(I haven’t yet purchased the Kibana PRO/ENTERPRISE license and neither do I have a Trial license yet. Am trying to do some basic Kibana Integration with my ROR enabled elastic stack. Successful POC will allow me to trigger a purchase of the PRO License FYI). POC intent is to get Kibana to Load successfully with the default internal kibana/kibana elasticpassword and allow me to navigate all the features of kibana-elasticsearch by default without any Basic Authentication Popups.
- WITHOUT purchasing the PRO/ENTERPRISE/TRIAL license, what all can I do by default?
- Am getting a Basic Authentication Challenge whilst bringing up Kibana! I was hoping with the kibana/kibana yml configuration - at the very least Kibana will come up - write the necessary indexes etc. However, I get a foribidden error RANDOMLY with this configuration. The odd thing is - sometimes I do get the user correctly as kibana and the KIBANA-SRV rule passes, but other most of the other times it fails as below. Any suggestions?
FORBIDDEN by default req={ ID:419936870-1449684158#181, TYP:GetFieldMappingsRequest, CGR:N/A, USR:[no basic auth header], BRS:false, ACT:indices:admin/mappings/fields/get, OA:10.203.122.154, DA:10.203.121.87, IDX:.kibana, MET:GET, PTH:/.kibana/_mapping/*/field/_source, CNT:<N/A>, HDR:{Connection=keep-alive, content-length=0, host=converse-elasticsearch.clouddqt.capitalone.com, X-Forwarded-For=10.203.121.86, 10.203.123.205, X-Forwarded-Port=443, X-Forwarded-Proto=https}, HIS:[Rout53 Access->[actions->false, x_forwarded_for->true]], [Global Write/Admin Access->[auth_key->false]], [::KIBANA-SRV::->[auth_key->false]], [::RO::->[auth_key->false]], [::RW::->[auth_key->false]] }
I have configured
kibana.yml
elasticsearch:username: “kibana”
elasticsearch.password: “kibana”
readonlyrest.yml
readonlyrest:
access_control_rules:- name: "Rout53 Access" type: allow x_forwarded_for: ["0.0.0.0/0"] actions: ["cluster:monitor/*","indices:data/read/*", "indices:admin/get", "indices:admin/aliases", "indices:admin/aliases/*", "indices:admin/analyze", "indices:monitor/*"] verbosity: error - name: "Global Write/Admin Access" auth_key: "elastic:$apr1$JRxL0HOz$ndMHCirazDfTZznLy.icH1" type: allow actions: ["indices:data/write/*","indices:admin/*", "cluster:admin/*"] - name: "::KIBANA-SRV::" kibana_access: ro auth_key: **kibana:kibana** - name: "::RO::" auth_key: ro:dev kibana_access: ro indices: [ ".kibana", ".kibana-devnull", "logstash-*"] kibana_hide_apps: ["readonlyrest_kbn", "timelion", "kibana:dev_tools", "kibana:management"] - name: "::RW::" auth_key: rw:dev kibana_access: rw indices: [".kibana", ".kibana-devnull", "logstash-*"] kibana_hide_apps: ["readonlyrest_kbn", "timelion", "kibana:dev_tools", "kibana:management"]