For example:
sg_config.yml:
searchguard:
authc:
basic_internal_auth_domain:
enabled: true
order: 1
http_authenticator:
type: basic
challenge: true
authentication_backend:
type: intern
sg_roles_mapping.yml:
sg_kibana4_server:
users:
- kibanaserver
sg_roles.yml:
sg_kibana4_server:
cluster:
-
cluster:monitor/nodes/info
-
cluster:monitor/health
indices:
‘?kibana’:
‘*’:
- ALL
In The log:
[2016-08-10 11:33:22,157][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] raw indices [.kibana]
[2016-08-10 11:33:22,158][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] Resolved [.kibana] to {}
[2016-08-10 11:33:22,158][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] requested resolved aliases and indices: [.kibana]
[2016-08-10 11:33:22,158][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] requested resolved types: [config]
[2016-08-10 11:33:22,158][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] mapped roles: [sg_kibana4_server]
[2016-08-10 11:33:22,158][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] ---------- evaluate sg_role: sg_kibana4_server
[2016-08-10 11:33:22,158][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] Try wildcard match for ?kibana
[2016-08-10 11:33:22,158][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] Wildcard match for ?kibana: [.kibana]
[2016-08-10 11:33:22,158][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] matches for ?kibana, will check now types [*]
[2016-08-10 11:33:22,158][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] resolvedActions for ?kibana/: [indices:]
[2016-08-10 11:33:22,158][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] match requested action indices:data/read/search against ?kibana/: [indices:]
[2016-08-10 11:33:22,158][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] For index ?kibana remaining requested aliases and indices:
[2016-08-10 11:33:22,158][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] For index ?kibana remaining requested resolved types:
[2016-08-10 11:33:22,158][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] found a match for ‘sg_kibana4_server.?kibana’, evaluate other roles
[2016-08-10 11:33:24,664][DEBUG][com.floragunn.searchguard.auth.BackendRegistry] Try to extract auth creds from http basic
[2016-08-10 11:33:24,664][DEBUG][com.floragunn.searchguard.auth.BackendRegistry] User ‘kibanaserver’ is in cache? true (cache size: 1)
[2016-08-10 11:33:24,664][DEBUG][com.floragunn.searchguard.auth.BackendRegistry] User ‘User [name=kibanaserver, roles=[]]’ is authenticated
[2016-08-10 11:33:24,666][DEBUG][com.floragunn.searchguard.auth.BackendRegistry] Try to extract auth creds from http basic
[2016-08-10 11:33:24,666][DEBUG][com.floragunn.searchguard.auth.BackendRegistry] User ‘kibanaserver’ is in cache? true (cache size: 1)
[2016-08-10 11:33:24,666][DEBUG][com.floragunn.searchguard.auth.BackendRegistry] User ‘User [name=kibanaserver, roles=]’ is authenticated
[2016-08-10 11:33:24,667][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] evaluate permissions for User [name=kibanaserver, roles=]
[2016-08-10 11:33:24,667][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] requested cluster:monitor/nodes/info from 172.16.189.219:60040
[2016-08-10 11:33:24,667][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] class org.elasticsearch.action.admin.cluster.node.info.NodesInfoRequest is not an IndicesRequest
[2016-08-10 11:33:24,667][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] requested resolved aliases and indices: [_all]
[2016-08-10 11:33:24,667][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] requested resolved types: [_all]
[2016-08-10 11:33:24,667][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] mapped roles: [sg_kibana4_server]
[2016-08-10 11:33:24,667][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] ---------- evaluate sg_role: sg_kibana4_server
[2016-08-10 11:33:24,667][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] resolved cluster actions:[cluster:monitor/nodes/info, cluster:monitor/health]
[2016-08-10 11:33:24,667][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] found a match for ‘sg_kibana4_server’ and cluster:monitor/nodes/info, skip other roles
[2016-08-10 11:33:24,677][DEBUG][com.floragunn.searchguard.auth.BackendRegistry] Try to extract auth creds from http basic
[2016-08-10 11:33:24,677][DEBUG][com.floragunn.searchguard.auth.BackendRegistry] User ‘kibanaserver’ is in cache? true (cache size: 1)
[2016-08-10 11:33:24,677][DEBUG][com.floragunn.searchguard.auth.BackendRegistry] User ‘User [name=kibanaserver, roles=[]]’ is authenticated
[2016-08-10 11:33:24,677][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] evaluate permissions for User [name=kibanaserver, roles=[]]
[2016-08-10 11:33:24,677][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] requested cluster:monitor/health from 172.16.189.219:60041
[2016-08-10 11:33:24,678][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] Resolve [.kibana] from class org.elasticsearch.action.admin.cluster.health.ClusterHealthRequest
[2016-08-10 11:33:24,678][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] indicesOptions IndicesOptions[id=7, ignore_unavailable=true, allow_no_indices=true, expand_wildcards_open=true, expand_wildcards_closed=false, allow_alisases_to_multiple_indices=true, forbid_closed_indices=false]
[2016-08-10 11:33:24,678][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] raw indices [.kibana]
[2016-08-10 11:33:24,678][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] Resolved [.kibana] to {}
[2016-08-10 11:33:24,678][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] requested resolved aliases and indices: [.kibana]
[2016-08-10 11:33:24,678][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] requested resolved types: [_all]
[2016-08-10 11:33:24,678][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] mapped roles: [sg_kibana4_server]
[2016-08-10 11:33:24,678][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] ---------- evaluate sg_role: sg_kibana4_server
[2016-08-10 11:33:24,678][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] resolved cluster actions:[cluster:monitor/nodes/info, cluster:monitor/health]
[2016-08-10 11:33:24,678][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] found a match for ‘sg_kibana4_server’ and cluster:monitor/health, skip other roles
[2016-08-10 11:33:24,683][DEBUG][com.floragunn.searchguard.auth.BackendRegistry] Try to extract auth creds from http basic
[2016-08-10 11:33:24,683][DEBUG][com.floragunn.searchguard.auth.BackendRegistry] User ‘kibanaserver’ is in cache? true (cache size: 1)
[2016-08-10 11:33:24,683][DEBUG][com.floragunn.searchguard.auth.BackendRegistry] User ‘User [name=kibanaserver, roles=[]]’ is authenticated
[2016-08-10 11:33:24,684][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] evaluate permissions for User [name=kibanaserver, roles=[]]
[2016-08-10 11:33:24,684][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] requested indices:data/read/search from 172.16.189.219:60042
[2016-08-10 11:33:24,684][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] Resolve [.kibana] from class org.elasticsearch.action.search.SearchRequest
[2016-08-10 11:33:24,684][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] indicesOptions IndicesOptions**[id=38**, ignore_unavailable=false, allow_no_indices=true, expand_wildcards_open=true, expand_wildcards_closed=false, allow_alisases_to_multiple_indices=true, forbid_closed_indices=true]
Some one please throw some on light on this, I’m totally confused.