0

I am trying to set up Kibana at production, and in order to do so, I have Kibana on a different server that my ElasticSearch node... however, I read that in order to have that config (that is indeed needed for production), I need to install on my ElasticSearch the Shield plugin, and authenticate Kibana using it.

Problem is that ElasticSearch is on a SaaS install, on cloud, on IBM Bluemix Compose, and they don't support the use of Shield at Compose, and the only authentication that Compose ElasticSearch has is basic HTTP authentication.

Do you known if Shield at ElasticSearch is strictly needed to have Kibana running ? I do not see any other opption, and not sure about if it will possible to have any other alternative to get Kibana running!

zcoop98
  • 2,590
  • 1
  • 18
  • 31
AndresG
  • 69
  • 6

1 Answers1

0

If you're using the latest version of Elasticsearch which is 5.0, Sheild has been deprecated in it and instead of that you can go on and use X-Pack which has security module built in. But as far as I know it's not a must to have either Shield or X-Pack to have Kibana up and running on a different server. You just to have make sure that server.host points to the server you're running Kibana on and elasticsearch.url should point where your ES instance is running. Basically X-Pack Security (aka Shield) is being used to give privileges for accessibility for different kind of users.

Maybe you could have a look at Kibana and Security. Hope it helps!

Kulasangar
  • 9,046
  • 5
  • 51
  • 82
  • My concern is that, it's not a must to have Shield in order to run Kibana on another server, but then assuming that it's running on a production environment at the moment, it's better to have some kinda auth procedure to avoid unnecessary access over it. – Kulasangar Nov 29 '16 at 09:29
  • I am not sure what release I am using of ElasticSearch, since that service is ofrecered by IBM BlueMix on cloud, and I only have a rest interface to interface with ElasticSearch, no access to the ElasticSearch Server itself to install/check anything. On my kibana server, I can do any changes, and I changed elasticsearch.url to point to the right site.... I even set up the credentials (elasticsearch.username and elasticsearch.password variables needed to conect my elasticsearch), however, each time I am trying to enter on kibana, I am asked for a credentials of an user... – AndresG Nov 29 '16 at 09:40
  • So that should be fine, looking into security point of view. So your problem is to whether go ahead and use Shield or not? – Kulasangar Nov 29 '16 at 09:42
  • No, my problem is that I do not know what credentials to use when trying to access the Kirbana Web Interace... I am asked for some credentials there, that are not the one that are use to secure my elasticsearch install (since i tryed to use the ones on elasticsearch.username & elasticsearch and do not work). They are not either the ones used by nginx in from (that I setup using htpasswd -c /etc/httpd/conf/kibana.htpasswd kirbanadmin)... no idea of what that credentials are, that is why I though they were Shield / Xpack related and had some configuration missing... – AndresG Nov 29 '16 at 09:55
  • Haven't tried Nginx with Kibana or neither with ES. I've provided some useful links in your previous [question](http://stackoverflow.com/questions/40847657/kibana-asking-for-credentials). Did you check those out? – Kulasangar Nov 29 '16 at 10:04