AFAIK, Kibana by default saves it's dashboards in an ES index called kibana-int, as referenced in your httpd.conf file here: <LocationMatch "^/(kibana-int/dashboard/|kibana-int/temp)(.*)$">
You could restrict commands on that index based on authentication, like x user can do GET POST, whereas y user can do DELETE GET POST PULL, etc. On Tuesday, January 20, 2015 at 12:31:22 PM UTC-5, Taylor Wood wrote: > > I am looking to require passwords to access specific dashboards in kibana. > I am using apache and currently have basic authentication working for the > site as a whole but want to lock it down even more so only some users have > access to specific dashboards. > > Kabana v3 > > Below is my httpd conf file. > ========= > [root@SERVER conf.d]# cat kibana3.conf > <VirtualHost *:80> > ServerName MY SERVER NAME > > DocumentRoot /var/www/kibana3 > <Directory /var/www/kibana3> > Allow from all > Options -Multiviews > </Directory> > > LogLevel debug > ErrorLog /var/log/httpd/error_log > CustomLog /var/log/httpd/access_log combined > > # Set global proxy timeouts > <Proxy http://127.0.0.1:9200> > ProxySet connectiontimeout=5 timeout=90 > </Proxy> > > # Proxy for _aliases and .*/_search > <LocationMatch > "^/(_nodes|_aliases|.*/_aliases|_search|.*/_search|_mapping|.*/_mapping)$"> > # ProxyPassMatch http://127.0.0.1:9200/$1 > # ProxyPassReverse http://127.0.0.1:9200/$1 > </LocationMatch> > > # Proxy for kibana-int/{dashboard,temp} stuff (if you don't want auth on > /, then you will want these to be protected) > <LocationMatch "^/(kibana-int/dashboard/|kibana-int/temp)(.*)$"> > # ProxyPassMatch http://127.0.0.1:9200/$1$2 > # ProxyPassReverse http://127.0.0.1:9200/$1$2 > </LocationMatch> > > <Location /> > Order deny,allow > Allow from all > AuthType Basic > AuthBasicProvider file > AuthName "Restricted" > AuthUserFile /etc/httpd/conf.d/kibana-htpasswd > AuthGroupFile /etc/httpd/conf.d/kibana-groups > Require valid-user > </Location> > > # <Location /#/dashboard/elasticsearch/techsupport> > # Order deny,allow > # Allow from all > # AuthType Basic > # AuthBasicProvider file > # AuthName "Restricted" > # AuthUserFile /etc/httpd/conf.d/kibana-htpasswd > # AuthGroupFile /etc/httpd/conf.d/kibana-groups > # Require valid-user > # </Location> > ============ > > I also have a groups file and password file where it pulls the encrypted > passwords and users from. > ========= > GroupName: admin tom fred joe > ======== > joe:q.FjeZsgaHH.xMdf > tom:NadbOcfsqQY6nsfd > admin:j.ah3fsfdm0v7UVI > ============== > > According to elasticsearch it should save the dashboards as a .json file > but it is not saving them here (hence I can not seem to lock them down with > apache through a file) > [root@SERVERdashboards]# ls > blank.json default.json guided.json logstash.js logstash.json > noted.json testdash.json > > > At this point I am just spinning wheels and not getting anywhere. Any > help is appreciated. > -- You received this message because you are subscribed to the Google Groups "elasticsearch" group. To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/b78138c2-3fe0-473f-9e69-35a552ab6488%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
