I need to get all indices from Global tenant in Kibana 6.7.1:
GET /api/saved_objects/_find?type=index-pattern
How can I specify tenancy?
Not sure what plugin you are using for Kibana multi tenancy.
But if you are using SearchGuard Kibana security plugin, you can use the HTTP Header curl -H 'securitytenant: privateTenant'
If you are using opendistro Kibana security plugin, you can use the HTTP Header curl -H 'sgtenant: privateTenant'
Related
I have a self-hosted Grafana instance and a Elastic Cloud hosted Elasticsearch instance with Kibana. I'm hoping to get the two connected so I can query Elasticsearch directly from Grafana. I've gone through the official docs and haven't found them helpful here.
Here's the form I see when adding a datasource in Grafana:
Here's my Elastic Cloud deployment applications:
The URL in the Grafana form is coming from the Elasticsearch "Copy Endpoint" link.
The user defined here is a user I set up in the Elasticsearch "Stack Management" section with the kibana_system user role.
I've tried several of the options defined and cannot get a successful response from my ES instance.
Depending on the settings I've tried, it will either be a 400 error, 403 error, 503 error, or the Laravel Elasticsearch error: Types cannot be provided in get mapping requests, unless include_type_name is set to true..
With my current settings, I'm hitting the Laravel error above. I would assume this means my credentials are correct, but something else is happening in the verification request.
The verification request is going to https://[grafanahost]/api/datasources/proxy/17/logs*/_mapping
{
"error":{
"root_cause":[
{
"type":"illegal_argument_exception",
"reason":"Types cannot be provided in get mapping requests, unless include_type_name is set to true."
}
],
"type":"illegal_argument_exception",
"reason":"Types cannot be provided in get mapping requests, unless include_type_name is set to true."
},
"status":400
}
Thank you!
Is there anyway to add Authorization request header when configuring
?
In CLI, adding the -H "Authorization: ..." on stripe listen command does the trick. Just wondering if this is also available on the Stripe Dashboard.
The only authentication Stripe supports for sending webhooks to your server right now is Basic Auth in the URL, so e.g. you'd add the URL in the Dashboard as :
https://username:password#example.com/webhook-endpoint
There's no way to specify headers, that's something stripe-cli supports for assisting in local development but not part of the general webhook endpoint configuration.
I want to have a user which has a read-only access to a given index. I have read the Elasticsearch documentation and learnt that this can be achieved using the xpack API provided by Elasticsearch as a security feature. Now I am using "IBM Cloud Databases for Elasticsearch" and it comes with Elasticsearch 6.8.4, I am successfully able to communicate with it via Python and REST APIs as well and can manage to create index document etc but I am not able to use any of the xpack methods at all, not even the basic ones like get_role or get_user, it gives an error that I have attached herewith. I have also tried a same Elasticsearch version locally deployed on my machine and I am successfully able to use all the xpack methods. Below are the examples of how I am trying to use get_user method using requests and elasticsearch python.
Here is the requests method used and the response:
# Get User via requests
endpoint = "https://9fb4-f729-4d0c-86b1-da.eb46187.databases.appdomain.cloud:31248/_xpack/security/user"
header = {'Authorization': access_token,
'Content-Type': 'application/json',
'Accept': 'application/json'}
requests.get(url=endpoint,
auth=(cred_elastic["username"],cred_elastic['password']),
verify='./cert.pem',
headers=header).json()
Response:
{'error': {'root_cause': [{'type': 'security_exception',
'reason': 'Unexpected exception indices:data/read/get'}],
'type': 'security_exception',
'reason': 'Unexpected exception indices:data/read/get'},
'status': 500}
Here is python elasticsearch same method and response:
# Creating Elasticsearch Object
context = create_default_context(cadata=cred_elastic['tls_certificate'])
es = Elasticsearch(cred_elastic['endpoint'],
ssl_context=context,
http_auth=(cred_elastic['username'],
cred_elastic['password']))
es.security.get_user()
Response:
TransportError: TransportError(405, 'Incorrect HTTP method for uri [/_security/user] and method [GET], allowed: [POST]', 'Incorrect HTTP method for uri [/_security/user] and method [GET], allowed: [POST]')
Additionally, in the second method, the error is different but if instead I use put_user, it throws the exact same 500 error the former method throws.
I am using the default user and service credentials that IBM Cloud creates for authentication.
Update: This is the link to the service that I am using (Contains Documentation link as well):
https://cloud.ibm.com/catalog/services/databases-for-elasticsearch
That's because IBM Cloud Databases for Elasticsearch doesn't use xpack. So, if you're attempting to use it, it won't work. Currently, they only have one type of user.
I have a Chrome extension that needs to send data to a separate application I have running on Elastic Beanstalk via POST request. The POST endpoint itself is working fine via http, as confirmed using cURL.
However, given I am posting JSON data from a non-origin domain, the AJAX POST request is performed via https. This is causing the POST request to timeout, both from the Chrome extension and from cURL. I've done some research on how to change the CORS settings on the nginx server on Elastic Beanstalk, but I don't really know what I'm doing and kinda grasping at straws. How can I enable CORS on ELB/nginx?
NGINX instance working on EB machines are just proxying the request to your application and passing back the response to the client. You can set CORS headers in your application and that's it.
Is there any document available to setup Elasticsearch to serve connection over SSL ?. And is the option available on ELS ?.
Ex : curl -XGET https://localhost:9200/
Thanks.
You can setup your code to call SSL. What language are you using? Are you using a custom client or one provided by ElasticSearch (Find a list of clients supplied by ElasticSearch here)? If you are using a client you can configure them to use SSL (Here is an example for PHP's client).
I use SSL by using PHP's curl library. I do not use an clients, but instead a custom client. The following will list the stats of ElasticSearch from an SSL connection.
<?php
$ch = curl_init('https://localhost:9200/_stats');
curl_exec($ch); // this outputs to the browser.
// You can capture it using PHP's output buffer
// http://php.net/manual/en/function.ob-start.php
curl_close($ch);