Configuring Graph

When a user saves a graph workspace in Kibana, it is stored in the .kibana index along with other saved objects like visualizations and dashboards. By default, both the configuration and data are saved for the workspace:

The data in a saved workspace is like a report—​it is a saved snapshot that potentially summarizes millions of raw documents. Once saved, these summaries are no longer controlled by security policies. Because the original documents might be deleted after a workspace is saved, there’s no practical basis for checking permissions for the data in a saved workspace.

For this reason, you can configure the save policy for graph workspaces to ensure appropriate handling of your data. You can allow all users to save only the configuration information for a graph, require all users to explicitly include the workspace data, or completely disable the ability to save a workspace.

For example, to disable the save option entirely, set xpack.graph.savePolicy to none in kibana.yml:

xpack.graph.savePolicy: none

The supported save policies are:

You can also use security to grant read only or all access to different roles. When security is used to grant read only access, the following indicator in Kibana is displayed. For more information on granting access to Kibana, see Granting access to Kibana.

By default, users can configure drill down URLs to display additional information about a selected vertex in a new browser window. For example, you could configure a drill down URL to perform a web search for the selected vertex term.

To prevent users from adding drill down URLs, set xpack.graph.canEditDrillDownUrls to false in kibana.yml:

xpack.graph.canEditDrillDownUrls: false