- Kibana Guide: other versions:
- Introduction
- Get started
- Set Up Kibana
- Discover
- Visualize
- Creating a Visualization
- Saving Visualizations
- Using rolled up data in a visualization
- Line, Area, and Bar charts
- Controls Visualization
- Data Table
- Markdown Widget
- Metric
- Goal and Gauge
- Pie Charts
- Coordinate Maps
- Region Maps
- Timelion
- TSVB
- Tag Clouds
- Heatmap Chart
- Vega Graphs
- Inspecting Visualizations
- Dashboard
- Canvas
- Graph data connections
- Machine learning
- Maps
- Code
- Infrastructure
- Logs
- APM
- Uptime
- SIEM
- Dev Tools
- Stack Monitoring
- Management
- Reporting from Kibana
- REST API
- Kibana plugins
- Limitations
- Release Highlights
- Breaking Changes
- Release Notes
- Developer guide
IMPORTANT: No additional bug fixes or documentation updates
will be released for this version. For the latest information, see the
current release documentation.
Secure the reporting endpoints
editSecure the reporting endpoints
editIn a production environment, you should restrict access to the X-Pack reporting endpoints to authorized users. This requires that you:
- Enable X-Pack security on your Elasticsearch cluster. For more information, see Getting started with security.
- Configure an SSL certificate for Kibana. For more information, see Configuring security.
-
Configure Watcher to trust the Kibana server’s certificate by adding it to the Watcher truststore on each node:
-
Import the Kibana server certificate into the Watcher truststore using Java Keytool:
keytool -importcert -keystore watcher-truststore.jks -file server.crt
If the truststore doesn’t already exist, it is created.
-
Make sure the
xpack.http.ssl.truststore.path
setting inelasticsearch.yml
specifies the location of the Watcher truststore.
-
- Add one or more users who have the permissions necessary to use Kibana and X-Pack reporting. For more information, see Reporting and security.
Once you’ve enabled SSL for Kibana, all requests to the X-Pack reporting endpoints
must include valid credentials. For example, see the following page which
includes a watch that submits requests as the built-in elastic
user:
Automating report generation.
For more information about configuring watches, see How Watcher Works.
Was this helpful?
Thank you for your feedback.