Help with Users and Groups config

(Dkudos) #1

I get logstash and kibana to authenticate in multiuser just fine. What I am not sure about is what do you config the users for logstash and kibana under? I just assumed you create a group for them and then users under the users section. Elasticsearch does not startup then.

Example of what I have done:

enable: true
response_if_req_forbidden: Sorry, your request is forbidden.

- name: Kibana Server login
  type: allow
  auth_key: kibana:pass123

- name: Logstash indexer login
  type: allow
  auth_key: logstash_internal:pass123

- name: test user
  type: allow
  auth_key: test:test

Now how would one config users and groups?

(Simone Scarduzio) #2

Hello @dkudos, have you seen this part of the docs?

Have a look at the example YAML settings.

(Dkudos) #3

I had tried the examples. I was not able to get it to work. My problem and most likely misunderstanding is:

  1. Does the kibana user and pass go in the users section with it’s own group?
  2. Does the logstash user also go in users section?

I could net get it to work that way. Or do they not go in users and groups since they are server users?


(Simone Scarduzio) #4

The users section is for associating users to groups. If you are declaring single group-less users, don’t mention them under users, but create a rule for their own like this:

    - name: Kibana
      auth_key: kibana:kibana

No, why would it? You have a single kibana daemon, don’t you? :slight_smile:

I don’t think you want to declare a group of logstash users, so probably you want to create a logstash one-off user like you did for Kibana

(Dkudos) #5

Thanks. I know what you are saying and I thought that is the way it worked but was not getting that result. I am running es5.5.0 FYI. I will try again and let you know here.

(Simone Scarduzio) #6

OK don’t forget to give the plugin version (not only the ES version) and the full yaml settings. :thumbsup: