LDAP connection, authentication and Index wise authorisation

@Akhilesh could you try to create the .kibana index manually and report?

Hi Simone Scarduzio,

ya I have already created and tested yesterday but its not worked.
Some mappings are not found with that manually created index (.kibana) and I was not able to login in kibana with any users(admin,kibana etc).
After clear the data file in the kibana directory,I was able to login in the kibana.

so i have already tried this.

Hi Simone Scarduzio,

still we are stuck in same issue “index not found exception”.

Hi @sscarduzio,

This is our main issue in the log file.
please see below logs and provide us an exact solution on this.
we are getting forbidden Exception.

[2018-06-13T17:51:19,006][DEBUG][i.n.h.s.SslHandler ] [id: 0x314b81d3, L:/172.21.153.176:9200 - R:/172.21.153.176:47196] HANDSHAKEN: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
[2018-06-13T17:51:19,009][DEBUG][t.b.r.a.ACL ] checking request:924255705-538512418#137
[2018-06-13T17:51:19,009][INFO ][t.b.r.a.b.r.i.AuthKeySyncRule] Attempting Login as: c-shubhamg rc: { ID:924255705-538512418#137, TYP:NodesInfoRequest, CGR:N/A, USR:c-shubhamg(?), BRS:false, KDX:null, ACT:cluster:monitor/nodes/info, OA:172.21.153.176, DA:172.21.153.176, IDX:<N/A>, MET:GET, PTH:/_nodes/_local, CNT:<N/A>, HDR:{authorization=Basic Yy1zaHViaGFtZzpNYXlAMjAxOA==, Connection=close, content-length=0, Host=mumchelk01:9200}, HIS: }
[2018-06-13T17:51:19,009][DEBUG][t.b.r.a.b.Block ] e[33m[::admin::] the request matches no rules in this block: { ID:924255705-538512418#137, TYP:NodesInfoRequest, CGR:N/A, USR:c-shubhamg(?), BRS:false, KDX:null, ACT:cluster:monitor/nodes/info, OA:172.21.153.176, DA:172.21.153.176, IDX:<N/A>, MET:GET, PTH:/_nodes/_local, CNT:<N/A>, HDR:{authorization=Basic Yy1zaHViaGFtZzpNYXlAMjAxOA==, Connection=close, content-length=0, Host=mumchelk01:9200}, HIS:[::admin::->[auth_key->false]] }e[0m
[2018-06-13T17:51:19,009][INFO ][t.b.r.a.b.r.i.AuthKeySyncRule] Attempting Login as: c-shubhamg rc: { ID:924255705-538512418#137, TYP:NodesInfoRequest, CGR:N/A, USR:c-shubhamg(?), BRS:false, KDX:null, ACT:cluster:monitor/nodes/info, OA:172.21.153.176, DA:172.21.153.176, IDX:<N/A>, MET:GET, PTH:/_nodes/_local, CNT:<N/A>, HDR:{authorization=Basic Yy1zaHViaGFtZzpNYXlAMjAxOA==, Connection=close, content-length=0, Host=mumchelk01:9200}, HIS:[::admin::->[auth_key->false]] }
[2018-06-13T17:51:19,010][DEBUG][t.b.r.a.b.Block ] e[33m[::LOGSTASH::] the request matches no rules in this block: { ID:924255705-538512418#137, TYP:NodesInfoRequest, CGR:N/A, USR:c-shubhamg(?), BRS:false, KDX:null, ACT:cluster:monitor/nodes/info, OA:172.21.153.176, DA:172.21.153.176, IDX:<N/A>, MET:GET, PTH:/_nodes/_local, CNT:<N/A>, HDR:{authorization=Basic Yy1zaHViaGFtZzpNYXlAMjAxOA==, Connection=close, content-length=0, Host=mumchelk01:9200}, HIS:[::admin::->[auth_key->false]], [::LOGSTASH::->[auth_key->false]] }e[0m
[2018-06-13T17:51:19,010][INFO ][t.b.r.a.b.r.i.AuthKeySyncRule] Attempting Login as: c-shubhamg rc: { ID:924255705-538512418#137, TYP:NodesInfoRequest, CGR:N/A, USR:c-shubhamg(?), BRS:false, KDX:null, ACT:cluster:monitor/nodes/info, OA:172.21.153.176, DA:172.21.153.176, IDX:<N/A>, MET:GET, PTH:/_nodes/_local, CNT:<N/A>, HDR:{authorization=Basic Yy1zaHViaGFtZzpNYXlAMjAxOA==, Connection=close, content-length=0, Host=mumchelk01:9200}, HIS:[::admin::->[auth_key->false]], [::LOGSTASH::->[auth_key->false]] }
[2018-06-13T17:51:19,010][DEBUG][t.b.r.a.b.Block ] e[33m[::KIBANA-SRV::] the request matches no rules in this block: { ID:924255705-538512418#137, TYP:NodesInfoRequest, CGR:N/A, USR:c-shubhamg(?), BRS:false, KDX:null, ACT:cluster:monitor/nodes/info, OA:172.21.153.176, DA:172.21.153.176, IDX:<N/A>, MET:GET, PTH:/_nodes/_local, CNT:<N/A>, HDR:{authorization=Basic Yy1zaHViaGFtZzpNYXlAMjAxOA==, Connection=close, content-length=0, Host=mumchelk01:9200}, HIS:[::admin::->[auth_key->false]], [::LOGSTASH::->[auth_key->false]], [::KIBANA-SRV::->[auth_key->false]] }e[0m
[2018-06-13T17:51:19,015][DEBUG][t.b.r.a.b.r.i.LdapAuthenticationAsyncRule] Attempting Login as: c-shubhamg rc: { ID:924255705-538512418#137, TYP:NodesInfoRequest, CGR:N/A, USR:c-shubhamg(?), BRS:false, KDX:null, ACT:cluster:monitor/nodes/info, OA:172.21.153.176, DA:172.21.153.176, IDX:<N/A>, MET:GET, PTH:/_nodes/_local, CNT:<N/A>, HDR:{authorization=Basic Yy1zaHViaGFtZzpNYXlAMjAxOA==, Connection=close, content-length=0, Host=mumchelk01:9200}, HIS:[::admin::->[auth_key->false]], [::LOGSTASH::->[auth_key->false]], [::KIBANA-SRV::->[auth_key->false]] }
[2018-06-13T17:51:19,016][DEBUG][t.b.r.a.d.l.l.AuthenticationLdapClientLoggingDecorator] Trying to authenticate user [c-shubhamg] with LDAP [ldap1]
[2018-06-13T17:51:19,040][DEBUG][t.b.r.a.d.l.u.UnboundidAuthenticationLdapClient] LDAP getting user CN returned error [result code=‘32 (no such object)’ diagnostic message='0000208D: NameErr: DSID-03100238, problem 2001 (NO_OBJECT), data 0, best match of:
‘DC=ad,DC=crisil,DC=com’

please reply ASAP,we are waiting for your reply.

does this mean your index not found exception is solved?

Hi Simone Scarduzio,

no,still we are getting both the exception.

This means that the LDAP connector is not configured correctly, or the LDAP bind user has no permission to see the user, or the user is not present.

I’m afraid your LDAP administrator can help more than I can for sure on this. ROR prints all the sufficient logs.

Hi Simone Scarduzio,

is .kibana index necessary for working with readonlyrest??

the .kibana index is needed for Kibana to work. It’s where it saves index patterns, graphs, dashboards, etc.
Kibana creates it as the first thing when you start it, if not present.

Have you tried to do what I suggested? Remove ROR from both ES and Kibana and initiate a Kibana session, so Kibana creates its .kibana index?

Hi @sscarduzio,

We are using ES and kibana 6.2.4 version . In this version .kibana index is not getting created. So can you please refer us ES and kibana versions compatible with readonlyrest 6.2.4 plugins. Please suggest versions of ES / kibana which are compatible with readonlyrest 6.2.4.

Thanks,

Akhilesh Tiwari

@Akhilesh Just download the plain elasticsearch and Kibana zip files of the same version (6.2.4) from Elastic website (don’t download 6.3.0 which just came out today and we don’t have ROR for it yet).

Unzip them, and touch the settings as few as possible. Let them first work togethe, observe the .kibana index getting created using cURL, and that would be an excellent starting point.

Once this works, we can add things to the mix. I.e. ROR for ES, and basic auth between Kibana and ES.

Hi Simone Scarduzio,

yup,we have already done it but it was not working. we have downloaded plain elasticsearch and Kibana zip files of the same version (6.2.4) from Elastic website and install,we have alreday cheaked .kibana index using curl query without installation of RoR plugins but we are not getting .kibana index.
we have already discuss with Elastic Team members but not getting Appropriate solution.

can you please help us regarding this,lets work together.

Hi Simone Scarduzio,

We reinstalled the version 6.2.4 of ELK and Kibana But (.kibana) index is not created and then again we reinstalled the version 6.3.0 of ELK and Kibana. here (.kibana) index has been created.
Also previously we have used 5.3.0, 5.5.2, 6.0.0 these all versions contains .kibana index.

I think some problem in ELK and and Kibana setup 6.2.4.
can you suggest me which version of RoR Compatible ELK setup OR What should I do for success of RoR wth ELK.

Hi Simone Scarduzio,

can we use ROR _6.2.4 plugins with the ELK and Kibana version 6.0.0?
i am asking this question because 6.0.0 version of ELK and Kibana contains .kibana index after installations.
plesae reply as soon as possible.

 Thanks

Akhilesh Tiwari

@Akhilesh, interesting observation. Do you have a link to the ticket you open with Elastic?
Anyway I will test this myself, super weird.

You always need to match the right version of ES, Kibana, and ROR. We need a few days to adapt ROR to Kibana 6.3.0, so please test what’s the newest working version, and I can provide the right Kibana plugin for you to install.