Hi, I am failry new to ROR plugin and I have recently installed ROR plugin(1.55.0) to secure access to Elasticsearch v8.2.3. I was able to do it successfully using basic HTTP auth rule in the readonlyrest.yml file but i couldnt find any information about the default level of access/assigned role to the user which is added to the readonlyrest.yml file under access_control_rules block. My readonlyrest.yml looks something like below: readonlyrest: ** ** access_control_rules: ** - name: “Require HTTP Basic Auth”** ** type: allow** ** auth_key:Admin:password** ssl: ** enable: true** ** keystore_fil ..read more

Hi, We are currently using ECK version 8.11.0 with ROR version 1.53.0. While the cluster is up and running without any general access issues, while trying to integrate with the ES Synonyms API - <ES_HOSTNAME>/_synonyms/my-synonyms-set, we encountered the following error(bridged for readability) - { "shard": 0, "index": "index_name_1", "status": "INTERNAL_SERVER_ERROR", "reason": { "type": "failed_node_exception", "reason": "Failed node [4VxlaN3VSxeu_X_3-TrfBQ]", "node_id": "4VxlaN3VSxeu_X_3-TrfBQ", "caused_by": { "type": "illeg ..read more

Hi All, not sure this is the right palce for asking this. I’m using Elastic stack using Kibana and reaonlyrest. I need to disable or inihitbit the query string nextUrl param, in order to avoid redirect to another page, because representing a possible security issue. Is that possible? I’m using readonlyrest-1.41.0_es8.2.0.zip readonlyrest_kbn_free-1.41.0_es8.2.0.zip but I tried also readonlyrest_kbn_universal-1.55.0_es8.6.2.zip and it does not look like solving the issue. Thank you. Andrea. 2 posts - 2 participants Read full topic ..read more

Hi, We are currently using ECK version 8.11.0 with ROR version 1.53.0. While the cluster is up and running without any performance issues, we noticed the following recurrent error on our Elastic nodes - {"@timestamp":"2024-04-04T12:28:53.651Z", "log.level": "INFO", "message":"\u001B[35mFORBIDDEN by default req={ ID:263549268-1295578936#10068214, TYP:DeleteDesiredNodesAction$Request, CGR:<N/A>, USR:elastic-internal (attempted), BRS:true, KDX:null, ACT:cluster:admin/desired_nodes/delete, OA:10.71.94.23/32, XFF:null, DA:10.71.71.141/32, IDX:<N/A>, MET:DELETE, PTH:/_internal/desired_n ..read more

ROR Version: Enterprise 1.56.0_es7.15.1 Kibana Version: 7.15.1 Elasticsearch Version:7.15.1 Steps to reproduce the issue 1 step: I need all ldap users to be able to log into kibana. My config: - name: "all user" type: allow ldap_authentication: name: "ldap" kibana_access: rw 2 step: A group appears in ldap that should only see certain indexes. My config: - name: "filter index" indices: ["*kibana*", "*:*index*] kibana_access: rw ldap_authentication: name: "ldap" ldap_authorization: name: "ldap" groups: ["team1 ..read more

For single-node clusters using ELK version 8.6.2 and ROR version 1.54.0, the ROR indices that get created automatically when accessing Kibana have the ‘number_of_replicas’ setting equal to 1. This happens regardless of what priority we set for our index templates, because the setting gets overwritten. This bring the cluster to ‘yellow’ status, since it can’t allocate the shard to a different node. 1 post - 1 participant Read full topic ..read more

ROR Version: Enterprise 1.49.1_es7.15.1 Kibana Version: 7.15.1 Elasticsearch Version: 7.15.1 Steps to reproduce the issue create acl - name: "new index" auth_key: user:pass kibana_access: rw kibana_index: .kibana-china kibana_template_index: ".kibana_template" Log in as a user in Kibana Expected result: .kibana-china - aliase .kibana-china_1 - index Actual Result: 2 indexes are created: .kibana-china .kibana-china_1 Because of this, I cannot create an index-patterns, perhaps dashboards. {"ecs":{"version":"1.9.0"},"@timestamp":"2024-03-27T13:24:00.112+00:00","mess ..read more

Hi I would like to be able to have documentation for the version we are using before editing the ROR configuration. You can add a button link to the Git repository of the documentation version that is currently installed in elasticsearch. The button can be added here: Let’s do this? Click to view the poll. 1 post - 1 participant Read full topic ..read more

I have a problem, maybe you can come up with a better solution than I came up with. I have ldap and 3 user groups: ROR rules: [user, elevated_user, admin] I have a new group of people who can only see index A, group A ROR rules: [user_a, elevated_user_a, user, elevated_user, admin] A second group appears, which sees only index B, group B ROR rules: [user_a,b , elevated_user_a,b, user_a, elevated_user_a, user_b, elevated_user_b, user, elevated_user, admin] As you can see, the number of ACL rules is growing very quickly. I tried doing this: - name: "index list" users: ["user"] l ..read more

Hello, Can you help me how to upload company logo to ROR plugin? I found this: It’s recommended to use a transparent PNG, negative logo. Ideally a white foreground, and transparent background. Open config/kibana.yml and append the following: readonlyrest_kbn.login_custom_logo: ‘https://…/logo.png’ When I open kibana.yml a write this: readonlyrest_kbn.login_custom_logo: ‘https://usr/share/kibana/plugins/readonlyrestkbn/public/logo.png’ It doesnt work. Also tried without https:// … in previous version 7.5.2 company logo worked. 2 posts - 2 participants Read full topic ..read more