Use of Shield 2.0+ with Elasticsearch and Kibana

Source: Internet
Author: User
Tags kibana logstash

Both the ELK and Shield 2.0+ are installed on 10.100.100.60 server 1, Elasticsearch installed on Shieldbin/plugin installation licensebin/plugin install SHIELD2, run E Lasticsearchbin/elasticsearch3, add an Admin user bin/shield/esusers useradd es_admin-r admin Enter password 123456 login es_admin 123456, You can see all the INDICES4, test whether users write to the page login http://10.100.100.60:9200/need to enter the user name and password es_admin 1234565, to Kibana Write shield Reference official web page https:// Www.elastic.co/guide/en/shield/current/kibana.htmlcurl-u Es_admin-xpost ' http://10.100.100.60:9200/_shield/user/ Kibana-server '-d ' {"Password": "123456", "Roles": ["Kibana4_server"]}} ' return {"user": {"created": true}} Modify the Kibana configuration file:/ Config/kibana.yml.elasticsearch.username: "Kibana4-server" Elasticsearch.password: "123456" modified roles.yml/data/ Elasticsearch/config/shield/roles.yml join Kibana_redis role, only give Logstash-redis-input Read permission,. Kibana Read and write administrative rights Kibana_redis: Cluster:-Monitor indices:-Names: ' logstash-redis-input-* ' privileges:-view_index_metadata-read-names: '. kibana* ' Privileges:-Manage-read-index 6, add a user Es_kibana to the role KiBAna_redisbin/shield/esusers useradd es_kibana-r kibana_redis Enter password 123456 browser run Http://10.100.100.60:9200/_plugin/head /Enter Es_kibana 123456 Login For example, only the indices of logstash-redis-input-* and. Kibana can see the data, and none of the others have  7, Kibana roles given to login Info curl-u es_kibana-xpost ' http://10.100.100.60:9200/_shield/user/kibana-server '-d ' {"Password": "123456", "Roles": [ "Kibana_redis"}} ' failed error: {"error": {"Root_cause": [{"Type": "Security_exception", "Reason": "Unable to authenticate user [Es_kibana] for REST request [/_shield/user/kibana-server] "," header ": {" www-authenticate ":" Basic realm=\ "shield\" "}} ], "type": "Security_exception", "Reason": "Unable to authenticate user [Es_kibana] for REST request [/_shield/user/ Kibana-server] "," header ": {" www-authenticate ":" Basic realm=\ "shield\" "}}," Status ":401}  modify user again after users are Es_ Kibanacurl-u es_kibana-xpost ' Http://10.100.100.60:9200/_shield/user/es_kibana '-d ' {"Password": "123456", "Roles": [ "Kibana_redis"}} '   returned {"User": {"created": true}} successfully   &nbSp;8, login Kibana browser run http://10.100.100.60:5601/login Es_kibana 123456 For example, only click Logstash-redis-input-*, there will be data (Figure 8-1), the other (Figure 8-2) , the error figure 8-1 Figure 8-2 is attached to the official website explanation: with Shield installed, if you load a Kibana dashboard that accesses the data in an index that is not Authorized to view, you get a error that indicates the index does not exist. Kibana and Shield do not currently provide a-to control which users can load which dashboards. Install Shield If you load a Kibana instrument Dial, you are not authorized to access the data index, view, you get an error that indicates that the indices does not exist. Kibana and shield currently do not provide a way to control which dashboards the user can load.  

Shield 2.0+ for use with Elasticsearch and Kibana

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.