dude the indentation is all screwed up, so it’s impossible to understand what’s wrong. Can you paste your configuration and wrap it inside the triple backtick notation?
bla: "foo"
baz:
- bar: 123
which is written like this
See this
dude the indentation is all screwed up, so it’s impossible to understand what’s wrong. Can you paste your configuration and wrap it inside the triple backtick notation?
bla: "foo"
baz:
- bar: 123
which is written like this
See this
YAML formatting strikes again! I cleaned that up and boom:
36mALLOWED by { name: ‘winlogbeat/kibana can write and create its own indices’, policy: ALLOW}
36mALLOWED by { name: ‘winlogbeat/kibana can write and create its own indices’, policy: ALLOW}
Sorry for the inconvenience! I can work with this! I will keep you updated on the progress. After you said the rules were not being used I figured something was amiss and formatting is something I missed.
I can validate that I have successfully implemented ROR with ElasticSearch and WinLogBeat using TLS Certs and username/password validation.
Adding “enable: true” in the readonlyrest.yml file was very helpful for debugging.
Then formatting YAML everything worked after a few tweaks.
A quick not on formatting in this forum: It appears that everything I post loses its formatting and some of the things that are posted might not have good formatting so never bulk copy/paste from the forums or one could struggle.
Thanks for your help! ROR rules!
Yes, YAML is a bitch. I do my best to wrap in back ticks what people paste, but sometimes the formatting is already lost.
Any suggested solutions to mitigate this?
Yes to the </>
, definitely no to the ”
i.e.
with </>
code format button:
- name: "::PERSONAL_GRP::"
groups: ["Personal"]
kibana_access: rw
kibana_hide_apps: ["readonlyrest_kbn", "timelion"]
kibana_index: ".kibana_@{user}"
with quotation
- name: “::PERSONAL_GRP::”
groups: [“Personal”]
kibana_access: rw
kibana_hide_apps: [“readonlyrest_kbn”, “timelion”]
kibana_index: “.kibana_@{user}”