maxmustermann/kibana
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
kibana/docs/settings/security-settings.asciidoc
Brandon Kobel 4224895cda
Adding note about sessions always being bound to browser's lifetime. (#31472) 
* Adding note about sessions always being bound to browser's lifetime.

* Update docs/settings/security-settings.asciidoc

Co-Authored-By: kobelb <brandon.kobel@gmail.com>
2019-02-19 10:43:37 -08:00

56 lines
2.1 KiB
Text
Raw Blame History

[role="xpack"]
[[security-settings-kb]]
=== Security settings in Kibana
++++
<titleabbrev>Security settings</titleabbrev>
++++
You do not need to configure any additional settings to use the
{security-features} in {kib}. They are enabled by default.
[float]
[[general-security-settings]]
==== General security settings
`xpack.security.enabled`::
Set to `true` (default) to enable {security-features}. +
+
Do not set this to `false`. To disable {security-features} entirely, see
{ref}/security-settings.html[{es} security settings]. +
+
If set to `false` in `kibana.yml`, the login form, user and role management screens, and
authorization using <<kibana-privileges>> are disabled. +
+
`xpack.security.audit.enabled`::
Set to `true` to enable audit logging for security events. This is set to `false` by default.
For more details see <<xpack-security-audit-logging>>.
`xpack.security.authorization.legacyFallback`::
Set to `true` (default) to enable the legacy fallback. See <<xpack-security-authorization>>
for more details.
[float]
[[security-ui-settings]]
==== User interface security settings
You can configure the following settings in the `kibana.yml` file:
`xpack.security.cookieName`::
Sets the name of the cookie used for the session. The default value is `"sid"`.
`xpack.security.encryptionKey`::
An arbitrary string of 32 characters or more that is used to encrypt credentials
in a cookie. It is crucial that this key is not exposed to users of {kib}. By
default, a value is automatically generated in memory. If you use that default
behavior, all sessions are invalidated when {kib} restarts.
`xpack.security.secureCookies`::
Sets the `secure` flag of the session cookie. The default value is `false`. It
is set to `true` if `server.ssl.certificate` and `server.ssl.key` are set. Set
this to `true` if SSL is configured outside of {kib} (for example, you are
routing requests through a load balancer or proxy).
`xpack.security.sessionTimeout`::
Sets the session duration (in milliseconds). By default, sessions stay active
until the browser is closed. When this is set to an explicit timeout, closing the
browser still requires the user to log back in to {kib}.
Reference in a new issue View git blame Copy permalink