How to secure your kibana

How to secure your kibana

ELK stack is very well known and very robust which can be used for uses cases and scenario whether it be

  • Logging aggregation and analysis
  • Anamoly detection
  • APM for application profiling

Although, kibana is very good at what it does but lacked authentication. But with the  release version 6.8 and 7.1 authentications became free with features:

  • TLS for encryption
  • Role-based access control
  • User creation for fine-grained control

So let’s start and configure the authentication

Step 1. Enable xpack security in the elasticsearch.yml file

 xpack.security.enabled: true

Step 2. Generate the password for inbuilt users  on the master node (if applicable) and save the output to be used later

cd {elasticsearch_config_path}

bin/elasticsearch-setup-passwords auto

The output will be like below:

Changed password for user apm_system
PASSWORD apm_system = toIGmzJCU4gqIawyHOwI

Changed password for user kibana
PASSWORD kibana = 1cUuUWhSAq31wvOL5Ofs

Changed password for user logstash_system
PASSWORD logstash_system = wAwhZv6H2qtx3Q1xy6zV

Changed password for user beats_system
PASSWORD beats_system = FHQrTH5JYQwwTYTPcBsc

Changed password for user remote_monitoring_user
PASSWORD remote_monitoring_user = PEZSa3IDQlVC81dQ1aPT

Changed password for user elastic
PASSWORD elastic = vEpnwKF2vubmghWnzr2C

Step 3. Restart elasticsearch

systemctl restart elasticsearch

Step 4. Enable basic authentication on kibana. Find and uncomment elasticsearch.username and elasticsearch.password with the kibana user and password generated in step 2.

Step 4. Restart kibana

cd {kibana_installation_path}

bin/kibana -q

Step 5. Login to localhost:5601 with elastic user and password generated in step 2

Secure kibana

Step 6. Create a user with restricted privileges

Go to Management -> Security -> Users -> Create user

Create kibana user

Provide the required details and roles as per your requirement. Although you have to create a custom role in order to allow a user to search index if you want to create a restricted user.

Step 7. Create a custom role

Kibana custom role

 

Step 8. Assign this role to your user

Post these actions your Kibana is secured with role-based password-based authentication. Hope this helps you…

 

Leave a Reply

Your email address will not be published. Required fields are marked *