/data
pid.file: /data/kibana/run/kibana.pid
searchguard.cookie.secure: false
elasticsearch.ssl.verificationMode: none
ops.interval: 500000
I’m running kibana with:
sudo -u kibana /usr/share/kibana/bin/…/node/bin/node --use-openssl-ca --no-warnings /usr/share/kibana/bin/…/src/cli -c /data/kibana/conf/kibana.yml
And get nothing, not a single error message.
When SG starts, it says:
log [14:52:04.919] [debug][plugins] Initializing plugin searchguard@6.2.2
log [14:52:05.451] [info][status][plugin:searchguard@6.2.2] Status changed from uninitialized to yellow - Search Guard session management is disabled.
log [14:52:05.451] [info][status][plugin:searchguard@6.2.2] Status changed from yellow to yellow - Search Guard multitenancy disabled
log [14:52:05.452] [info][status][plugin:searchguard@6.2.2] Status changed from yellow to yellow - Search Guard copy JWT params disabled
log [14:52:05.591] [info][status][plugin:searchguard@6.2.2] Status changed from yellow to yellow - Search Guard configuration GUI enabled
log [14:52:05.615] [info][status][plugin:searchguard@6.2.2] Status changed from yellow to yellow - Search Guard system routes registered.
log [14:52:05.615] [info][status][plugin:searchguard@6.2.2] Status changed from yellow to green - Search Guard plugin initialised.
So I’m looking for an hint for more debug, a place too look that will help to find the problem. Any help from someone ?
–
You received this message because you are subscribed to the Google Groups “Search Guard Community Forum” group.
To unsubscribe from this group and stop receiving emails from it, send an email to search-guard+unsubscribe@googlegroups.com.
To post to this group, send email to search-guard@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/a967316b-7d8f-44d7-9828-1441670d1e2c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
–
You received this message because you are subscribed to the Google Groups “Search Guard Community Forum” group.
To unsubscribe from this group and stop receiving emails from it, send an email to search-guard+unsubscribe@googlegroups.com.
To post to this group, send email to search-guard@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/25941ECF-5236-473D-A48A-0AF15666B8F7%40search-guard.com.
For more options, visit https://groups.google.com/d/optout.