Centralized Log Setup awesant elasticsearch logstash and kibana3 part3

Overview

This guide will help you setup kibana3 with proper authorization and ldap based authentication. Kibana3 does not comes with any authentication and authorization of its own thus we would be using kibana3_auth which adds authentication and authorization to kibana3 milestone 4 which is the latest version of kibana3 available for download. This awesome work is done by Christian Marie (big thanks to him) and we will be pulling code from his github account. I also assume that you will be installing kibana3 on the same machine running elasticsearch. Lets get to work then

Centralized Log Setup awesant elasticsearch logstash and kibana3 part3

First clone kibana3_auth

Now to add ldap authentication to this you need to install net-ldap gem. Edit the gemfile

Make sure you add the following line to it

gem ‘net-ldap’

Your gem file should now look like this

Execute bundle install to install all required gems

Next edit the config file

Make sure you add the ldap host, method, username and password as per your environment.
Also the user tom would have unfiltered access, however if you are following this guide from the beginning, I mentioned we would be providing authorization based on tags. Users Peter and Cathy would only have access to logs we want them to have. You can also give access based on source host, just replace ‘@tags’ => ‘nagios-messages’ with ‘@source_host’ => ‘hostname

Since kibana3_auth will act as a proxy and all your request to access elasticsearch cluster will go through it, you need to edit this file and add the port number of at which kibana3_auth would be running. I will run it on port 80 thus replacing 9200 with 80

Lastly run the Webrick server

You should now be able to access Kibana3 interface on port 80. Point your browser to

http://ip-address-or-hostname

kibana301 300x158 Centralized Log Setup awesant elasticsearch logstash and kibana3 part3

Screenshot from 2014 01 18 172003 300x158 Centralized Log Setup awesant elasticsearch logstash and kibana3 part3

Screenshot from 2014 01 18 171819 300x158 Centralized Log Setup awesant elasticsearch logstash and kibana3 part3