I am implementing a wazuh cluster with the opendistro version of elasticsearch and the wazuh version of kibana and wazuh. At the time of configure the LDAP aunthentication method and privilege management i have an issue, the user can log in, the backend roles are imported, but at the point of grant privileges to the backend roles imported from LDAP the web panel of elastic dont let me do it any way, no panel for it, no nothing. Any idea, or any documentation to do it from the conf of something? (The versions of the images of Docker are: Wazuh 4.2.5, Wazuh-Kibana 4.2.5 and Amazon-Opendistro-Elastic “latest”). Thanks
With security plugin of Kibana
Create role in security page then set your ldap role in Backend role.
With Elasticsearch security plugin
Set role or role_mapping.yml in security plugin.
In role_mapping.yml, set backend roles with your ldap role.
Then apply the yml that you changed with securityadmin.sh, but I think it will replace the current settings in your cluster with the new security yml.
So make sure you has already copy the setting to the security yml.
1 Like