Docs
You are looking at documentation for an older release. Not what you want? See the current release documentation.
X-Pack for the Elastic Stack [5.0] » Securing Elasticsearch and Kibana » Tribe, Clients and Integrations » Reporting and Security
«  Monitoring and Security     Reference  »

Reporting and Security

Reporting operates by creating and updating documents in Elasticsearch in response to user actions in Kibana.

To use Reporting with X-Pack security enabled, you need to set up Kibana to work with X-Pack security. If you are automatically generating reports with Watcher, you also need to configure Watcher to trust the Kibana server’s certificate. For more information, see Securing Reporting.

To enable users to generate reports, assign them the built in reporting_user and kibana_user roles:

  • If you’re using the native realm, you can assign roles through Management / Users UI in Kibana or with the user API. For example, the following request creates a reporter user that has the reporting_user and kibana_user roles: 

    POST /_xpack/security/user/reporter
{
  "password" : "changeme",
  "roles" : ["kibana_user", "reporting_user"],
  "full_name" : "Reporting User"
}

  • If you are using an LDAP or Active Directory realm, you can either assign roles on a per user basis, or assign roles to groups of users. By default, role mappings are configured in config/shield/role_mapping.yml. For example, the following snippet assigns the user named Bill Murray the kibana_user and reporting_user roles: 

    kibana_user:
  - "cn=Bill Murray,dc=example,dc=com"
reporting_user:
  - "cn=Bill Murray,dc=example,dc=com"
«  Monitoring and Security     Reference  »