Help with Users and Groups config

I get logstash and kibana to authenticate in multiuser just fine. What I am not sure about is what do you config the users for logstash and kibana under? I just assumed you create a group for them and then users under the users section. Elasticsearch does not startup then.

Example of what I have done:

enable: true
response_if_req_forbidden: Sorry, your request is forbidden.

- name: Kibana Server login
  type: allow
  auth_key: kibana:pass123

- name: Logstash indexer login
  type: allow
  auth_key: logstash_internal:pass123

- name: test user
  type: allow
  auth_key: test:test

Now how would one config users and groups?

Hello @dkudos, have you seen this part of the docs?

Have a look at the example YAML settings.

I had tried the examples. I was not able to get it to work. My problem and most likely misunderstanding is:

  1. Does the kibana user and pass go in the users section with it’s own group?
  2. Does the logstash user also go in users section?

I could net get it to work that way. Or do they not go in users and groups since they are server users?


The users section is for associating users to groups. If you are declaring single group-less users, don’t mention them under users, but create a rule for their own like this:

    - name: Kibana
      auth_key: kibana:kibana

No, why would it? You have a single kibana daemon, don’t you? :slight_smile:

I don’t think you want to declare a group of logstash users, so probably you want to create a logstash one-off user like you did for Kibana

Thanks. I know what you are saying and I thought that is the way it worked but was not getting that result. I am running es5.5.0 FYI. I will try again and let you know here.

OK don’t forget to give the plugin version (not only the ES version) and the full yaml settings. :thumbsup: