Kibana Import Dashboards

Hello,

I am having an issue when trying to import some Kibana dashboards.
What i am trying to do is the folowing curl:
curl -k -v -u user:password -X POST “https://localhost:5601/api/kibana/dashboards/import” -H “kbn-xsrf: true” --form [email protected]
and i getting redirected to the login page, as you can see in the curl response:
> User-Agent: curl/7.58.0

Accept: /
kbn-xsrf: true
Content-Length: 1174944
Content-Type: multipart/form-data; boundary=------------------------1430c10504695887
Expect: 100-continue

< HTTP/1.1 100 Continue
< HTTP/1.1 302 Found
< location: /login?nextUrl=/api/kibana/dashboards/import
< kbn-name: kibana
< kbn-xpack-sig: 9e6f97a98dbb9cec1ff5d75040433d8c
< content-type: text/html; charset=utf-8
< cache-control: no-cache
< content-length: 0
< connection: close

I also tried adding in kibana.yml readonlyrest_kbn.whitelistedPaths: ["*"] but it does not seem to have any effect.

The user that i am using has full access. Kibana version is 7.2 and ROR version is 1.18.9 Enterprise.

Can you please suggest a way to be able to access Kibana APIs for uploading dashboards with ROR?

Thanks

@Diana yeah whitelistedPaths works only for Kibana API calls that don’t reach Elasticsearch (still needs investigation). However, the reason why whitelistedPaths was necessary is that ROR Kibana does not read basic auth credentials. Reason being that browsers, once they start, tend to send basic auth credentials implicitly forever and this is not what we want.

Let me suggest another way. You could login as a privileged role in Kibana and then steal your browser’s rorCookie and add it as a header to the curl command.

curl -k -v -H'Cookie: rorCookie=Fe.....'   -X POST “https://localhost:5601/api/kibana/dashboards/import” -H “kbn-xsrf: true” --form [email protected]

Hi,
Thanks for the suggestion, but what i am trying to achieve this in an automated way(by using Ansible) and i don’t see this as a good option unfortunately.

1 Like

OK I see what you mean. Will have a look and see what I can do to support this use case.

Hi @Diana, I have a fix for you to support basic auth in whitelisted paths. The issue is that you are using an old version of ROR, and I can provide the fix only based on 1.19.5 code. I’m afraid you will need to upgrade your Elasticsearch plugin as well. Otherwise the new Kibana plugin build won’t work.

Hi Simone,

How can we download the specified version, as an Enterprise client where should we get this and to who should we talk to for on-demand access to all versions? Our colleague that kept the communication with ROR left the company and it would really help us to know the process.

Daniel

Hi @daniel.a, please send an email to support at readonlyrest dot com from the institutional email address, and send us a list of email addresses you want authorized for the download of Enterprise packages.

In the meantime, I suggest to download the latest stable version of ROR for ES.