yep I confirm the
prompt_for_basic_auth : true
then here , for peeps having this setting enabled and having trouble with xpack :
on top of rules, but below kibana server one, add rule for xpack monitoring user credential :
- name: "x-pack monitoring"
auth_key_sha1: 6fce414848684684de68d4ed68e4d47
type: allow
actions: ["cluster:monitor/*", "indices:data/read/*","indices:data/write/*","indices:admin/template/*","indices:admin/create", "cluster:admin/ingest/pipeline/*"]
indices: ["<no-index>", ".monitoring-*"]
verbosity: info
and last rules :
- name: "just that action from localhost"
type: allow
actions: ["cluster:monitor/*", "cluster:admin/xpack/monitoring/*", "cluster:admin/xpack/license/*", "indices:data/read/*","indices:data/write/*", "indices:admin/create" ]
hosts: ["127.0.0.1"]
indices: [".monitoring-*"]
verbosity: info
- name: "field_caps stuff"
type: allow
actions: ["indices:data/read/field_caps"]
hosts: ["127.0.0.1"]
verbosity: info
hosts settings is if your kibana runs locally with the elasticsearch. change it to the right host.
here I am migrating from elk 2.4 to es 6.2.1 , and I use RoR entreprise.
for now I still have prompt_for_basic_auth : true for compatibility and testing purpose, but I will set it to false in a few.
hope it helps you.