This functionality is experimental and may be changed or removed completely in a future release. Elastic will take a best effort approach to fix any issues, but experimental features are not subject to the support SLA of official GA features.
NOTE: This You are looking at documentation for an older release. For the latest information, see the current release documentation.
Grant users access to Journalbeat indices
editGrant users access to Journalbeat indices
editTo enable users to access the indices Journalbeat creates, grant them read
and view_index_metadata privileges on the Journalbeat indices. If they’re
using Kibana, they also need the kibana_user role.
-
Create a reader role that has the
readandview_index_metadataprivileges on the Journalbeat indices.You can create roles from the Management > Roles UI in Kibana or through the
roleAPI. For example, the following request creates a role namedjournalbeat_reader: -
Assign your users the reader role so they can access the Journalbeat indices. For Kibana users who need to visualize the data, also assign the
kibana_userrole:-
If you’re using the
nativerealm, you can assign roles with the Management > Users UI in Kibana or through theuserAPI. For example, the following request grantsjournalbeat_userthejournalbeat_readerandkibana_userroles:POST /_xpack/security/user/journalbeat_user { "password" : "YOUR_PASSWORD", "roles" : [ "journalbeat_reader","kibana_user"], "full_name" : "Journalbeat User" } -
If you’re using the LDAP, Active Directory, or PKI realms, you assign the roles in the
role_mapping.ymlconfiguration file. For example, the following snippet grantsJournalbeat Userthejournalbeat_readerandkibana_userroles:journalbeat_reader: - "cn=Journalbeat User,dc=example,dc=com" kibana_user: - "cn=Journalbeat User,dc=example,dc=com"
For more information, see Using Role Mapping Files.
-