I'm evaluating ES for our project use case. Once of the requirement is security. I have some questions regarding ES license and security features ?
Does basic license include security ?
If security enabled in basic ( free ) version does it include document fields level security ? if not what level free security stops ?
There are some confusing information regarding this hence i thought to post it here to get clear understanding.
Inline answers:
1. Does basic license include security ?
Yes, from ES 6.8 its included in basic free license but in basic license it's off by default using x-pack security config `xpack.security.enabled. it can be enabled.
More info on above setting in this official doc. Also please refer Elastic blog on making security free, which has detailed information.
2. If security enabled in basic ( free ) version does it include document fields level security? if not what level free security stops ?
Edit: As I looked into Elastic blog it seems the document level security is still a paid feature as from the same blog:
Note that our advanced security features — from single sign-on and
Active Directory/LDAP authentication to field- and document-level
security — remain paid features
More info on what is available in what subscription can be seen at Elastic subscription matrix
Related
Is there basic authentication free with elastic search (basic) distributed version or this falls under the 30 days trial feature ?
We are working on adding elastic search as indexing solution for our application. Bit confused with licensing and subscription where they mention that distributed has some feature like Xpack for security free but also mention that it is under trail version.
So the question is can we add basic security to elastic search and use it without any trial issue or it is trial pack ?
basic Elastic Security features are free since v6.8 or v7.1. No trial. From this feature matrix, here's what you get for free:
Secure settings
Encrypted communications
Role-based access control
File and native authentication
Kibana Spaces
Kibana feature controls
API keys management
Your basic authentication requirement is covered by using file or native authentication (https://www.elastic.co/guide/en/elasticsearch/reference/7.11/setting-up-authentication.html), as long as you don't have to integrate your authentication process with an identity provider.
2 options
Open distro from amazon
2.https://search-guard.com/
I had a few questions in regards to elasticsearch architecture and associated services and/or products that is not clear to me.
The idea is to setup an elasticsearch instance for searching through file shares, Exchange mailboxes, Sharepoint sites and even Teams conversations if possible.
How would I setup the elasticsearch instance to support the following requirements:
Security filtering results from these sources for users
Develop on a simple and clean web search page like SearchUI from Elastic themselves.
Active Directory or ADFS authentication
Use nodejs on a separate server to proxy to elastic, as elastic user management means that users get access to all search results
I can find tutorials and blogs on some of these items, but no comprehensive description of how the architecture would actually work specifically with the SearchUI and proxying of data to ES.
Please have a look at this new product released by Elastic guys using same elastic search framework
https://www.elastic.co/workplace-search
it closley matches your requirement.
According to their subscriptions overview page, Kibana Alerting is supported in the Basic Lisence.
However I'm unable to find/activate the feature on Kibana.
I've been searching the ES forums, can't really find a clear answer whether Alerting is actually available in the Basic license or not.
Btw: security settings is activated in my cluster
Question1: Is there way to achieve free read-only access to Kibana?
Question2: Is there way to achieve free OAuth login to Kibana?
Already everyone who have link to my Kibana have all accesses too. What I need is give some users read-only access.
I use docker ELK stack from: https://github.com/deviantony/docker-elk
I know that X-Pack have those features but it is paid.
Best free tool you can use is probably https://github.com/floragunncom/search-guard but free version offers only basic auth.
I am trying to locate a web page or alert service that I can sign up for to receive information on security patches / alerts relating to SonarQube.
I need to rate these advisories on a monthly basis to ensure that all security patches are applied in a timely manner.
Regards
Sean
The downloads page lists all the updates. You could just check there once a month.
If you pay SonarSource for support, you could express the desire to receive this information by email as well.
I don't know of any service that lists the info you need. That said, I don't remember seeing a lot of security alerts. It's not like Java where there are quarterly patches.