简体繁体 English

使用Kibana和Elasticsearch进行多租户设置

[英]Multitenant setup with Kibana and Elasticsearch

原文 2013-05-11 18:52:11 7 3 elasticsearch/ logstash/ kibana

I am going to use logstash+ES+kibana for my project. 我将为我的项目使用logstash + ES + kibana。 I want to know how to use this framework for multi tenants. 我想知道如何将这个框架用于多租户。 Can any one explain me how after the authentication Kibana query the elastic search index and load in Kibana's dashboard? 任何人都可以解释一下Kibana认证后如何在Kibana的仪表板中查询弹性搜索索引和加载？ Can I restrict kibana to look for a specifix index of Elastic search for a particular user or some-id? 我可以限制kibana查找特定用户或某个ID的弹性搜索的特定索引吗？ Anybody has tried this? 有人尝过这个吗？

Thnx 日Thnx

3 个解决方案

You could, but depending on your use case it is probably not a good idea. 你可以，但根据你的用例，它可能不是一个好主意。 There are a few gotchas, particularly regarding security and separating the users. 有一些问题，特别是在安全性和分离用户方面。 First Kibana is just javascript running in the browser. 第一个Kibana只是在浏览器中运行的javascript。 So whatever Kibana is allowed to do so is your user. 因此，无论Kibana允许这样做，您的用户都是如此。 You can however have a separate index pattern for each "user", but elastic search does not provide you any ways of authenticating a users or authorizing a user access to a specific index. 但是，您可以为每个“用户”设置单独的索引模式，但弹性搜索不会为您提供任何对用户进行身份验证或授权用户访问特定索引的方法。 You would have to use some sort of proxy for this. 你必须使用某种代理。

I recommend http://www.found.no/foundation/elasticsearch-in-production/ and http://www.found.no/foundation/elasticsearch-security/ for a more in depth explanation. 我建议http://www.found.no/foundation/elasticsearch-in-production/和http://www.found.no/foundation/elasticsearch-security/进行更深入的解释。

Create an index for each tenant. 为每个租户创建索引。

In this way you can use a proxy (like the app the hosts kibana) to intercept the request and return a settings that includes the index to use. 通过这种方式，您可以使用代理（如主机kibana的应用程序）拦截请求并返回包含要使用的索引的设置。

The value that specifies the index to use can be the logged in user or you can get that value somewhere else. 指定要使用的索引的值可以是登录用户，也可以在其他位置获取该值。

To separate even more the data, you can use a prefix in each index name, and then when you specify an index you can use a pattern to take all the index related to only certain kind of data/entities. 要分离更多数据，可以在每个索引名称中使用前缀，然后在指定索引时，可以使用模式将所有索引仅与特定类型的数据/实体相关联。

Hope this help. 希望这有帮助。

Elasticsearch announced today a plugin they are working on that should provide security features to ES product. Elasticsearch今天宣布他们正在开发的插件应该为ES产品提供安全功能。 Probably, this will contain ways of restricting access based on roles and users setup at cluster and indices level. 可能会包含基于角色和用户在集群和索引级别设置的访问来限制访问的方法。 If this happens I see no way for them not to extend this security layer to Kibana, as well. 如果发生这种情况，我认为他们也没办法不将这个安全层扩展到Kibana。 Also, it seems this plugin will have a commercial version only. 此外，该插件似乎只有商业版。