Did anything change concerning dashboards from version 6.3 to version 7.5 of ElasticSearch?

1

Hello,

Did anything change concerning dashboards from version 6.3 to version 7.5 of ElasticSearch?
I am using ReadonlyREST.
I have a working dashboard in one environment with version 6.3, and the exactly same dashboard doesn’t work from version 7.5.
The dashboard url used from browser is the following:
http://servername:5606/app/kibana#/dashboard/
I didn’t upgrade the 6.3 version.
I recreate from the beginning in the new cluster.
I installed a separate 7.5 version and just built all the stuff manually from the beginning exactly like in 6.3.
The error I get is:
OPERATION_NOT_ALLOWED status 401

Attached full error.

dashboard

2

Could you please show us the FORBIDDEN log from ES logs?

3

@mpniel please have a look at the Elasticsearch logs, I suspect something needs a fix in the ACL declaration. ROR prints extensive logs about what ACL block, what rule rejects exactly what kind of request.

4

@coutoPL , @sscarduzio
I’m not an expert yet.
Can you send me a brief description of how to do it?

5

OK a bit of glossary:

  • ACL = the YAML that configures ReadonlyREST. It’s found normally in a file called readonlyrest.yml
  • ACL block = a step in the evaluation of the ACL

image
image1080×586 101 KB

There can be a large number of ACL blocks, and ReadonlyREST evaluates them one by one trying to match the incoming request with the rules contained in them.

But if an incoming request is not allowed by any ACL block, ReadonlyREST will reject the request and print “FORBIDDEN” in elasticsearch.log.

The location of the Elasticsearch log path depends on how you installed Elasticsearch. But I trust you know where it is.

So what @coutoPL asked you was to see in elasticsearch.log if you read this “FORBIDDEN” string around the same time the error you showed us happens in Kibana.