ReadonlyREST Forum
2 FOLLOWERS
Welcome to ReadonlyREST Forum, a community of Elasticsearch security experts, gravitating around ReadonlyREST 19 plugin. Share issues regarding Kibana indexing, learn to rebuild ROR indices, and get new feature ideas here.
ReadonlyREST Forum
1d ago
Hi,
I am failry new to ROR plugin and I have recently installed ROR plugin(1.55.0) to secure access to Elasticsearch v8.2.3.
I was able to do it successfully using basic HTTP auth rule in the readonlyrest.yml file but i couldnt find any information about the default level of access/assigned role to the user which is added to the readonlyrest.yml file under access_control_rules block.
My readonlyrest.yml looks something like below:
readonlyrest: **
** access_control_rules:
** - name: “Require HTTP Basic Auth”**
** type: allow**
** auth_key:Admin:password**
ssl:
** enable: true**
** keystore_fil ..read more
ReadonlyREST Forum
1w ago
Hi,
We are currently using ECK version 8.11.0 with ROR version 1.53.0. While the cluster is up and running without any general access issues, while trying to integrate with the ES Synonyms API - <ES_HOSTNAME>/_synonyms/my-synonyms-set, we encountered the following error(bridged for readability) -
{
"shard": 0,
"index": "index_name_1",
"status": "INTERNAL_SERVER_ERROR",
"reason": {
"type": "failed_node_exception",
"reason": "Failed node [4VxlaN3VSxeu_X_3-TrfBQ]",
"node_id": "4VxlaN3VSxeu_X_3-TrfBQ",
"caused_by": {
"type": "illeg ..read more
ReadonlyREST Forum
2w ago
Hi All,
not sure this is the right palce for asking this.
I’m using Elastic stack using Kibana and reaonlyrest.
I need to disable or inihitbit the query string nextUrl param, in order to avoid redirect to another page, because representing a possible security issue.
Is that possible?
I’m using
readonlyrest-1.41.0_es8.2.0.zip
readonlyrest_kbn_free-1.41.0_es8.2.0.zip
but I tried also readonlyrest_kbn_universal-1.55.0_es8.6.2.zip
and it does not look like solving the issue.
Thank you.
Andrea.
2 posts - 2 participants
Read full topic ..read more
ReadonlyREST Forum
1M ago
Hi,
We are currently using ECK version 8.11.0 with ROR version 1.53.0. While the cluster is up and running without any performance issues, we noticed the following recurrent error on our Elastic nodes -
{"@timestamp":"2024-04-04T12:28:53.651Z", "log.level": "INFO", "message":"\u001B[35mFORBIDDEN by default req={ ID:263549268-1295578936#10068214, TYP:DeleteDesiredNodesAction$Request, CGR:<N/A>, USR:elastic-internal (attempted), BRS:true, KDX:null, ACT:cluster:admin/desired_nodes/delete, OA:10.71.94.23/32, XFF:null, DA:10.71.71.141/32, IDX:<N/A>, MET:DELETE, PTH:/_internal/desired_n ..read more
ReadonlyREST Forum
1M ago
ROR Version: Enterprise 1.56.0_es7.15.1
Kibana Version: 7.15.1
Elasticsearch Version:7.15.1
Steps to reproduce the issue
1 step:
I need all ldap users to be able to log into kibana. My config:
- name: "all user"
type: allow
ldap_authentication:
name: "ldap"
kibana_access: rw
2 step:
A group appears in ldap that should only see certain indexes. My config:
- name: "filter index"
indices: ["*kibana*", "*:*index*]
kibana_access: rw
ldap_authentication:
name: "ldap"
ldap_authorization:
name: "ldap"
groups: ["team1 ..read more
ReadonlyREST Forum
1M ago
For single-node clusters using ELK version 8.6.2 and ROR version 1.54.0, the ROR indices that get created automatically when accessing Kibana have the ‘number_of_replicas’ setting equal to 1.
This happens regardless of what priority we set for our index templates, because the setting gets overwritten.
This bring the cluster to ‘yellow’ status, since it can’t allocate the shard to a different node.
1 post - 1 participant
Read full topic ..read more
ReadonlyREST Forum
1M ago
ROR Version: Enterprise 1.49.1_es7.15.1
Kibana Version: 7.15.1
Elasticsearch Version: 7.15.1
Steps to reproduce the issue
create acl
- name: "new index"
auth_key: user:pass
kibana_access: rw
kibana_index: .kibana-china
kibana_template_index: ".kibana_template"
Log in as a user in Kibana
Expected result:
.kibana-china - aliase
.kibana-china_1 - index
Actual Result:
2 indexes are created:
.kibana-china
.kibana-china_1
Because of this, I cannot create an index-patterns, perhaps dashboards.
{"ecs":{"version":"1.9.0"},"@timestamp":"2024-03-27T13:24:00.112+00:00","mess ..read more
ReadonlyREST Forum
1M ago
Hi
I would like to be able to have documentation for the version we are using before editing the ROR configuration.
You can add a button link to the Git repository of the documentation version that is currently installed in elasticsearch.
The button can be added here:
Let’s do this?
Click to view the poll.
1 post - 1 participant
Read full topic ..read more
ReadonlyREST Forum
1M ago
I have a problem, maybe you can come up with a better solution than I came up with.
I have ldap and 3 user groups:
ROR rules:
[user, elevated_user, admin]
I have a new group of people who can only see index A, group A
ROR rules:
[user_a, elevated_user_a, user, elevated_user, admin]
A second group appears, which sees only index B, group B
ROR rules:
[user_a,b , elevated_user_a,b, user_a, elevated_user_a, user_b, elevated_user_b, user, elevated_user, admin]
As you can see, the number of ACL rules is growing very quickly.
I tried doing this:
- name: "index list"
users: ["user"]
l ..read more
ReadonlyREST Forum
2M ago
Hello,
Can you help me how to upload company logo to ROR plugin?
I found this:
It’s recommended to use a transparent PNG, negative logo. Ideally a white foreground, and transparent background.
Open config/kibana.yml and append the following:
readonlyrest_kbn.login_custom_logo: ‘https://…/logo.png’
When I open kibana.yml a write this:
readonlyrest_kbn.login_custom_logo: ‘https://usr/share/kibana/plugins/readonlyrestkbn/public/logo.png’
It doesnt work. Also tried without https:// … in previous version 7.5.2 company logo worked.
2 posts - 2 participants
Read full topic ..read more