I get logstash and kibana to authenticate in multiuser just fine. What I am not sure about is what do you config the users for logstash and kibana under? I just assumed you create a group for them and then users under the users section. Elasticsearch does not startup then.
Example of what I have done:
readonlyrest:
enable: true
response_if_req_forbidden: Sorry, your request is forbidden.
access_control_rules:
- name: Kibana Server login
type: allow
auth_key: kibana:pass123
- name: Logstash indexer login
type: allow
auth_key: logstash_internal:pass123
- name: test user
type: allow
auth_key: test:test
The users section is for associating users to groups. If you are declaring single group-less users, don’t mention them under users, but create a rule for their own like this:
- name: Kibana
auth_key: kibana:kibana
No, why would it? You have a single kibana daemon, don’t you?
I don’t think you want to declare a group of logstash users, so probably you want to create a logstash one-off user like you did for Kibana
Thanks. I know what you are saying and I thought that is the way it worked but was not getting that result. I am running es5.5.0 FYI. I will try again and let you know here.