- Kibana Guide: other versions:
- What is Kibana?
- What’s new in 8.16
- Kibana concepts
- Quick start
- Set up
- Install Kibana
- Configure Kibana
- Alerting and action settings
- APM settings
- Banners settings
- Cases settings
- Enterprise Search settings
- Fleet settings
- i18n settings
- Logging settings
- Logs settings
- Metrics settings
- Monitoring settings
- Reporting settings
- Search sessions settings
- Secure settings
- Security settings
- Spaces settings
- Task Manager settings
- Telemetry settings
- URL drilldown settings
- Start and stop Kibana
- Access Kibana
- Securing access to Kibana
- Add data
- Upgrade Kibana
- Configure security
- Configure reporting
- Configure logging
- Configure monitoring
- Command line tools
- Production considerations
- Discover
- Dashboards
- Canvas
- Maps
- Build a map to compare metrics by country or region
- Track, visualize, and alert on assets in real time
- Map custom regions with reverse geocoding
- Heat map layer
- Tile layer
- Vector layer
- Plot big data
- Search geographic data
- Configure map settings
- Connect to Elastic Maps Service
- Import geospatial data
- Troubleshoot
- Reporting and sharing
- Machine learning
- Graph
- Alerting
- Observability
- Search
- Security
- Dev Tools
- Fleet
- Osquery
- Stack Monitoring
- Stack Management
- Cases
- Connectors
- Amazon Bedrock
- Cases
- CrowdStrike
- D3 Security
- Google Gemini
- IBM Resilient
- Index
- Jira
- Microsoft Teams
- Observability AI Assistant
- OpenAI
- Opsgenie
- PagerDuty
- SentinelOne
- Server log
- ServiceNow ITSM
- ServiceNow SecOps
- ServiceNow ITOM
- Swimlane
- Slack
- TheHive
- Tines
- Torq
- Webhook
- Webhook - Case Management
- xMatters
- Preconfigured connectors
- License Management
- Maintenance windows
- Manage data views
- Numeral Formatting
- Rollup Jobs
- Manage saved objects
- Security
- Spaces
- Advanced Settings
- Tags
- Upgrade Assistant
- Watcher
- REST API
- Get features API
- Kibana spaces APIs
- Kibana role management APIs
- User session management APIs
- Saved objects APIs
- Data views API
- Index patterns APIs
- Alerting APIs
- Action and connector APIs
- Cases APIs
- Import and export dashboard APIs
- Logstash configuration management APIs
- Machine learning APIs
- Osquery manager API
- Short URLs APIs
- Get Task Manager health
- Upgrade assistant APIs
- Synthetics APIs
- Uptime APIs
- Kibana plugins
- Troubleshooting
- Accessibility
- Release notes
- Upgrade notes
- Kibana 8.16.4
- Kibana 8.16.3
- Kibana 8.16.2
- Kibana 8.16.1
- Kibana 8.16.0
- Kibana 8.15.5
- Kibana 8.15.4
- Kibana 8.15.3
- Kibana 8.15.2
- Kibana 8.15.1
- Kibana 8.15.0
- Kibana 8.14.3
- Kibana 8.14.2
- Kibana 8.14.1
- Kibana 8.14.0
- Kibana 8.13.4
- Kibana 8.13.3
- Kibana 8.13.2
- Kibana 8.13.1
- Kibana 8.13.0
- Kibana 8.12.2
- Kibana 8.12.1
- Kibana 8.12.0
- Kibana 8.11.4
- Kibana 8.11.3
- Kibana 8.11.2
- Kibana 8.11.1
- Kibana 8.11.0
- Kibana 8.10.4
- Kibana 8.10.3
- Kibana 8.10.2
- Kibana 8.10.1
- Kibana 8.10.0
- Kibana 8.9.2
- Kibana 8.9.1
- Kibana 8.9.0
- Kibana 8.8.2
- Kibana 8.8.1
- Kibana 8.8.0
- Kibana 8.7.1
- Kibana 8.7.0
- Kibana 8.6.1
- Kibana 8.6.0
- Kibana 8.5.2
- Kibana 8.5.1
- Kibana 8.5.0
- Kibana 8.4.3
- Kibana 8.4.2
- Kibana 8.4.1
- Kibana 8.4.0
- Kibana 8.3.3
- Kibana 8.3.2
- Kibana 8.3.1
- Kibana 8.3.0
- Kibana 8.2.3
- Kibana 8.2.2
- Kibana 8.2.1
- Kibana 8.2.0
- Kibana 8.1.3
- Kibana 8.1.2
- Kibana 8.1.1
- Kibana 8.1.0
- Kibana 8.0.0
- Kibana 8.0.0-rc2
- Kibana 8.0.0-rc1
- Kibana 8.0.0-beta1
- Kibana 8.0.0-alpha2
- Kibana 8.0.0-alpha1
- Developer guide
Configure security in Kibana
editConfigure security in Kibana
editWhen you start Elasticsearch for the first time, Elastic Stack security features are enabled on
your cluster and TLS is configured automatically. The security configuration
process generates a password for the elastic
user and an enrollment token for
Kibana.
Start the Elastic Stack with security enabled
and then enroll Kibana as part of the configuration process.
You can then log in to Kibana as the elastic
user to create additional roles
and users.
When a user is not authorized to view data in an index (such as an Elasticsearch index), the entire index will be inaccessible and not display in Kibana.
Configure security settings
editSet an encryption key so that sessions are not invalidated. You can optionally configure additional security settings and authentication.
-
Set the
xpack.security.encryptionKey
property in thekibana.yml
configuration file. You can use any text string that is 32 characters or longer as the encryption key. Refer toxpack.security.encryptionKey
.xpack.security.encryptionKey: "something_at_least_32_characters"
Kibana’s reporting and saved objects features also have encryption key settings. Refer to
xpack.reporting.encryptionKey
andxpack.encryptedSavedObjects.encryptionKey
respectively. - Optional: Configure Kibana’s session expiration settings.
- Optional: Configure Kibana to authenticate to Elasticsearch with a client certificate.
- Restart Kibana.
Create roles and users
editConfigure roles for your Kibana users to control what data those users can access.
-
Temporarily log in to Kibana using the built-in
elastic
superuser so you can create new users and assign roles. If you are running Kibana locally, go tohttps://localhost:5601
to view the login page.The password for the built-in
elastic
user is generated as part of the security configuration process on Elasticsearch. If you need to reset the password for theelastic
user or other built-in users, run theelasticsearch-reset-password
tool. -
Create roles and users to grant access to Kibana.
To manage privileges in Kibana, go to the Roles management page using the navigation menu or the global search field. The built-in
kibana_admin
role will grant access to Kibana with administrator privileges. Alternatively, you can create additional roles that grant limited access to Kibana.If you’re using the default native realm with Basic Authentication, go to the Users management page using the navigation menu or the global search field to create users and assign roles, or use the Elasticsearch user management APIs. For example, the following creates a user named
jacknich
and assigns it thekibana_admin
role:POST /_security/user/jacknich { "password" : "t0pS3cr3t", "roles" : [ "kibana_admin" ] }
For more information on Basic Authentication and additional methods of authenticating Kibana users, see Authentication.
-
Grant users access to the indices that they will be working with in Kibana.
You can define as many different roles for your Kibana users as you need.
For example, create roles that have
read
andview_index_metadata
privileges on specific data views. For more information, see User authorization. -
Log out of Kibana and verify that you can log in as a normal user. If you are running Kibana locally, go to
https://localhost:5601
and enter the credentials for a user you’ve assigned a Kibana user role. For example, you could log in as the userjacknich
.This must be a user who has been assigned Kibana privileges. Kibana server credentials (the built-in
kibana_system
user) should only be used internally by the Kibana server.