Kibana Guide: other versions:
What is Kibana?
What’s new in 7.12
Kibana concepts
- Create an index pattern
- Set the time range
- Kibana Query Language
- Lucene query syntax
- Save a query
Quick start
Set up
- Install Kibana
- Configure Kibana
- Start and stop Kibana
- Access Kibana
- Securing access to Kibana
- Add data
- Upgrade Kibana
  - Standard upgrade
  - Upgrade migrations
- Embed Kibana content in a web page
- Configure monitoring
- Configure security
Production considerations
- Alerting
- Task Manager
  - Health monitoring
  - Troubleshooting
Discover
- View a document
- Search for relevance
- Save a search
- Run a search session in the background
Dashboard
- Tutorial: Create a dashboard of panels with web server data
- Tutorial: Create a dashboard of panels with ecommerce sales data
- Create panels with editors
  - Lens
  - TSVB
  - Vega
  - Aggregation-based
  - Timelion
- Enhance dashboards
- Create custom dashboard actions
  - URL templating
- Supported features by panel type
Canvas
- Edit workpads
- Present your workpad
- Share your workpad
- Tutorial: Create a workpad for monitoring sales
- Canvas expression lifecycle
- Canvas function reference
  - TinyMath functions
Maps
- Build a map to compare metrics by country or region
- Heat map layer
- Tile layer
- Vector layer
- Plot big data
- Search geographic data
- Configure map settings
- Connect to Elastic Maps Service
- Import geospatial data
  - Tutorial: Index GeoJSON data
- Troubleshoot
Machine learning
- Anomaly detection
- Data frame analytics
Graph
- Create a graph
- Configure Graph
- Troubleshoot
- Limitations
Observability
APM
- Set up
- Get started
- How-to guides
- Users and privileges
- Settings
- REST API
- Troubleshooting
Elastic Security
- Using Elastic Security
- Anomaly Detection with Machine Learning
Dev Tools
- Console
- Profiling queries and aggregations
- Debugging grok expressions
- Painless Lab
Stack Monitoring
- Beats Metrics
- Elasticsearch Metrics
- Kibana Alerts
- Kibana Metrics
- Logstash Metrics
- Troubleshooting
Stack Management
- Advanced Settings
- Alerts and Actions
- Beats Central Management
- Field management
- License Management
- Numeral Formatting
- Rollup Jobs
- Saved Objects
- Tags
- Security
- Snapshot and Restore
  - Tutorial: Snapshot and Restore
- Spaces
- Upgrade Assistant
- Watcher
Fleet
Reporting
- Automating report generation
- Reporting configuration
- Troubleshooting
- Reporting integration
Alerting and Actions
- Defining alerts
- Actions and connectors
- Alerts
- Alerting Troubleshooting
REST API
- Get features API
- Kibana spaces APIs
- Kibana role management APIs
- Saved objects APIs
- Alerts APIs
- Action and connector APIs
- Import and export dashboard APIs
  - Import dashboard
  - Export dashboard
- Logstash configuration management APIs
- Shorten URL
- Upgrade assistant APIs
Kibana plugins
Accessibility
Release notes
- Kibana 7.12.1
- Kibana 7.12.0
  - Enhancements and bug fixes
Developer guide
- Getting started
- Best practices
- Architecture
- Contributing
- External plugin development
- Advanced
- List of Kibana plugins
- Plugin API changes

IMPORTANT: No additional bug fixes or documentation updates will be released for this version. For the latest information, see the current release documentation.

« Reporting and security Restrict requests with a Reporting network policy »

› › ›

Secure the reporting endpoints

edit

Secure the reporting endpoints

edit

In a production environment, you should restrict access to the reporting endpoints to authorized users. This requires that you:

Enable Elastic Stack security features on your Elasticsearch cluster. For more information, see Getting started with security.
Configure TLS/SSL encryption for the Kibana server. For more information, see Encrypt TLS communications in Kibana.
Specify the Kibana server’s CA certificate chain in elasticsearch.yml:

If you are using your own CA to sign the Kibana server certificate, then you need to specify the CA certificate chain in Elasticsearch to properly establish trust in TLS connections between Watcher and Kibana. If your CA certificate chain is contained in a PKCS #12 trust store, specify it like so:
```
xpack.http.ssl.truststore.path: "/path/to/your/truststore.p12"
xpack.http.ssl.truststore.type: "PKCS12"
xpack.http.ssl.truststore.password: "optional decryption password"
```
Otherwise, if your CA certificate chain is in PEM format, specify it like so:
```
xpack.http.ssl.certificate_authorities: ["/path/to/your/cacert1.pem", "/path/to/your/cacert2.pem"]
```
For more information, see the Watcher HTTP TLS/SSL Settings.
Add one or more users who have the permissions necessary to use Kibana and reporting features. For more information, see Reporting and security.

Once you’ve enabled SSL for Kibana, all requests to the reporting endpoints must include valid credentials. For example, see the following page which includes a watch that submits requests as the built-in elastic user: Automating report generation.

For more information about configuring watches, see How Watcher works.

« Reporting and security Restrict requests with a Reporting network policy »

Was this helpful?

Feedback

The Search AI Company

ELK Stack

Elastic Cloud

Generative AI

Search

Security

Observability

By solution

Industries

Customer spotlight

Research

Build

Learn

Connect

Secure the reporting endpoints

Secure the reporting endpoints

Follow us

About us

Join us

Partners

Trust & Security

Investor relations

Excellence Awards

About us

Join us

Partners

Trust & Security

Investor relations

Excellence Awards