├── .gitattributes ├── .gitignore ├── .gitlab-ci.yml ├── .vscode └── settings.json ├── 404.md ├── Gemfile ├── Gemfile.lock ├── LICENSE ├── README.md ├── _config.yml ├── _content ├── _changelogs │ ├── changelog_kibana.md │ ├── changelog_kibana_7_x_35_0_0.md │ ├── changelog_kibana_7_x_35_0_0_beta1.md │ ├── changelog_kibana_7_x_35_0_0_rc1.md │ ├── changelog_kibana_7_x_35_1_0.md │ ├── changelog_kibana_7_x_35_2_0.md │ ├── changelog_kibana_7_x_36_0_0.md │ ├── changelog_kibana_7_x_36_1_0.md │ ├── changelog_kibana_7_x_36_2_0.md │ ├── changelog_kibana_7_x_37_0_0.md │ ├── changelog_kibana_7_x_41_0_0.md │ ├── changelog_kibana_7_x_41_1_0.md │ ├── changelog_kibana_7_x_42_0_0.md │ ├── changelog_kibana_7_x_42_1_0.md │ ├── changelog_kibana_7_x_43_0_0.md │ ├── changelog_kibana_7_x_45_0_0.md │ ├── changelog_kibana_7_x_46_0_0.md │ ├── changelog_kibana_7_x_47_0_0.md │ ├── changelog_kibana_7_x_48_0_0.md │ ├── changelog_kibana_7_x_49_0_0.md │ ├── changelog_kibana_7_x_49_1_0.md │ ├── changelog_kibana_7_x_50_0_0.md │ ├── changelog_kibana_7_x_50_1_0.md │ ├── changelog_kibana_7_x_51_0_0.md │ ├── changelog_kibana_7_x_52_0_0.md │ ├── changelog_kibana_7_x_52_1_0.md │ ├── changelog_kibana_7_x_53_0_0.md │ ├── changelog_kibana_overview.md │ ├── changelog_searchguard.md │ ├── changelog_searchguard_7_x_35_0_0.md │ ├── changelog_searchguard_7_x_35_0_0_beta1.md │ ├── changelog_searchguard_7_x_35_0_0_rc1.md │ ├── changelog_searchguard_7_x_36_0_0.md │ ├── changelog_searchguard_7_x_36_1_0.md │ ├── changelog_searchguard_7_x_37_0_0.md │ ├── changelog_searchguard_7_x_37_1_0.md │ ├── changelog_searchguard_7_x_38_0_0.md │ ├── changelog_searchguard_7_x_40_0_0.md │ ├── changelog_searchguard_7_x_41_0_0.md │ ├── changelog_searchguard_7_x_42_0_0.md │ ├── changelog_searchguard_7_x_42_1_0.md │ ├── changelog_searchguard_7_x_43_0_0.md │ ├── changelog_searchguard_7_x_45_0_0.md │ ├── changelog_searchguard_7_x_45_1_0.md │ ├── changelog_searchguard_7_x_46_0_0.md │ ├── changelog_searchguard_7_x_47_0_0.md │ ├── changelog_searchguard_7_x_48_0_0.md │ ├── changelog_searchguard_7_x_49_0_0.md │ ├── changelog_searchguard_7_x_50_0_0.md │ ├── changelog_searchguard_7_x_51_0_0.md │ ├── changelog_searchguard_7_x_52_0_0.md │ ├── changelog_searchguard_7_x_52_2_0.md │ ├── changelog_searchguard_7_x_52_3_0.md │ ├── changelog_searchguard_7_x_52_4_0.md │ ├── changelog_searchguard_7_x_52_5_0.md │ ├── changelog_searchguard_7_x_52_6_0.md │ ├── changelog_searchguard_7_x_52_7_0.md │ ├── changelog_searchguard_7_x_53_0_0.md │ ├── changelog_searchguard_7_x_53_1_0.md │ ├── changelog_searchguard_7_x_53_2_0.md │ ├── changelog_searchguard_7_x_53_3_0.md │ ├── changelog_searchguard_7_x_53_4_0.md │ ├── changelog_searchguard_7_x_53_5_0.md │ ├── changelog_searchguard_7_x_53_6_0.md │ ├── changelog_searchguard_7_x_53_8_0.md │ ├── changelog_searchguard_7_x_53_9_0.md │ ├── changelog_searchguard_7_x_bugfix_2021_07.md │ ├── changelog_searchguard_flx_1_0_0.md │ ├── changelog_searchguard_flx_1_1_0.md │ ├── changelog_searchguard_flx_1_1_1.md │ ├── changelog_searchguard_flx_1_2_0.md │ ├── changelog_searchguard_flx_1_3_0.md │ ├── changelog_searchguard_flx_1_4_0.md │ ├── changelog_searchguard_flx_1_4_1.md │ ├── changelog_searchguard_flx_1_5_0.md │ ├── changelog_searchguard_flx_1_6_0.md │ ├── changelog_searchguard_flx_2_0_0.md │ ├── changelog_searchguard_flx_3_0_0.md │ ├── changelog_searchguard_flx_3_0_1.md │ ├── changelog_searchguard_flx_3_0_2.md │ ├── changelog_searchguard_overview.md │ ├── changelog_tlstool.md │ ├── changelog_tlstool_1_1.md │ ├── changelog_tlstool_1_2.md │ ├── changelog_tlstool_1_3.md │ ├── changelog_tlstool_1_4.md │ ├── changelog_tlstool_1_5.md │ ├── changelog_tlstool_1_6.md │ ├── changelog_tlstool_1_7.md │ ├── changelog_tlstool_1_8.md │ ├── changelog_tlstool_1_9.md │ ├── changelog_tlstool_overview.md │ └── kibana_51_tenant_selection.png ├── _common │ ├── search-guard-frontmatter.png │ └── search-guard-logo.png ├── _docs_aim │ ├── actions.md │ ├── actions_allocation.md │ ├── actions_close.md │ ├── actions_delete.md │ ├── actions_force_merge.md │ ├── actions_overview.md │ ├── actions_rollover.md │ ├── actions_set_priority.md │ ├── actions_set_read_only.md │ ├── actions_set_replica_count.md │ ├── actions_snapshot.md │ ├── conditions.md │ ├── conditions_age.md │ ├── conditions_doc_count.md │ ├── conditions_overview.md │ ├── conditions_size.md │ ├── how_aim_works.md │ ├── rest_api.md │ ├── rest_api_policy_delete.md │ ├── rest_api_policy_get.md │ ├── rest_api_policy_instance_execute.md │ ├── rest_api_policy_instance_retry.md │ ├── rest_api_policy_instance_state.md │ ├── rest_api_policy_put.md │ ├── rest_api_settings_delete.md │ ├── rest_api_settings_get.md │ ├── rest_api_settings_put.md │ ├── security_integration.md │ └── settings.md ├── _docs_audit_logging │ ├── auditlogging.md │ ├── auditlogging_event_routing.md │ ├── auditlogging_external_config.md │ ├── auditlogging_fields.md │ ├── auditlogging_immutable_indices.md │ ├── auditlogging_internal_config.md │ ├── auditlogging_read_history.md │ ├── auditlogging_storage.md │ └── auditlogging_write_history.md ├── _docs_auth_auth │ ├── auth_auth_anon.md │ ├── auth_auth_clientcert.md │ ├── auth_auth_configuration.md │ ├── auth_auth_httpbasic.md │ ├── auth_auth_jwt.md │ ├── auth_auth_jwt_advanced.md │ ├── auth_auth_jwt_overview.md │ ├── auth_auth_kerberos.md │ ├── auth_auth_ldap.md │ ├── auth_auth_ldap_advanced.md │ ├── auth_auth_ldap_overview.md │ ├── auth_auth_password_based.md │ ├── auth_auth_proxy.md │ ├── auth_auth_proxy_advanced.md │ ├── auth_auth_proxy_overview.md │ ├── auth_auth_rest_config.md │ ├── auth_auth_rest_config_advanced_options.md │ ├── auth_auth_rest_config_advanced_user_mapping.md │ ├── auth_auth_rest_config_overview.md │ ├── auth_auth_sg_auth_token.md │ └── internalusers.md ├── _docs_cl │ └── cloud_lock.md ├── _docs_configuration_changes │ ├── configuration_advanced.md │ ├── configuration_config_gui.md │ ├── configuration_environment_variables.md │ ├── configuration_sgctl.md │ ├── configuration_sgctl_basics.md │ ├── configuration_sgctl_configuration_changes.md │ ├── configuration_sgctl_examples.md │ ├── configuration_sgctl_system_administration.md │ ├── configuration_sgindex.md │ ├── kibana_gui_add_index.png │ ├── kibana_gui_auth.png │ ├── kibana_gui_dlsfls.png │ ├── kibana_gui_edit_clone_delete.png │ ├── kibana_gui_filterbar.png │ ├── kibana_gui_license.png │ ├── kibana_gui_list.png │ ├── kibana_gui_main.png │ ├── kibana_gui_nav.png │ ├── kibana_gui_permissions.png │ ├── kibana_gui_reserved.png │ ├── kibana_gui_tenants.png │ ├── kibana_index_level_permissions.png │ └── search_guard_index.png ├── _docs_dls_fls │ ├── dlsfls_dls.md │ ├── dlsfls_dls_advanced.md │ ├── dlsfls_dls_index.md │ ├── dlsfls_dls_variable_substitution.md │ ├── dlsfls_field_anonymization.md │ └── dlsfls_fls.md ├── _docs_elasticstack │ ├── elasticstack_alerting.md │ ├── elasticstack_alternatives.md │ ├── elasticstack_alternatives_elastalert.md │ ├── elasticstack_crossclustersearch.md │ ├── elasticstack_logstash.md │ ├── elasticstack_machine_learning.md │ └── elasticstack_monitoring.md ├── _docs_installation │ ├── inistallation_compatibility.md │ ├── installation.md │ ├── installation_removing_searchguard.md │ ├── installation_upgrading.md │ ├── sg200_upgrade.md │ ├── sg53_migration.md │ ├── sg53_migration_feature_map.md │ ├── sg53_migration_overview.md │ ├── sg53_migration_prod.md │ ├── sg53_migration_quick.md │ ├── sg_flx_release_notes.md │ └── upgrade_to_sg8.md ├── _docs_introduction │ ├── main_concepts.md │ └── overview.md ├── _docs_kibana │ ├── Kibana_login.png │ ├── kibana.md │ ├── kibana_advanced.md │ ├── kibana_auth_exception.png │ ├── kibana_authentication.md │ ├── kibana_authentication_anonymous.md │ ├── kibana_authentication_api.md │ ├── kibana_authentication_basicauth.md │ ├── kibana_authentication_basicauth_overview.md │ ├── kibana_authentication_debug.png │ ├── kibana_authentication_jwt.md │ ├── kibana_authentication_kerberos.md │ ├── kibana_authentication_multi_auth.md │ ├── kibana_authentication_openid.md │ ├── kibana_authentication_openid_advanced_config.md │ ├── kibana_authentication_openid_overview.md │ ├── kibana_authentication_proxy.md │ ├── kibana_authentication_saml.md │ ├── kibana_authentication_saml_advanced.md │ ├── kibana_authentication_saml_overview.md │ ├── kibana_authentication_troubleshooting.md │ ├── kibana_authentication_types.md │ ├── kibana_basic_auth.png │ ├── kibana_customize_login.jpg │ ├── kibana_customize_login.md │ ├── kibana_filter_roles.png │ ├── kibana_in_iframe.md │ ├── kibana_installation.md │ ├── kibana_main_screen.png │ ├── kibana_mt_nav.png │ ├── kibana_multi_login.png │ ├── kibana_multitenancy.md │ ├── kibana_read_only.md │ ├── kibana_select_tenants.png │ ├── saml_roles_keycloak.png │ ├── saml_roles_okta.png │ ├── saml_sign_documents_keycloak.png │ ├── saml_sp_acs_okta.png │ ├── saml_sp_entity_keycloak.png │ ├── saml_sp_entity_okta.png │ └── saml_troubleshooting.md ├── _docs_other_integrations │ ├── grafana.png │ ├── grafana_basicauth.png │ ├── grafana_client_authentication.png │ ├── grafana_https.png │ ├── grafana_root_ca.png │ ├── otherintegrations_cerebro.md │ ├── otherintegrations_fluentd.md │ └── otherintegrations_grafana.md ├── _docs_quickstart │ ├── authentication_flow.png │ ├── demo_installer.md │ ├── firststeps_adding_users.md │ ├── firststeps_configuring_roles.md │ ├── firststeps_rolesmapping.md │ ├── firststeps_testing.md │ ├── guided_tour.md │ ├── kibana_access_control_indices.png │ ├── kibana_login_screen.png │ ├── manual_installation_windows.md │ ├── role_mapping_general.png │ └── rolemapping.png ├── _docs_rest_api │ ├── restapi_api.md │ ├── restapi_api_access.md │ ├── restapi_api_actiongroups.md │ ├── restapi_api_blocks.md │ ├── restapi_api_bulk.md │ ├── restapi_api_cache.md │ ├── restapi_api_internalusers.md │ ├── restapi_api_license.md │ ├── restapi_api_readonly.md │ ├── restapi_api_roles.md │ ├── restapi_api_rolesmapping.md │ └── restapi_api_tenants.md ├── _docs_roles_permissions │ ├── configuration_action_groups.md │ ├── configuration_advanced_overview.md │ ├── configuration_demo_users_roles.md │ ├── configuration_impersonation.md │ ├── configuration_roles_mapping.md │ ├── configuration_roles_mapping_modes.md │ ├── configuration_roles_permissions.md │ ├── configuration_roles_permissions_2x.md │ ├── configuration_snapshots.md │ └── runtime_privilege_evaluation.md ├── _docs_signals │ ├── accounts.md │ ├── actions.md │ ├── actions_email.md │ ├── actions_index.md │ ├── actions_jira.md │ ├── actions_overview.md │ ├── actions_pagerduty.md │ ├── actions_slack.md │ ├── actions_webhook.md │ ├── administration.md │ ├── advanced_topics │ ├── advanced_topics_watch_overview.md │ ├── conditions.md │ ├── context_checks.md │ ├── getting_started.md │ ├── how_it_works.md │ ├── inputs.md │ ├── inputs_elasticsearch.md │ ├── inputs_http.md │ ├── inputs_overview.md │ ├── inputs_static.md │ ├── proxies.md │ ├── rest_api.md │ ├── rest_api_account_delete.md │ ├── rest_api_account_get.md │ ├── rest_api_account_put.md │ ├── rest_api_account_search.md │ ├── rest_api_admin_activate.md │ ├── rest_api_convert_es.md │ ├── rest_api_overview.md │ ├── rest_api_proxy_create_or_replace.md │ ├── rest_api_proxy_delete.md │ ├── rest_api_proxy_get_all.md │ ├── rest_api_proxy_get_one.md │ ├── rest_api_settings_get.md │ ├── rest_api_settings_put.md │ ├── rest_api_tenant_activate.md │ ├── rest_api_trust_store_create_or_replace.md │ ├── rest_api_trust_store_delete.md │ ├── rest_api_trust_store_get_all.md │ ├── rest_api_trust_store_get_one.md │ ├── rest_api_watch_acknowledge.md │ ├── rest_api_watch_acknowledge_and_get.md │ ├── rest_api_watch_activate.md │ ├── rest_api_watch_delete.md │ ├── rest_api_watch_execute.md │ ├── rest_api_watch_get.md │ ├── rest_api_watch_put.md │ ├── rest_api_watch_search.md │ ├── rest_api_watch_state.md │ ├── rest_api_watch_state_search.md │ ├── rest_api_watch_unacknowledge.md │ ├── rest_api_watch_unacknowledge_and_get.md │ ├── runtime_context.png │ ├── sample_watches.md │ ├── scripting.md │ ├── security.md │ ├── security_execution_context.md │ ├── security_indices.md │ ├── security_multitenancy.md │ ├── security_overview.md │ ├── security_permissions.md │ ├── severity.md │ ├── status_logging.md │ ├── throttling.md │ ├── transformations.md │ ├── transformations_calculations.md │ ├── transformations_overview.md │ ├── transformations_transformations.md │ ├── triggers.md │ ├── triggers_overview.md │ ├── triggers_schedule.md │ ├── triggers_timezones.md │ ├── truststores.md │ └── watch_anatomy.png ├── _docs_systemintegrators │ ├── systemintegrators_inter_cluster_evaluator.md │ ├── systemintegrators_principal_extractor.md │ ├── systemintegrators_snapshot_restore_searchguard_index.md │ ├── systemintegrators_ssl_context.md │ └── systemintegrators_ssl_only.md ├── _docs_tls │ ├── tls_certificate_revocation.md │ ├── tls_certificates_production.md │ ├── tls_configuration.md │ ├── tls_generate_certificates.md │ ├── tls_generate_installation_script.md │ ├── tls_generate_tlstool.md │ └── tls_hot_reload.md ├── _docs_versions │ ├── config_environment_variables.png │ ├── versions_academic.md │ ├── versions_community.md │ ├── versions_enterprise.md │ ├── versions_eol.md │ ├── versions_oem.md │ └── versions_versionmatrix.md ├── _howto │ ├── addendum_a_configuration_examples.md │ ├── addendum_b_permission_settings_examples.md │ └── addendum_c_tls_primer.md ├── _resources │ ├── elasticsearch_active_directory_ldap.png │ ├── elasticsearch_auditlogging.png │ ├── elasticsearch_json_web_tokens.png │ ├── elasticsearch_search_guard_document_field_level_security.png │ ├── search_guard_architecture_request_flow.png │ ├── search_guard_configuration_basics.png │ ├── search_guard_installation.png │ └── zero_trusted_networks.png └── _troubleshooting │ ├── kibana_config_mismatch.png │ ├── kibana_mt_disabled.png │ ├── kibana_multitenancy_troubleshooting.md │ ├── kibana_troubleshooting.md │ ├── logging_troubleshooting.md │ ├── permissions_troubleshooting.md │ ├── tls_troubleshooting.md │ └── user_roles_troubleshooting.md ├── _diagrams ├── config_environment_variables.drawio ├── config_environment_variables.png ├── role_mapping_general.png ├── rolemapping.drawio ├── rolemapping.png ├── rolemapping_general.drawio ├── search_guard_index.drawio └── search_guard_index.png ├── _includes ├── additional_resources.html ├── additional_resources_search.html ├── beta_warning.html ├── contact_us.html ├── es8_migration_note.html ├── footer.html ├── html_head.html ├── left_nav_changelogs.html ├── left_nav_docs.html ├── left_nav_items.html ├── left_nav_items_anchors.html ├── left_nav_recommendations_docs.html ├── left_nav_resources.html ├── left_nav_search.html ├── left_nav_troubleshooting.html ├── main_nav_items.html ├── main_nav_items_flat.html ├── main_navigation.html ├── scripts.html ├── sgversions.html ├── sgversions_classic.html ├── sgversions_demo.html ├── signalsversions.html ├── toc.md └── version.html ├── _layouts ├── changelogs.html ├── docs.html ├── resources.html ├── search.html ├── troubleshooting.html └── versionmatrix.html ├── _plugins └── search.rb ├── _versions.yml ├── build_releasenotes.rb ├── css ├── main.scss └── prism.scss ├── fonts ├── FontAwesome.otf ├── Pe-icon-7-stroke.eot ├── Pe-icon-7-stroke.svg ├── Pe-icon-7-stroke.ttf ├── Pe-icon-7-stroke.woff ├── fontawesome-webfont.eot ├── fontawesome-webfont.svg ├── fontawesome-webfont.ttf ├── fontawesome-webfont.woff └── fontawesome-webfont.woff2 ├── img └── logos │ ├── SG_Fav-114px.png │ ├── SG_Fav-144px.png │ ├── SG_Fav-172px.png │ ├── SG_Fav-32px.png │ ├── SG_Fav-57px.png │ ├── SG_Helmet_Blue.svg │ ├── SG_Helmet_White.svg │ ├── SG_Logo_white_2_lines.svg │ ├── apple-touch-icon.png │ ├── favicon-96x96.png │ ├── favicon.ico │ ├── favicon.svg │ ├── logo-white.svg │ ├── search-guard-frontmatter.png │ ├── search-guard-frontmatter.svg │ ├── search-guard-logo.png │ ├── search-guard-social.png │ ├── web-app-manifest-192x192.png │ └── web-app-manifest-512x512.png ├── index.md ├── js ├── all.js ├── custom.js ├── modernizr.js ├── prism.js └── prism_yaml.js ├── manifest.json ├── merge_all.sh ├── run_local.sh ├── sass ├── _rest.scss ├── _sg.scss ├── _sg_accordeon.scss ├── _sg_book_downloads.scss ├── _sg_code.scss ├── _sg_edition_buttons.scss ├── _sg_header_footer.scss ├── _sg_media_selectors.scss ├── _sg_navigation.scss ├── _sg_notes.scss ├── _sg_search.scss ├── _sg_tables.scss ├── _sg_toc.scss ├── backgrounds.scss ├── blog.scss ├── box.scss ├── browser.scss ├── button.scss ├── category.scss ├── categoryinfo.scss ├── changelog.scss ├── codehighlight.scss ├── colors.scss ├── columnfill.scss ├── contacts.scss ├── custom.scss ├── faq.scss ├── filetree.scss ├── font-awesome.min.scss ├── fonts.scss ├── footer.scss ├── forms.scss ├── general.scss ├── grid.scss ├── gridview.scss ├── header.scss ├── image.scss ├── info.scss ├── languages.scss ├── layout.scss ├── listview.scss ├── login_signup.scss ├── logo.scss ├── menu.scss ├── modal.scss ├── navigation.scss ├── normalize.scss ├── note.scss ├── notification.scss ├── number.scss ├── onepage.scss ├── pageinfo.scss ├── panels.scss ├── preloader.scss ├── promotitle.scss ├── rotator.scss ├── search.scss ├── skills.scss ├── social.scss ├── steps.scss ├── table.scss ├── tabs.scss ├── tags.scss ├── text.scss └── video.scss ├── search.md └── sitemap.xml /.gitattributes: -------------------------------------------------------------------------------- 1 | circleci/config.yml merge=ours 2 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | /_site 2 | .sass-cache 3 | /.idea/ 4 | .jekyll-cache 5 | /vendor/ 6 | .jekyll-metadata -------------------------------------------------------------------------------- /.vscode/settings.json: -------------------------------------------------------------------------------- 1 | { 2 | "cSpell.words": [ 3 | "anonymization", 4 | "authc", 5 | "floragunn", 6 | "frontends", 7 | "JWKS", 8 | "OIDC", 9 | "searchguard", 10 | "sgctl" 11 | ] 12 | } -------------------------------------------------------------------------------- /404.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Search Guard Documentation 404 3 | slug: search-guard-docs-404 4 | layout: docs 5 | description: Seems like the page you are looking for does not exist. We deeply and humbly apologize. 6 | index: false 7 | showsearch: true 8 | 9 | --- 10 | 11 | 12 | 13 |

14 | Search Guard - Security for Elasticsearch 15 |

16 | 17 |
18 | 19 |

Page not found

20 | 21 |

We apologize deeply and humbly. But the page you are looking for does not exists.

22 | 23 |

You maybe want to check out the following links instead

24 | 25 | * [Quick Start](demo-installer) 26 | * [Latest versions](search-guard-versions) 27 | * [Installation](search-guard-installation) 28 | * [Main Concepts](main-concepts) 29 | 30 | 31 | -------------------------------------------------------------------------------- /Gemfile: -------------------------------------------------------------------------------- 1 | source 'https://rubygems.org' 2 | 3 | gem 'jekyll', "4.2.0" 4 | gem 'jekyll-relative-links' 5 | gem 'webrick' 6 | 7 | group :jekyll_plugins do 8 | gem 'algoliasearch-jekyll', '~> 0.9.0' 9 | end 10 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Copyright 2016-2021 floragunn GmbH -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | 4 | 5 | # We moved 6 | 7 | We moved from GitHub to GitLab. 8 | 9 | Please find our repositories here: 10 | https://git.floragunn.com/explore/projects 11 | 12 | This repository is mirrored to GitHub. 13 | 14 | Pull requests and issues are accepted on GitHub as well as on GitLab (we prefer [Gitlab](https://git.floragunn.com)). 15 | 16 | # Search Guard 7.x Documentation 17 | 18 | This is the master branch of the official Search Guard 7.x documentation. 19 | 20 | The latest online version version can be found here: 21 | 22 | [Search Guard Documentation](https://docs.search-guard.com/latest/) 23 | 24 | ## Contributions welcome! 25 | 26 | If you find any errors or want to make improvements, please feel free to fork this repository and issue pull requests. Please use the 6.x branch for that. 27 | 28 | Search Guard is a trademark of floragunn GmbH, registered in the U.S. and in other countries 29 | 30 | Elasticsearch, Kibana, Logstash, and Beats are trademarks of Elasticsearch BV, registered in the U.S. and in other countries. 31 | 32 | Copyright 2016-2018 floragunn GmbH -------------------------------------------------------------------------------- /_content/_changelogs/changelog_kibana.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Kibana 3 | permalink: changelogs-kibana-main 4 | category: changelogs 5 | subcategory: changelogs-kibana 6 | order: 200 7 | layout: changelogs 8 | description: Changelog for the Search Guard Kibana Plugin 9 | index: false 10 | sitemap: false 11 | 12 | --- 13 | 14 | -------------------------------------------------------------------------------- /_content/_changelogs/changelog_kibana_7_x_35_0_0.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Kibana 7.x-35.0.0 3 | permalink: changelog-kibana-7x-35_0_0 4 | category: changelogs-kibana 5 | order: 950 6 | layout: changelogs 7 | description: Changelog for the Search Guard Kibana Plugin 7.x-35.0.0 8 | --- 9 | 10 | 13 | 14 | # Search Guard Kibana Plugin 7.x-35.0.0 15 | 16 | **Release Date: 07.05.2019** 17 | 18 | * [Upgrade Guide from 6.x to 7.x](../_docs_installation/installation_upgrading_6_7.md) 19 | 20 | ## Changes 21 | 22 | * This is a compatibility release for 7.0.1 and Search Guard 7.x-35.0.0 which does not add new features 23 | 24 | ### Fix 25 | 26 | Fix an issue with regards to Kibana Multi-Tenancy when upgrading from Elasticsearch 6. After upgrading the cluster the first attempt to start Kibana 7 may have failed with an "index template missing exception" error message. -------------------------------------------------------------------------------- /_content/_changelogs/changelog_kibana_7_x_35_0_0_beta1.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Kibana 7.x-35.0.0-beta1 3 | permalink: changelog-kibana-7x-35_0_0_beta1 4 | category: changelogs-kibana 5 | order: 1000 6 | layout: changelogs 7 | description: Changelog for the Search Guard Kibana Plugin 7.x-35.0.0-beta1 8 | --- 9 | 10 | 13 | 14 | # Search Guard Kibana Plugin 7.x-35.0.0-beta1 15 | 16 | **Release Date: 15.04.2019** 17 | 18 | * [Upgrade Guide from 6.x to 7.x](../_docs_installation/installation_upgrading_6_7.md) 19 | 20 | ## Changes 21 | 22 | * This is a compatibility release for 7.0.0 and Search Guard 7.x-35.0.0-beta1 which does not add new features or fixes 23 | 24 | -------------------------------------------------------------------------------- /_content/_changelogs/changelog_kibana_7_x_35_0_0_rc1.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Kibana 7.x-35.0.0-rc1 3 | permalink: changelog-kibana-7x-35_0_0_rc1 4 | category: changelogs-kibana 5 | order: 990 6 | layout: changelogs 7 | description: Changelog for the Search Guard Kibana Plugin 7.x-35.0.0-rc1 8 | --- 9 | 10 | 13 | 14 | # Search Guard Kibana Plugin 7.x-35.0.0-rc1 15 | 16 | **Release Date: 30.04.2019** 17 | 18 | * [Upgrade Guide from 6.x to 7.x](../_docs_installation/installation_upgrading_6_7.md) 19 | 20 | ## Changes 21 | 22 | * This is a compatibility release for 7.0.0 and Search Guard 7.x-35.0.0-rc1 which does not add new features or fixes -------------------------------------------------------------------------------- /_content/_changelogs/changelog_kibana_7_x_35_2_0.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Kibana 7.x-35.2.0 3 | permalink: changelog-kibana-7x-35_2_0 4 | category: changelogs-kibana 5 | order: 800 6 | layout: changelogs 7 | description: Changelog for the Search Guard Kibana Plugin 7.x-35.2.0 8 | --- 9 | 10 | 13 | 14 | # Search Guard Kibana Plugin 7.x-35.2.0 15 | 16 | **Release Date: 21.06.2019** 17 | 18 | * [Upgrade Guide from 6.x to 7.x](../_docs_installation/installation_upgrading_6_7.md) 19 | 20 | ## Security Fixes 21 | 22 | n/a 23 | 24 | ## Fixes 25 | 26 | * Fixed bug when saving a new tenant 27 | * [PR #226](https://github.com/floragunncom/search-guard-kibana-plugin/pull/226){:target="_blank"} 28 | 29 | ## Features 30 | 31 | n/a -------------------------------------------------------------------------------- /_content/_changelogs/changelog_kibana_7_x_36_0_0.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Kibana 7.x-36.0.0 3 | permalink: changelog-kibana-7x-36_0_0 4 | category: changelogs-kibana 5 | order: 770 6 | layout: changelogs 7 | description: Changelog for the Search Guard Kibana Plugin 7.x-36.0.0 8 | --- 9 | 10 | 13 | 14 | # Search Guard Kibana Plugin 7.x-36.0.0 15 | 16 | **Release Date: 23.07.2019** 17 | 18 | * [Upgrade Guide from 6.x to 7.x](../_docs_installation/installation_upgrading_6_7.md) 19 | 20 | ## Security Fixes 21 | 22 | n/a 23 | 24 | ## Fixes 25 | 26 | * Fixed an issue with index migrations when the internal Kibana server user is not configured to use HTTP Basic Authentication 27 | * [PR #260: Call tenantinfo with InternalUser](https://github.com/floragunncom/search-guard-kibana-plugin/pull/260){:target="_blank"} 28 | 29 | * Fixed an issue where Multi-Tenancy would not work correctly when user impersonation was used 30 | * [PR #260: Handle user impersonation settings](https://github.com/floragunncom/search-guard-kibana-plugin/pull/227){:target="_blank"} 31 | 32 | 33 | ## Features 34 | 35 | * Introduced a new Search Guard Configuration UI based on React and eui 36 | -------------------------------------------------------------------------------- /_content/_changelogs/changelog_kibana_7_x_36_1_0.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Kibana 7.x-36.1.0 3 | permalink: changelog-kibana-7x-36_1_0 4 | category: changelogs-kibana 5 | order: 760 6 | layout: changelogs 7 | description: Changelog for the Search Guard Kibana Plugin 7.x-36.1.0 8 | --- 9 | 10 | 13 | 14 | # Search Guard Kibana Plugin 7.x-36.1.0 15 | 16 | **Release Date: 03.09.2019** 17 | 18 | * [Upgrade Guide from 6.x to 7.x](../_docs_installation/installation_upgrading_6_7.md) 19 | 20 | ## Security Fixes 21 | 22 | * Issue a warning and refuse to start if `alwaysPresentCertificate` is set true **and** the Kibana server user is configured to use client TLS certificate authentication. In this scenario, a regular user can gain the privileges of the Kibana server user, 23 | * [PR #268: ITT-1814 - Warn if DNFOF is false ](https://github.com/floragunncom/search-guard-kibana-plugin/pull/268){:target="_blank"} 24 | 25 | ## Fixes 26 | 27 | * Fixed an issue with proxy cache authentication where the session was not cleared correctly after expiration 28 | * [PR #281: ITT-2389 - Clear session error](https://github.com/floragunncom/search-guard-kibana-plugin/pull/281){:target="_blank"} 29 | 30 | * Issue a warning if "do not fail on forbidden" is set to false. Kibana requires this feature to run correctly 31 | * [PR #268: ITT-1814 - Warn if DNFOF is false ](https://github.com/floragunncom/search-guard-kibana-plugin/pull/268){:target="_blank"} 32 | 33 | ## Features 34 | 35 | n/a 36 | -------------------------------------------------------------------------------- /_content/_changelogs/changelog_kibana_7_x_36_2_0.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Kibana 7.x-36.2.0 3 | permalink: changelog-kibana-7x-36_2_0 4 | category: changelogs-kibana 5 | order: 750 6 | layout: changelogs 7 | description: Changelog for the Search Guard Kibana Plugin 7.x-36.2.0 8 | --- 9 | 10 | 13 | 14 | # Search Guard Kibana Plugin 7.x-36.2.0 15 | 16 | **Release Date: 03.10.2019** 17 | 18 | * [Upgrade Guide from 6.x to 7.x](../_docs_installation/installation_upgrading_6_7.md) 19 | 20 | ## Security Fixes 21 | 22 | * Avoid Cacheable SSL Page [#PR 301](https://git.floragunn.com/search-guard/search-guard-kibana-plugin/merge_requests/301){:target="_blank"} 23 | * Avoid Internal IP Disclosure Pattern [#PR 299](https://git.floragunn.com/search-guard/search-guard-kibana-plugin/merge_requests/299){:target="_blank"} 24 | 25 | ## Fixes 26 | 27 | n/a 28 | 29 | ## Features 30 | 31 | n/a 32 | -------------------------------------------------------------------------------- /_content/_changelogs/changelog_kibana_7_x_37_0_0.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Kibana 7.x-37.0.0 3 | permalink: changelog-kibana-7x-37_0_0 4 | category: changelogs-kibana 5 | order: 720 6 | layout: changelogs 7 | description: Changelog for the Search Guard Kibana Plugin 7.x-37.0.0 8 | --- 9 | 10 | 13 | 14 | # Search Guard Kibana Plugin 7.x-37.0.0 15 | 16 | **Release Date: 11.12.2019** 17 | 18 | * [Upgrade Guide from 6.x to 7.x](../_docs_installation/installation_upgrading_6_7.md) 19 | 20 | ## Security Fixes 21 | 22 | n/a 23 | 24 | ## Features 25 | 26 | * Configurable cookie names [#PR 306](https://git.floragunn.com/search-guard/search-guard-kibana-plugin/merge_requests/306){:target="_blank"} 27 | * Redirect after tenant switch should take base path into account [#PR 361](https://git.floragunn.com/search-guard/search-guard-kibana-plugin/merge_requests/361){:target="_blank"} 28 | * Add option for allowed_usernames - whitelist users [#PR 362](https://git.floragunn.com/search-guard/search-guard-kibana-plugin/merge_requests/362){:target="_blank"} 29 | * Remove invalid cookies after a 401 Unauthorized for basic auth [#PR 357](https://git.floragunn.com/search-guard/search-guard-kibana-plugin/merge_requests/357){:target="_blank"} 30 | * Consolidate check for null in array values 31 | 32 | * Local error message for internal users 33 | * Redirect after tenant switch should take base path into account 34 | * Handle an index with undefined mappings correctly while converting mappings into fields 35 | -------------------------------------------------------------------------------- /_content/_changelogs/changelog_kibana_7_x_41_1_0.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Kibana 7.x-41.1.0 3 | permalink: changelog-kibana-7x-41_1_0 4 | category: changelogs-kibana 5 | order: 510 6 | layout: changelogs 7 | description: Changelog for Kibana 7.x-41.1.0 8 | --- 9 | 10 | 11 | 12 | **Release Date: 01.06.2020** 13 | 14 | * [Upgrade Guide from 6.x to 7.x](../_docs_installation/installation_upgrading_6_7.md) 15 | 16 | ## Bug Fixes 17 | 18 | ### Search Guard Kibana Plugin Core 19 | 20 | * Fixed an issue where the Spaces selector gets stuck in loading state 21 | * This happens when a user selects a named tenant (i.e not the global tenant) and afterwards creates a new Space 22 |

23 | 24 | 25 | ### Kibana Authentication and Multi-Tenancy 26 | 27 | * Fix incorrect warning on tenant page 28 | * The page for selecting the active tenant would show a bogus warning if the user does not have administration privileges. 29 |

-------------------------------------------------------------------------------- /_content/_changelogs/changelog_kibana_7_x_42_1_0.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Kibana 7.x-42.1.0 3 | permalink: changelog-kibana-7x-42_1_0 4 | category: changelogs-kibana 5 | order: 490 6 | layout: changelogs 7 | description: Changelog for Kibana 7.x-42.1.0 8 | --- 9 | 10 | 11 | 12 | **Release Date: 06.07.2020** 13 | 14 | * [Upgrade Guide from 6.x to 7.x](../_docs_installation/installation_upgrading_6_7.md) 15 | 16 | -------------------------------------------------------------------------------- /_content/_changelogs/changelog_kibana_7_x_43_0_0.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Kibana 7.x-43.0.0 3 | permalink: changelog-kibana-7x-43_0_0 4 | category: changelogs-kibana 5 | order: 400 6 | layout: changelogs 7 | description: Changelog for Kibana 7.x-43.0.0 8 | --- 9 | 10 | 11 | 12 | **Release Date: 06.07.2020** 13 | 14 | * [Upgrade Guide from 6.x to 7.x](../_docs_installation/installation_upgrading_6_7.md) 15 | 16 | ## Improvements 17 | 18 | 19 | 20 | ### Signals UI 21 | 22 | * Improved the watch Blocks mode UI. 23 |

24 | * Added Blocks UI for action checks for a watch in the Blocks mode. 25 |

26 | 27 | 28 | ### Search Guard UI 29 | 30 | * Improved error message when uploading a license that isn't valid. 31 |

32 | 33 | 34 | ## Bug Fixes 35 | 36 | 37 | 38 | ### Kibana Authentication and Multi-Tenancy 39 | 40 | * Added a configuration option `searchguard.auth.disable_authinfo_cache` to disable caching of the current user's auth info. Useful when the size of the authinfo response is too large to store in a cookie. 41 |

42 | * Since SG 42, using Kibana with a non-default tenant could show the error `No index-level perm match for User ... Action [indices:data/read/mget[shard]]`. This would only happen if the corresponding `.kibana` index went through migration at least once. 43 |

44 | * Fixed a regression where the tenant query parameter wasn't always respected, for example when using a short link generated in Kibana. 45 |

46 | 47 | 48 | -------------------------------------------------------------------------------- /_content/_changelogs/changelog_kibana_7_x_45_0_0.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Kibana 7.x-45.0.0 3 | permalink: changelog-kibana-7x-45_0_0 4 | category: changelogs-kibana 5 | order: 200 6 | layout: changelogs 7 | description: Changelog for Kibana 7.x-45.0.0 8 | --- 9 | 10 | 11 | 12 | **Release Date: 01.09.2020** 13 | 14 | * [Upgrade Guide from 6.x to 7.x](../_docs_installation/installation_upgrading_6_7.md) 15 | 16 | ## Bug Fixes 17 | 18 | 19 | 20 | ### Signals UI 21 | 22 | * Severity level definition form was broken in graph mode. Fixed. 23 |

24 | 25 | 26 | -------------------------------------------------------------------------------- /_content/_changelogs/changelog_kibana_7_x_46_0_0.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Kibana 7.x-46.0.0 3 | permalink: changelog-kibana-7x-46_0_0 4 | category: changelogs-kibana 5 | order: 100 6 | layout: changelogs 7 | description: Changelog for Kibana 7.x-46.0.0 8 | --- 9 | 10 | 11 | 12 | **Release Date: 06.10.2020** 13 | 14 | * [Upgrade Guide from 6.x to 7.x](../_docs_installation/installation_upgrading_6_7.md) 15 | 16 | ## Bug Fixes 17 | 18 | 19 | ### Kibana Authentication and Multi-Tenancy 20 | 21 | * Fixed read only mode for React based apps. 22 |

23 | * When being redirected to the login page after a session timeout, the base path would not always be used correctly. Fixed. 24 |

25 | 26 | 27 | ### Search Guard Kibana Plugin Core 28 | 29 | * No longer caches tenant data in the browser cookie, as this led to unexpected behavior when working with tenants, e.g., inability to select tenants added via API, inability to store a large amount of tenants' data due to the cookie size limit. 30 |

31 | 32 | 33 | -------------------------------------------------------------------------------- /_content/_changelogs/changelog_kibana_7_x_47_0_0.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Kibana 7.x-47.0.0 3 | permalink: changelog-kibana-7x-47_0_0 4 | category: changelogs-kibana 5 | order: 0 6 | layout: changelogs 7 | description: Changelog for Kibana 7.x-47.0.0 8 | --- 9 | 10 | 11 | 12 | **Release Date: 10.11.2020** 13 | 14 | * [Upgrade Guide from 6.x to 7.x](../_docs_installation/installation_upgrading_6_7.md) 15 | 16 | -------------------------------------------------------------------------------- /_content/_changelogs/changelog_kibana_7_x_50_1_0.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Kibana 7.x-50.1.0 3 | permalink: changelog-kibana-7x-50_1_0 4 | category: changelogs-kibana 5 | order: -310 6 | layout: changelogs 7 | description: Changelog for Kibana 7.x-50.1.0 8 | --- 9 | 10 | 11 | 12 | 13 | # Search Guard Kibana Plugin 50.1 14 | 15 | **Release Date: 2021-03-26** 16 | 17 | This is a bugfix release for the Search Guard Kibana plugin. It fixes two major issues of the Search Guard Kibana Plugin 50.0 which occurred only in specific setups. If you are using such setups with the Search Guard Kibana plugin 50.0, then upgrading is strongly recommended. 18 | 19 | See below for details. 20 | 21 | ## Bugfix for setups where Multi-Tenancy is disabled 22 | 23 | This fixes a bug that prevented Kibana pages from working properly if multi-tenancy in Search Guard is disabled and Kibana Spaces is enabled. 24 | 25 | Details: 26 | 27 | * [Issue](https://git.floragunn.com/search-guard/search-guard-kibana-plugin/-/issues/351) 28 | * [Merge request](https://git.floragunn.com/search-guard/search-guard-kibana-plugin/-/merge_requests/695) 29 | 30 | ## Bugfix for anonymous user authentication in Kibana 31 | 32 | This fixes a bug that prevented Kibana pages from working properly for the anonymous user setup. 33 | 34 | Details: 35 | 36 | * [Issue](https://git.floragunn.com/search-guard/search-guard-kibana-plugin/-/issues/349) 37 | * [Merge request](https://git.floragunn.com/search-guard/search-guard-kibana-plugin/-/merge_requests/694) 38 | -------------------------------------------------------------------------------- /_content/_changelogs/changelog_kibana_7_x_52_1_0.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Kibana 7.x-52.1.0 3 | permalink: changelog-kibana-7x-52_1_0 4 | category: changelogs-kibana 5 | order: -340 6 | layout: changelogs 7 | description: Changelog for Kibana 7.x-52.1.0 8 | --- 9 | 10 | 11 | 12 | 13 | # Search Guard Kibana Plugin 52.1 14 | 15 | **Release Date: 2021-11-15** 16 | 17 | ## Bug Fixes 18 | 19 | ### Kibana Saved Object Migraton 20 | 21 | When updating Kibana from 7.11.x to 7.13.x, 7.14.x, there could be an error similar to the following during the Kibana startup process: 22 | 23 | ``` 24 | Unable to fulfill migration for index .kibana_..., TypeError: Cannot read property 'getValueInBytes' of undefined 25 | ``` 26 | 27 | This bugfix release fixes that problem; saved object migrations will now run again without an error. 28 | 29 | The bugfix requires that also the Search Guard Elasticsearch Plugin 52.4.0 is installed. 30 | 31 | Details: 32 | 33 | - [Issue](https://git.floragunn.com/search-guard/search-guard-kibana-plugin/-/issues/382) 34 | - [Merge Request](https://git.floragunn.com/search-guard/search-guard-kibana-plugin/-/merge_requests/755) 35 | -------------------------------------------------------------------------------- /_content/_changelogs/changelog_searchguard.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Search Guard 3 | permalink: changelogs-searchguard-main 4 | category: changelogs 5 | subcategory: changelogs-searchguard 6 | order: 100 7 | layout: changelogs 8 | description: Changelog for the Search Guard and Search Guard SSL 9 | index: false 10 | sitemap: false 11 | --- 12 | 13 | -------------------------------------------------------------------------------- /_content/_changelogs/changelog_searchguard_7_x_35_0_0_beta1.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Search Guard 7.x-35.0.0-beta1 3 | permalink: changelog-searchguard-7-x-35_0_0_beta1 4 | category: changelogs-searchguard 5 | order: 1000 6 | layout: changelogs 7 | description: Changelog for Search Guard 7.x-35.0.0-beta1 8 | --- 9 | 10 | 13 | 14 | # Changelog for Search Guard 7.x-35.0.0-beta1 15 | 16 | **Release Date: 15.04.2019** 17 | 18 | * [Upgrade Guide from 6.x to 7.x](../_docs_installation/installation_upgrading_6_7.md) 19 | 20 | ## Changes 21 | 22 | * This is a compatibility release for 7.0.0 which does not add new features or fixes -------------------------------------------------------------------------------- /_content/_changelogs/changelog_searchguard_7_x_36_1_0.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Search Guard 7.x-36.1.0 3 | permalink: changelog-searchguard-7x-36_1_0 4 | category: changelogs-searchguard 5 | order: 820 6 | layout: changelogs 7 | description: Changelog for Search Guard 7.x-36.1.0 8 | --- 9 | 10 | 11 | 12 | # Changelog for Search Guard 7.x-36.1.0 13 | 14 | **Release Date: 19.08.2019** 15 | 16 | * [Upgrade Guide from 6.x to 7.x](../_docs_installation/installation_upgrading_6_7.md) 17 | 18 | ## Security Fixes 19 | 20 | n/a 21 | 22 | ## Fixes 23 | 24 | * Fix ldap connection leak [#704](https://github.com/floragunncom/search-guard/issues/704){:target="_blank"} ([#56](https://github.com/floragunncom/search-guard-enterprise-modules/pull/56){:target="_blank"}) 25 | 26 | * Fix FLS exists query on fields without norms and doc values [#55](https://github.com/floragunncom/search-guard-enterprise-modules/pull/55){:target="_blank"} -------------------------------------------------------------------------------- /_content/_changelogs/changelog_searchguard_7_x_37_0_0.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Search Guard 7.x-37.0.0 3 | permalink: changelog-searchguard-7x-37_0_0 4 | category: changelogs-searchguard 5 | order: 800 6 | layout: changelogs 7 | description: Changelog for Search Guard 7.x-37.0.0 8 | --- 9 | 10 | 11 | 12 | # Changelog for Search Guard 7.x-37.0.0 13 | 14 | **Release Date: 25.09.2019** 15 | 16 | * [Upgrade Guide from 6.x to 7.x](../_docs_installation/installation_upgrading_6_7.md) 17 | 18 | ## Changes 19 | 20 | See [https://search-guard.com/search-guard-new-versions/](https://search-guard.com/search-guard-new-versions/) 21 | -------------------------------------------------------------------------------- /_content/_changelogs/changelog_searchguard_7_x_37_1_0.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Search Guard 7.x-37.1.0 3 | permalink: changelog-searchguard-7x-37_1_0 4 | category: changelogs-searchguard 5 | order: 750 6 | layout: changelogs 7 | description: Changelog for Search Guard 7.x-37.1.0 8 | --- 9 | 10 | 11 | 12 | # Changelog for Search Guard 7.x-37.1.0 13 | 14 | **Release Date: 04.10.2019** 15 | 16 | * [Upgrade Guide from 6.x to 7.x](../_docs_installation/installation_upgrading_6_7.md) 17 | 18 | ## Security Fixes 19 | 20 | n/a 21 | 22 | ## Fixes 23 | 24 | * Broaden cluster monitoring permissions for compatibility with X-Pack Basic features -------------------------------------------------------------------------------- /_content/_changelogs/changelog_searchguard_7_x_38_0_0.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Search Guard 7.x-38.0.0 3 | permalink: changelog-searchguard-7x-38_0_0 4 | category: changelogs-searchguard 5 | order: 700 6 | layout: changelogs 7 | description: Changelog for Search Guard 7.x-38.0.0 8 | --- 9 | 10 | 11 | 12 | # Changelog for Search Guard 7.x-38.0.0 13 | 14 | **Release Date: 24.12.2019** 15 | 16 | * [Upgrade Guide from 6.x to 7.x](../_docs_installation/installation_upgrading_6_7.md) 17 | 18 | ## Security Fixes 19 | 20 | n/a 21 | 22 | ## Features 23 | 24 | * Add Proxy2 auth module which provides support for client cert trust and additional attributes 25 | 26 | ## Fixes 27 | 28 | * Trigger AuditLog when immutable index access attempted 29 | * [BREAKING] HTTP return code changed from 409 to 403 when access to immutable index is attempted 30 | 31 | 32 | 33 | -------------------------------------------------------------------------------- /_content/_changelogs/changelog_searchguard_7_x_42_1_0.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Search Guard 7.x-42.1.0 3 | permalink: changelog-searchguard-7x-42_1_0 4 | category: changelogs-searchguard 5 | order: 490 6 | layout: changelogs 7 | description: Changelog for Search Guard 7.x-42.1.0 8 | --- 9 | 10 | # Changelog for Search Guard 7.x-42.1.0 11 | 12 | 13 | 14 | **Release Date: 06.07.2020** 15 | 16 | * [Upgrade Guide from 6.x to 7.x](../_docs_installation/installation_upgrading_6_7.md) 17 | 18 | ## Bug Fixes 19 | 20 | 21 | 22 | ### Authentication / Authorisation 23 | 24 | * Fixed permission problem where LDAP authentication could fail with `java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "accessClassInPackage.com.sun.jndi.ldap.ext")`. 25 |

26 | 27 | 28 | ### Multi-Tenancy 29 | 30 | * Since SG 42, using Kibana with a non-default tenant could show the error `No index-level perm match for User ... Action [indices:data/read/mget[shard]]`. This would only happen if the corresponding `.kibana` index went through migration at least once. 31 |

32 | 33 | 34 | -------------------------------------------------------------------------------- /_content/_changelogs/changelog_searchguard_7_x_45_1_0.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Search Guard 7.x-45.1.0 3 | permalink: changelog-searchguard-7x-45_1_0 4 | category: changelogs-searchguard 5 | order: 190 6 | layout: changelogs 7 | description: Changelog for Search Guard 7.x-45.1.0 8 | --- 9 | 10 | 11 | 12 | **Release Date: 10.09.2020** 13 | 14 | * [Upgrade Guide from 6.x to 7.x](../_docs_installation/installation_upgrading_6_7.md) 15 | 16 | ## Bug Fixes 17 | 18 | 19 | 20 | ### Search Guard Core 21 | 22 | * Incoming requests with an `X-Opaque-Id` header would fail. Fixed. 23 |

24 | 25 | ### Kibana Search Guard Integration 26 | 27 | * Creating index patterns with Kibana 7.9.1 and Search Guard 45.0.0 was not possible. Fixed. 28 |

29 | 30 | * Kibana could not access the .kibana-event-log-* indices. Fixed. 31 |

32 | 33 | 34 | -------------------------------------------------------------------------------- /_content/_changelogs/changelog_searchguard_7_x_48_0_0.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Search Guard 7.x-48.0.0 3 | permalink: changelog-searchguard-7x-48_0_0 4 | category: changelogs-searchguard 5 | order: -100 6 | layout: changelogs 7 | description: Changelog for Search Guard 7.x-48.0.0 8 | --- 9 | 10 | 11 | 12 | **Release Date: 04.12.2020** 13 | 14 | * [Upgrade Guide from 6.x to 7.x](../_docs_installation/installation_upgrading_6_7.md) 15 | 16 | ## Improvements 17 | 18 | 19 | 20 | ### Search Guard Core 21 | 22 | This release brings support for Elasticsearch 7.10.0. The DLS/FLS functionality of Search Guard has been adapted to the new reader infrastructure of Elasticsearch. No configuration changes are necessary, though. 23 | 24 | The point in time feature of Elasticsearch is however not yet completely supported by Search Guard. If you add the necessary permissions `indices:data/read/open_point_in_time` and `indices:data/read/close_point_in_time` as cluster permissions to a role, you can use the feature. However, the context IDs won't be owned by the current user, but can be used by any user. 25 |

26 | 27 | 28 | -------------------------------------------------------------------------------- /_content/_changelogs/changelog_searchguard_7_x_52_2_0.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Search Guard 7.x-52.2.0 3 | permalink: changelog-searchguard-7x-52_2_0 4 | category: changelogs-searchguard 5 | order: -340 6 | layout: changelogs 7 | description: Changelog for Search Guard 7.x-52.0.0 8 | --- 9 | 10 | 11 | 12 | # Search Guard Suite 52.2 13 | 14 | **Release Date: 2021-08-19** 15 | 16 | This is a maintenance release for Search Guard 52. 17 | 18 | ## Changes 19 | 20 | ### Support for ES 7.14.1 21 | 22 | This release brings support for Elasticsearch 7.14.1 23 | 24 | ### `sgadmin-standalone` 25 | 26 | The `sgadmin-standalone` tool is again available starting with this release 27 | -------------------------------------------------------------------------------- /_content/_changelogs/changelog_searchguard_7_x_52_3_0.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Search Guard 7.x-52.3.0 3 | permalink: changelog-searchguard-7x-52_3_0 4 | category: changelogs-searchguard 5 | order: -350 6 | layout: changelogs 7 | description: Changelog for Search Guard 7.x-52.3.0 8 | --- 9 | 10 | 11 | 12 | # Search Guard Suite 52.3 13 | 14 | **Release Date: 2021-09-16** 15 | 16 | This is a bug fix release for Search Guard 52. 17 | 18 | ## Security Issues 19 | 20 | ### Unreliable `enable_start_tls` option for `ldap` authcz module 21 | 22 | The `enable_start_tls` option of the `ldap` authcz module was unreliable in earlier versions of Search Guard: If the `ldap` authcz module was configured with `enable_start_tls: true`, it would not upgrade the connection to TLS in some cases. If the LDAP server also accepted commands over unencrypted connections, this would have caused user names and passwords to be transmitted over unencrypted connections between an Elasticsearch node running Search Guard and the LDAP server. If the LDAP server refused commands over unencrypted connections, authentication would just fail. 23 | 24 | Details: 25 | 26 | [Merge Request](https://git.floragunn.com/search-guard/search-guard-suite-enterprise/-/merge_requests/116) 27 | -------------------------------------------------------------------------------- /_content/_changelogs/changelog_searchguard_7_x_52_7_0.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Search Guard 7.x-52.7.0 3 | permalink: changelog-searchguard-7x-52_7_0 4 | category: changelogs-searchguard 5 | order: -390 6 | layout: changelogs 7 | description: Changelog for Search Guard 7.x-52.7.0 8 | --- 9 | 10 | 11 | 12 | # Search Guard Suite 52.7 13 | 14 | **Release Date: 2022-01-13** 15 | 16 | This is a bugfix release for Search Guard 52.6 for Elasticsearch 7.10.2. Search Guard 52.6 on ES 7.10.2 would not be able to instantiate certain authenticators like the JWT authenticator. This is fixed by Search Guard 52.7. 17 | 18 | Search Guard 52.6 for Elasticsearch 7.16.2 is not affected by this; thus, no update is available for that version. 19 | -------------------------------------------------------------------------------- /_content/_changelogs/changelog_searchguard_7_x_53_1_0.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Search Guard 7.x-53.1.0 3 | permalink: changelog-searchguard-7x-53_1_0 4 | category: changelogs-searchguard 5 | order: -410 6 | layout: changelogs 7 | description: Changelog for Search Guard 7.x-53.1.0 8 | --- 9 | 10 | 11 | 12 | # Search Guard Suite 53.1 13 | 14 | **Release Date: 2022-03-31** 15 | 16 | This is a bug fix for a security issue in the DLS implementation of Search Guard. 17 | 18 | ## Security Bug Fixes 19 | 20 | ### Unauthorized access to single attribute values 21 | 22 | A flaw was discovered in the DLS implementation where single attributes values could be exposed to a user, even if the user does not have privileges to access documents containing these attribute values. 23 | 24 | **Note:** The flaw only exposed single attribute values, but **not** whole documents. 25 | 26 | **Affected Versions:** 27 | 28 | All Search Guard versions prior to 53.1.0. 29 | 30 | **Solution:** 31 | 32 | Update to Search Guard version 53.1.0. 33 | 34 | -------------------------------------------------------------------------------- /_content/_changelogs/changelog_searchguard_7_x_53_2_0.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Search Guard 7.x-53.2.0 3 | permalink: changelog-searchguard-7x-53_2_0 4 | category: changelogs-searchguard 5 | order: -420 6 | layout: changelogs 7 | description: Changelog for Search Guard 7.x-53.2.0 8 | --- 9 | 10 | 11 | 12 | # Search Guard Suite 53.2 13 | 14 | **Release Date: 2022-04-21** 15 | 16 | This is a bug fix for the multi-tenancy implementation of Search Guard 53.0 and 53.1 for Elasticsearch 7.10.2. 17 | 18 | If you are not using Elasticsearch 7.10.2 or Search Guard 53.x, you do not need this update. 19 | 20 | ## Bug Fixes 21 | 22 | ### Issues with index templates for the Kibana index 23 | 24 | Search Guard 53.0 for Elasticsearch 7.10.2 introduced an issue where switching to newly created tenants failed with various error messages. 25 | 26 | This update fixes this issue. 27 | 28 | **Note:** You need to restart Kibana in order to finalize the update. -------------------------------------------------------------------------------- /_content/_changelogs/changelog_searchguard_7_x_53_3_0.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Search Guard 7.x-53.3.0 3 | permalink: changelog-searchguard-7x-53_3_0 4 | category: changelogs-searchguard 5 | order: -430 6 | layout: changelogs 7 | description: Changelog for Search Guard 7.x-53.3.0 8 | --- 9 | 10 | 11 | 12 | # Search Guard Suite 53.3 13 | 14 | **Release Date: 2022-06-22** 15 | 16 | ## Bug Fixes 17 | 18 | ### Invalid index names 19 | 20 | Using invalid index names no longer causes a 500 error with SearchGuard 21 | 22 | **Details:** 23 | 24 | * [Commit](https://git.floragunn.com/search-guard/search-guard-suite-enterprise/-/commit/8724485c5b926c4678dbb3893aae67a696815a90){:target="_blank"} 25 | 26 | 27 | ### Signals: Severity Levels 28 | 29 | Fixed parsing of severity_level in WatchState 30 | 31 | **Details:** 32 | 33 | * [Commit](https://git.floragunn.com/search-guard/search-guard-suite-enterprise/-/commit/3b374e60b42e42f49cb5b376d94743ebe79761ba){:target="_blank"} -------------------------------------------------------------------------------- /_content/_changelogs/changelog_searchguard_7_x_53_4_0.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Search Guard 7.x-53.4.0 3 | permalink: changelog-searchguard-7x-53_4_0 4 | category: changelogs-searchguard 5 | order: -440 6 | layout: changelogs 7 | description: Changelog for Search Guard 7.x-53.4.0 8 | --- 9 | 10 | 11 | 12 | # Search Guard Suite 53.4 13 | 14 | **Release Date: 2022-07-15** 15 | 16 | This is a bug fix release for two issues with Signals. 17 | 18 | ## Bug Fixes 19 | 20 | ### Issue with Node failover 21 | 22 | When nodes are leaving the cluster it could happen that watches are no logger executed. 23 | 24 | This update fixes this issue. 25 | 26 | **Details:** 27 | 28 | * [Commit](https://git.floragunn.com/search-guard/search-guard-suite-enterprise/-/commit/bada1cab5202003b6ae8ac46ecd68120d9ea7089){:target="_blank"} 29 | 30 | 31 | ### NPE when (re-)starting a node 32 | 33 | When using signals the following error message occurred occasionally: 34 | 35 | ``` 36 | java.lang.NullPointerException: Cannot invoke "org.quartz.spi.OperableTrigger.getKey()" because "this.delegate" is null 37 | ``` 38 | 39 | This is now fixed. 40 | 41 | **Details:** 42 | 43 | * [Commit](https://git.floragunn.com/search-guard/search-guard-suite-enterprise/-/commit/af2651a4eb382e8bb88b2be3940ddb58b6b01be5){:target="_blank"} -------------------------------------------------------------------------------- /_content/_changelogs/changelog_searchguard_7_x_53_5_0.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Search Guard 7.x-53.5.0 3 | permalink: changelog-searchguard-7x-53_5_0 4 | category: changelogs-searchguard 5 | order: -450 6 | layout: changelogs 7 | description: Changelog for Search Guard 7.x-53.5.0 8 | --- 9 | 10 | 11 | 12 | # Search Guard Suite 53.5 13 | 14 | **Release Date: 2022-10-05** 15 | 16 | This is a security fix release for an issue with datastreams. 17 | 18 | Since data streams are an X-Pack feature in Elasticsearch 7.x, we did not officially support them. 19 | Nevertheless we decided to release a fix for it but won't issue a CVE because datastreams was (and remains) an unsupported feature. 20 | 21 | ## Security Fixes 22 | 23 | ### An authenticated but unauthorized user could access all data stream events 24 | 25 | An authenticated but unauthorized user could access all data stream events via the _search API. 26 | 27 | This update fixes this issue. 28 | 29 | **Details:** 30 | 31 | * [Search Guard Forum](https://forum.search-guard.com/t/search-guard-incompatible-with-data-streams/2347/14){:target="_blank"} 32 | 33 | * [Commit](https://git.floragunn.com/search-guard/search-guard-suite-enterprise/-/commit/c4df276cec95f81a82768a8fa098f35f80e1bcb5){:target="_blank"} -------------------------------------------------------------------------------- /_content/_changelogs/changelog_searchguard_7_x_53_6_0.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Search Guard 7.x-53.6.0 3 | permalink: changelog-searchguard-7x-53_6_0 4 | category: changelogs-searchguard 5 | order: -460 6 | layout: changelogs 7 | description: Changelog for Search Guard 7.x-53.6.0 8 | --- 9 | 10 | 11 | 12 | # Search Guard Suite 53.6 13 | 14 | **Release Date: 2022-12-19** 15 | 16 | ### Switch for disabling alias resolution 17 | 18 | Search Guard by default resolves any index alias names to the concrete underlying index name. While this has the advantage that 19 | real index names and index alias names are treated the same way, this can lead to performance problems on clusters with a lot of 20 | indices and aliases. 21 | 22 | This fix introduces a switch which makes it possible to disable index alias resolution. This improves performance at the 23 | cost of losing the ability to specify aliases and date math in index patterns. 24 | 25 | To disable alias resolution, add the following to sg_config.yml: 26 | 27 | ```yml 28 | sg_config: 29 | dynamic: 30 | support_aliases_in_index_privileges: false 31 | ``` 32 | 33 | **Details:** 34 | 35 | * [Search Guard Forum](https://forum.search-guard.com/t/high-cpu-usage-after-es-update-to-7-17-7/2387/6){:target="_blank"} 36 | 37 | * [Commit](https://git.floragunn.com/search-guard/search-guard-suite-enterprise/-/commit/cf31c473b64be352f54b6d6b0838e73a158a55e6){:target="_blank"} -------------------------------------------------------------------------------- /_content/_changelogs/changelog_searchguard_7_x_53_8_0.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Search Guard 7.x-53.8.0 3 | permalink: changelog-searchguard-7x-53_8_0 4 | category: changelogs-searchguard 5 | order: -470 6 | layout: changelogs 7 | description: Changelog for Search Guard 7.x-53.8.0 8 | --- 9 | 10 | 11 | 12 | # Search Guard Suite 53.8 13 | 14 | **Release Date: 2023-11-29** 15 | 16 | This is a security release of Search Guard that applies to Multi-Tenancy only. If you have not enabled that Multi-Tenancy, you are not affected. 17 | 18 | We ask all users that leverage the Multi-Tenancy features of Search Guard to update to Search Guard 53.8 or above. 19 | 20 | If you are using Search Guard FLX, please upgrade to [Search Guard FLX 1.4.1](changelog-searchguard-flx-1_4_1). 21 | 22 | ## Security Fixes 23 | 24 | ### Multi-Tenancy: Users with read/only tenants can do destructive operations such as deleting the .kibana index 25 | 26 | A user with only READ access to a tenant cannot perform any updates to the corresponding tenant index, but can still issue destructive operations like DELETE. 27 | This release fixes the issue. 28 | 29 | * [Merge Request](https://git.floragunn.com/search-guard/search-guard-suite-enterprise/-/merge_requests/571) 30 | -------------------------------------------------------------------------------- /_content/_changelogs/changelog_searchguard_7_x_53_9_0.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Search Guard 7.x-53.9.0 3 | permalink: changelog-searchguard-7x-53_9_0 4 | category: changelogs-searchguard 5 | order: -470 6 | layout: changelogs 7 | description: Changelog for Search Guard 7.x-53.9.0 8 | --- 9 | 10 | 11 | 12 | # Search Guard Suite 53.9 13 | 14 | **Release Date: 2024-01-24** 15 | 16 | This is a bug fix release of Search Guard 17 | 18 | ## Bug Fixes 19 | 20 | ### Headers are not case insensitive 21 | 22 | * [Merge Request](https://git.floragunn.com/search-guard/search-guard-suite-enterprise/-/merge_requests/594) 23 | 24 | ### The sgadmin.sh script hangs when executing against Kubernetes ES 7.x pods 25 | 26 | * [Issue](https://git.floragunn.com/search-guard/search-guard-suite-enterprise/-/issues/282) 27 | * [Merge Request](https://git.floragunn.com/search-guard/search-guard-suite-enterprise/-/merge_requests/611) -------------------------------------------------------------------------------- /_content/_changelogs/changelog_searchguard_flx_1_4_1.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Search Guard FLX 1.4.1 3 | permalink: changelog-searchguard-flx-1_4_1 4 | category: changelogs-searchguard 5 | order: -1050 6 | layout: changelogs 7 | description: Changelog for Search Guard FLX 1.4.1 8 | --- 9 | 10 | 11 | 12 | # Search Guard FLX 1.4.1 13 | 14 | **Release Date: 2024-01-03** 15 | 16 | This is a bug fix release of Search Guard FLX. 17 | 18 | ## Bug Fixes 19 | 20 | ### Create new LDAP connections in a privileged thread context 21 | 22 | When the LDAP connection pool scales up, the code seems to be missing the necessary special privilege block. It failed with an AccessControlException.This is now fixed. 23 | 24 | * [Issue](https://git.floragunn.com/search-guard/search-guard-suite-enterprise/-/issues/256) 25 | * [Merge Request](https://git.floragunn.com/search-guard/search-guard-suite-enterprise/-/merge_requests/553) 26 | 27 | ## Introduced config attributes retrieve_attributes for LDAP auth backend 28 | 29 | This fix introduce two new config options: ldap.user_search.retrieve_attributes and ldap.group_search.retrieve_attributes. Both accept a list of strings that specify the attributes to be retrieved in the LDAP result set. Some LDAP directory might have a large number of attributes associated with single entries. In order to reduce network activity, it might make sense to allow to specify the attributes to select for queries. 30 | 31 | * [Issue](https://git.floragunn.com/search-guard/search-guard-suite-enterprise/-/issues/265) 32 | * [Merge Request](https://git.floragunn.com/search-guard/search-guard-suite-enterprise/-/merge_requests/563) -------------------------------------------------------------------------------- /_content/_changelogs/changelog_searchguard_flx_3_0_1.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Search Guard FLX 3.0.1 3 | permalink: changelog-searchguard-flx-3_0_1 4 | category: changelogs-searchguard 5 | order: -1110 6 | layout: changelogs 7 | description: Changelog for Search Guard FLX 3.0.1 8 | --- 9 | 10 | 11 | 12 | # Search Guard FLX 3.0.1 13 | 14 | **Release Date: 2024-11-28** 15 | 16 | ## Improvements 17 | 18 | ### Further improvements in dark mode 19 | 20 | Additional improvements in Kibana UI Dark mode. 21 | 22 | * [Merge Request](https://git.floragunn.com/search-guard/search-guard-kibana-plugin/-/merge_requests/1024) 23 | 24 | ## Bug fixes 25 | 26 | ### SGCTL connection fixed 27 | 28 | We have fixed the sgctl connection issues. 29 | 30 | * [Merge Request](https://git.floragunn.com/search-guard/sgctl/-/merge_requests/224) 31 | 32 | ### Node restart when SearchGuard is disabled 33 | 34 | Nodes are now successfully restarting when SearchGuard is disabled. 35 | 36 | * [Merge Request](https://git.floragunn.com/search-guard/search-guard-suite-enterprise/-/merge_requests/1043) 37 | -------------------------------------------------------------------------------- /_content/_changelogs/changelog_searchguard_flx_3_0_2.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Search Guard FLX 3.0.2 3 | permalink: changelog-searchguard-flx-3_0_2 4 | category: changelogs-searchguard 5 | order: -1120 6 | layout: changelogs 7 | description: Changelog for Search Guard FLX 3.0.2 8 | --- 9 | 10 | 11 | 12 | # Search Guard FLX 3.0.2 13 | 14 | **Release Date: 2024-12-05** 15 | 16 | ## Improvements 17 | 18 | ### SGS_KIBANA_SERVER now has access to .kibana-reporting data stream 19 | 20 | Data stream .kibana-reporting* is now a part of the SGS_KIBANA_SERVER role. 21 | 22 | * [Merge Request](https://git.floragunn.com/search-guard/search-guard-suite-enterprise/-/merge_requests/1054) 23 | 24 | ## Bug fixes 25 | 26 | ### Multi-tenancy in data migration 27 | 28 | Data migration in multi tenant environment is fixed. 29 | 30 | * [Merge Request](https://git.floragunn.com/search-guard/search-guard-suite-enterprise/-/merge_requests/1055) 31 | -------------------------------------------------------------------------------- /_content/_changelogs/changelog_tlstool.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: TLS Tool 3 | permalink: changelogs-tlstool-main 4 | category: changelogs 5 | subcategory: changelogs-tlstool 6 | order: 300 7 | layout: changelogs 8 | description: Changelog for the Search Guard TLS Tool 9 | index: false 10 | sitemap: false 11 | --- 12 | 13 | -------------------------------------------------------------------------------- /_content/_changelogs/changelog_tlstool_1_1.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: TLS Tool 1.1 3 | permalink: changelog-tlstool_1_1 4 | category: changelogs-tlstool 5 | order: 900 6 | layout: changelogs 7 | description: Changelog for the Search Guard TLS Tool 1.1 8 | --- 9 | 10 | 13 | 14 | # Search Guard TLS Tool 1.1 15 | 16 | **Release Date: 25.02.2018** 17 | 18 | ## Fixes 19 | 20 | * Extension requests were not linked to generated CSRs 21 | * Do not write nodes_dn if an oid is present 22 | * add "verify" and "resolve_hostnames" to generated config 23 | * Fixed TLS Diagnose: Subject and Issuer DN is the same 24 | * Fixed wrong pemtrustedcas_filepath when transport certs were reused as HTTP certs 25 | -------------------------------------------------------------------------------- /_content/_changelogs/changelog_tlstool_1_2.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: TLS Tool 1.2 3 | permalink: changelog-tlstool_1_2 4 | category: changelogs-tlstool 5 | order: 800 6 | layout: changelogs 7 | description: Changelog for the Search Guard TLS Tool 1.2 8 | --- 9 | 10 | 13 | 14 | # Search Guard TLS Tool 1.2 15 | 16 | **Release Date: 24.04.2018** 17 | 18 | ## Fixes 19 | 20 | * Fixes issues with configs without intermediate cert 21 | * Always load the configured root certificate into ctx.rootCaFile 22 | * Do not add root cert to PEM file of generated certificates for nodes 23 | and clients 24 | -------------------------------------------------------------------------------- /_content/_changelogs/changelog_tlstool_1_3.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: TLS Tool 1.3 3 | permalink: changelog-tlstool_1_3 4 | category: changelogs-tlstool 5 | order: 700 6 | layout: changelogs 7 | description: Changelog for the Search Guard TLS Tool 1.3 8 | --- 9 | 10 | 13 | 14 | # Search Guard TLS Tool 1.3 15 | 16 | **Release Date: 01.05.2018** 17 | 18 | ## Fixes 19 | 20 | * Save private keys always as PKCS8 instead of PKCS1 21 | * [https://github.com/floragunncom/search-guard-tlstool/issues/3](https://github.com/floragunncom/search-guard-tlstool/issues/3) -------------------------------------------------------------------------------- /_content/_changelogs/changelog_tlstool_1_4.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: TLS Tool 1.4 3 | permalink: changelog-tlstool_1_4 4 | category: changelogs-tlstool 5 | order: 600 6 | layout: changelogs 7 | description: Changelog for the Search Guard TLS Tool 1.4 8 | --- 9 | 10 | 13 | 14 | # Search Guard TLS Tool 1.4 15 | 16 | **Release Date: 18.05.2018** 17 | 18 | ## Fixes 19 | 20 | * Unencrypted PKCS8 private keys could not be read 21 | * [https://github.com/floragunncom/search-guard-tlstool/issues/4](https://github.com/floragunncom/search-guard-tlstool/issues/4) 22 | -------------------------------------------------------------------------------- /_content/_changelogs/changelog_tlstool_1_5.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: TLS Tool 1.5 3 | permalink: changelog-tlstool_1_5 4 | category: changelogs-tlstool 5 | order: 500 6 | layout: changelogs 7 | description: Changelog for the Search Guard TLS Tool 1.5 8 | --- 9 | 10 | 13 | 14 | # Search Guard TLS Tool 1.5 15 | 16 | **Release Date: 09.06.2018** 17 | 18 | ## Fixes 19 | 20 | * Sanitize DN before putting it into SG config snippets 21 | * [https://github.com/floragunncom/search-guard-tlstool/issues/5](https://github.com/floragunncom/search-guard-tlstool/issues/5) -------------------------------------------------------------------------------- /_content/_changelogs/changelog_tlstool_1_6.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: TLS Tool 1.6 3 | permalink: changelog-tlstool_1_6 4 | category: changelogs-tlstool 5 | order: 450 6 | layout: changelogs 7 | description: Changelog for the Search Guard TLS Tool 1.6 8 | --- 9 | 10 | 13 | 14 | # Search Guard TLS Tool 1.6 15 | 16 | **Release Date: 30.12.2018** 17 | 18 | ## Fixes 19 | 20 | * Make it work with Java 11 -------------------------------------------------------------------------------- /_content/_changelogs/changelog_tlstool_1_7.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: TLS Tool 1.7 3 | permalink: changelog-tlstool_1_7 4 | category: changelogs-tlstool 5 | order: 400 6 | layout: changelogs 7 | description: Changelog for the Search Guard TLS Tool 1.7 8 | --- 9 | 10 | 13 | 14 | # Search Guard TLS Tool 1.7 15 | 16 | **Release Date: 05.06.2019** 17 | 18 | ## Fixes 19 | 20 | * Update bouncy castle dependency to 1.61 21 | * Update jackson dependency to 2.9.9 22 | 23 | ## New features 24 | 25 | * The tool can now also generate elliptic curve (EC) based certificates -------------------------------------------------------------------------------- /_content/_changelogs/changelog_tlstool_1_8.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: TLS Tool 1.8 3 | permalink: changelog-tlstool_1_8 4 | category: changelogs-tlstool 5 | order: 380 6 | layout: changelogs 7 | description: Changelog for the Search Guard TLS Tool 1.8 8 | --- 9 | 10 | 13 | 14 | # Search Guard TLS Tool 1.8 15 | 16 | **Release Date: 05.05.2020** 17 | 18 | ## Fixes 19 | 20 | * Update jackson dependency to 2.9.10 -------------------------------------------------------------------------------- /_content/_changelogs/changelog_tlstool_1_9.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: TLS Tool 1.9 3 | permalink: changelog-tlstool_1_9 4 | category: changelogs-tlstool 5 | order: 370 6 | layout: changelogs 7 | description: Changelog for the Search Guard TLS Tool 1.9 8 | --- 9 | 10 | 13 | 14 | 15 | # Search Guard TLS Tool 1.9.2 16 | 17 | **Release Date: 11.01.2024** 18 | 19 | ## Fixes 20 | 21 | * Update dependencies 22 | 23 | 24 | # Search Guard TLS Tool 1.9.1 25 | 26 | **Release Date: 21.05.2023** 27 | 28 | ## Fixes 29 | 30 | * Update dependencies 31 | 32 | 33 | # Search Guard TLS Tool 1.9.0 34 | 35 | **Release Date: 04.08.2022** 36 | 37 | ## Fixes 38 | 39 | * Update dependencies to mitigate log4shell vulnerabilities -------------------------------------------------------------------------------- /_content/_changelogs/changelog_tlstool_overview.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Overview 3 | html_title: TLS Tool changelogs 4 | permalink: changelogs-tlstool 5 | category: changelogs-tlstool 6 | order: 0 7 | layout: changelogs 8 | description: Changelog for the Search Guard TLS Tool which can be used to generate TLS certificates and CAs. 9 | --- 10 | 11 | 14 | 15 | # TLS Tool Changelogs 16 | 17 | ### [TLS Tool 1.9](changelog_tlstool_1_8.md) 18 | 19 | Release Date: 04.08.2022 20 | 21 | ### [TLS Tool 1.8](changelog_tlstool_1_8.md) 22 | 23 | Release Date: 05.05.2020 24 | 25 | ### [TLS Tool 1.7](changelog_tlstool_1_7.md) 26 | 27 | Release Date: 05.06.2019 28 | 29 | ### [TLS Tool 1.6](changelog_tlstool_1_6.md) 30 | 31 | Release Date: 30.12.2018 32 | 33 | ### [TLS Tool 1.5](changelog_tlstool_1_5.md) 34 | 35 | Release Date: 09.06.2018 36 | 37 | ### [TLS Tool 1.4](changelog_tlstool_1_4.md) 38 | 39 | Release Date: 18.05.2018 40 | 41 | ### [TLS Tool 1.3](changelog_tlstool_1_3.md) 42 | 43 | Release Date: 01.05.2018 44 | 45 | ### [TLS Tool 1.2](changelog_tlstool_1_2.md) 46 | 47 | Release Date: 24.04.2018 48 | 49 | ### [TLS Tool 1.1](changelog_tlstool_1_1.md) 50 | 51 | Release Date: 25.02.2018 52 | 53 | ### TLS Tool 1.1 (initial release) 54 | 55 | Release Date: 13.02.2018 56 | -------------------------------------------------------------------------------- /_content/_changelogs/kibana_51_tenant_selection.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_changelogs/kibana_51_tenant_selection.png -------------------------------------------------------------------------------- /_content/_common/search-guard-frontmatter.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_common/search-guard-frontmatter.png -------------------------------------------------------------------------------- /_content/_common/search-guard-logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_common/search-guard-logo.png -------------------------------------------------------------------------------- /_content/_docs_aim/actions.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Actions 3 | html_title: Actions 4 | permalink: automated-index-management-actions 5 | category: aim 6 | subcategory: aim-actions 7 | order: 300 8 | layout: docs 9 | edition: community 10 | description: How actions work in AIM 11 | --- 12 | -------------------------------------------------------------------------------- /_content/_docs_aim/actions_allocation.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Allocation Action 3 | html_title: Allocation Action 4 | permalink: automated-index-management-actions-allocation 5 | category: aim-actions 6 | order: 301 7 | layout: docs 8 | edition: community 9 | description: How the allocation action works 10 | --- 11 | 12 | 13 | {% include beta_warning.html %} 14 | 15 | # Allocation Action 16 | {: .no_toc} 17 | 18 | {% include toc.md %} 19 | 20 | This action configures nodes allowed to host the index. 21 | There are three optional configuration options to set allowed nodes. 22 | At least one of the configuration options has to be set. 23 | 24 | ## Parameters 25 | 26 | | Parameter | Optional | Note | 27 | |-----------|----------|------------------------------------------------------------------------------| 28 | | `exclude` | true | Allow index only on nodes that have none of the specified attributes | 29 | | `include` | true | Allow index only on nodes that have at least one of the specified attributes | 30 | | `require` | true | Allow index only on nodes that have all of the specified attributes | 31 | 32 | ## Example 33 | 34 | ```json 35 | { 36 | "steps": [ 37 | ... 38 | { 39 | "name": "my-step", 40 | "conditions": [ ... ], 41 | "actions": [ 42 | ... 43 | { 44 | "type": "allocation", 45 | "require": { 46 | "box_type": "my-custom-box-type" 47 | } 48 | }, 49 | ... 50 | ] 51 | }, 52 | ... 53 | ] 54 | } 55 | ``` -------------------------------------------------------------------------------- /_content/_docs_aim/actions_close.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Close Action 3 | html_title: Close Action 4 | permalink: automated-index-management-actions-close 5 | category: aim-actions 6 | order: 302 7 | layout: docs 8 | edition: community 9 | description: How the close action works 10 | --- 11 | 12 | 13 | {% include beta_warning.html %} 14 | 15 | # Close Action 16 | {: .no_toc} 17 | 18 | {% include toc.md %} 19 | 20 | This action closes the index. After this action, the index is blocked from read and write operations. 21 | This action is useful in case the data needs to be preserved but not queried or extended. 22 | Closing an index reduces overhead on the cluster. 23 | 24 | ## Example 25 | 26 | ```json 27 | { 28 | "steps": [ 29 | ... 30 | { 31 | "name": "my-step", 32 | "conditions": [ ... ], 33 | "actions": [ 34 | ... 35 | { 36 | "type": "close" 37 | }, 38 | ... 39 | ] 40 | }, 41 | ... 42 | ] 43 | } 44 | ``` -------------------------------------------------------------------------------- /_content/_docs_aim/actions_delete.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Delete Action 3 | html_title: Delete Action 4 | permalink: automated-index-management-actions-delete 5 | category: aim-actions 6 | order: 303 7 | layout: docs 8 | edition: community 9 | description: How the delete action works 10 | --- 11 | 12 | 13 | {% include beta_warning.html %} 14 | 15 | # Delete Action 16 | {: .no_toc} 17 | 18 | {% include toc.md %} 19 | 20 | The delete action deletes the index permanently. This action has to be the last action in a policy. 21 | 22 | ## Example 23 | 24 | ```json 25 | { 26 | "steps": [ 27 | ... 28 | { 29 | "name": "my-step", 30 | "conditions": [ ... ], 31 | "actions": [ 32 | ... 33 | { 34 | "type": "delete" 35 | } 36 | ] 37 | } 38 | ] 39 | } 40 | ``` 41 | -------------------------------------------------------------------------------- /_content/_docs_aim/actions_force_merge.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Force Merge Action 3 | html_title: Force Merge Action 4 | permalink: automated-index-management-actions-force-merge 5 | category: aim-actions 6 | order: 304 7 | layout: docs 8 | edition: community 9 | description: How the force merge action works 10 | --- 11 | 12 | 13 | {% include beta_warning.html %} 14 | 15 | # Force Merge Action 16 | {: .no_toc} 17 | 18 | {% include toc.md %} 19 | 20 | The force merge action forces the reduction of segments for each shard. 21 | This potentially frees up space by removing deleted documents. 22 | 23 | The `segments` parameter specifies the number of segments each shard should be merged to. 24 | 25 | Since force merges can be costly, this action is implemented asynchronously, meaning a separate internal step is automatically added to the policy to check if the force merge has finished. 26 | Until the force merge is finished successfully, the index remains in the internal `awaiting_force_merge` step. 27 | No other steps, actions or conditions are run during this phase. 28 | 29 | Asynchronous actions are always required to be the last action in a step. 30 | 31 | ## Parameters 32 | 33 | | Parameter | Optional | Note | 34 | |------------|----------|------------------| 35 | | `segments` | false | positive integer | 36 | 37 | ## Example 38 | 39 | ```json 40 | { 41 | "steps": [ 42 | ... 43 | { 44 | "name": "attempt_merge", 45 | "conditions": [ ... ], 46 | "actions": [ 47 | ... 48 | { 49 | "type": "force_merge", 50 | "segments": 1 51 | } 52 | ] 53 | }, 54 | ... 55 | ] 56 | } 57 | ``` -------------------------------------------------------------------------------- /_content/_docs_aim/actions_rollover.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Rollover Action 3 | html_title: Rollover Action 4 | permalink: automated-index-management-actions-rollover 5 | category: aim-actions 6 | order: 305 7 | layout: docs 8 | edition: community 9 | description: How the rollover action works 10 | --- 11 | 12 | 13 | {% include beta_warning.html %} 14 | 15 | # Rollover Action 16 | {: .no_toc} 17 | 18 | {% include toc.md %} 19 | 20 | This creates a new write index for the alias specified in the `index.aim.rollover_alias` index setting and removes the alias from the current index. 21 | 22 | For every index this action should be applied to the index setting `index.aim.rollover_alias` must be configured. Otherwise, the rollover attempt would fail. 23 | 24 | ## Example 25 | 26 | ```json 27 | { 28 | "steps": [ 29 | ... 30 | { 31 | "name": "active", 32 | "conditions": [ ... ], 33 | "actions": [ 34 | ... 35 | { 36 | "type": "rollover" 37 | }, 38 | ... 39 | ] 40 | }, 41 | ... 42 | ] 43 | } 44 | ``` -------------------------------------------------------------------------------- /_content/_docs_aim/actions_set_priority.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Set Priority Action 3 | html_title: Set Priority Action 4 | permalink: automated-index-management-actions-set-priority 5 | category: aim-actions 6 | order: 306 7 | layout: docs 8 | edition: community 9 | description: How the set priority action works 10 | --- 11 | 12 | 13 | {% include beta_warning.html %} 14 | 15 | # Set Priority Action 16 | {: .no_toc} 17 | 18 | {% include toc.md %} 19 | 20 | Sets the priority setting of the index to the specified value. 21 | Indices with a higher priority will be recovered first after a node restart. 22 | 23 | ## Parameters 24 | 25 | | Parameter | Optional | Note | 26 | |------------|----------|------------------| 27 | | `priority` | false | positive integer | 28 | 29 | ## Example 30 | 31 | ```json 32 | { 33 | "steps": [ 34 | ... 35 | { 36 | "name": "active", 37 | "conditions": [ ... ], 38 | "actions": [ 39 | ... 40 | { 41 | "type": "set_priority", 42 | "priority": 50 43 | }, 44 | ... 45 | ] 46 | }, 47 | ... 48 | ] 49 | } 50 | ``` -------------------------------------------------------------------------------- /_content/_docs_aim/actions_set_read_only.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Set Read Only Action 3 | html_title: Set Read Only Action 4 | permalink: automated-index-management-actions-set-read-only 5 | category: aim-actions 6 | order: 307 7 | layout: docs 8 | edition: community 9 | description: How the set read only action works 10 | --- 11 | 12 | 13 | {% include beta_warning.html %} 14 | 15 | # Set Read Only Action 16 | {: .no_toc} 17 | 18 | {% include toc.md %} 19 | 20 | Setting an index into read only mode. 21 | This will block any write operations on the index. 22 | 23 | ## Example 24 | 25 | ```json 26 | { 27 | "steps": [ 28 | ... 29 | { 30 | "name": "inactive", 31 | "conditions": [ ... ], 32 | "actions": [ 33 | ... 34 | { 35 | "type": "set_read_only" 36 | }, 37 | ... 38 | ] 39 | }, 40 | ... 41 | ] 42 | } 43 | ``` -------------------------------------------------------------------------------- /_content/_docs_aim/actions_set_replica_count.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Set Replica Count Action 3 | html_title: Set Replica Count Action 4 | permalink: automated-index-management-actions-set-replica-count 5 | category: aim-actions 6 | order: 308 7 | layout: docs 8 | edition: community 9 | description: How the set replica count action works 10 | --- 11 | 12 | 13 | {% include beta_warning.html %} 14 | 15 | # Set Replica Count Action 16 | {: .no_toc} 17 | 18 | {% include toc.md %} 19 | 20 | This action sets the number of replicas that should exist for the index, it is defined by the `replica_count`. 21 | By default, indices have a replica count of 1. 22 | Having more replicas results in a higher availability of the index in case of node restarts. 23 | 24 | ## Parameters 25 | 26 | | Parameter | Optional | Note | 27 | |-----------------|----------|----------------------| 28 | | `replica_count` | false | non negative integer | 29 | 30 | ## Example 31 | 32 | ```json 33 | { 34 | "steps": [ 35 | ... 36 | { 37 | "name": "active", 38 | "conditions": [ ... ], 39 | "actions": [ 40 | ... 41 | { 42 | "type": "set_replica_count", 43 | "replica_count": 2 44 | }, 45 | ... 46 | ] 47 | }, 48 | ... 49 | ] 50 | } 51 | ``` -------------------------------------------------------------------------------- /_content/_docs_aim/conditions.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Conditions 3 | html_title: Conditions 4 | permalink: automated-index-management-conditions 5 | category: aim 6 | subcategory: aim-conditions 7 | order: 200 8 | layout: docs 9 | edition: community 10 | description: How conditions work in AIM 11 | --- 12 | -------------------------------------------------------------------------------- /_content/_docs_aim/conditions_age.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Age Condition 3 | html_title: Age Condition 4 | permalink: automated-index-management-conditions-age 5 | category: aim-conditions 6 | order: 201 7 | layout: docs 8 | edition: community 9 | description: How the age condition works 10 | --- 11 | 12 | 13 | {% include beta_warning.html %} 14 | 15 | # Age Condition 16 | {: .no_toc} 17 | 18 | {% include toc.md %} 19 | 20 | This condition checks the current age of the index and triggers the action execution when the index is older than the configured maximum. 21 | 22 | ## Parameters 23 | 24 | | Parameter | Optional | Note | 25 | |-----------|----------|------------------------------------------------| 26 | | `max_age` | false | positive integer with unit ending (d, h, m, s) | 27 | 28 | ## Example 29 | 30 | ```json 31 | { 32 | "steps": [ 33 | ... 34 | { 35 | "name": "my_step", 36 | "conditions": [ 37 | ... 38 | { 39 | "type": "age", 40 | "max_age": "30d" 41 | }, 42 | ... 43 | ], 44 | "actions": [ ... ] 45 | }, 46 | ... 47 | ] 48 | } 49 | ``` -------------------------------------------------------------------------------- /_content/_docs_aim/conditions_doc_count.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Doc Count Condition 3 | html_title: Doc Count Condition 4 | permalink: automated-index-management-conditions-doc-count 5 | category: aim-conditions 6 | order: 202 7 | layout: docs 8 | edition: community 9 | description: How the doc count condition works 10 | --- 11 | 12 | 13 | {% include beta_warning.html %} 14 | 15 | # Doc Count Condition 16 | {: .no_toc} 17 | 18 | {% include toc.md %} 19 | 20 | The doc count condition requests the current number of documents in the index and triggers the action execution when the number of documents gets larger than the configured maximum. 21 | 22 | ## Parameters 23 | 24 | | Parameter | Optional | Note | 25 | |-------------|----------|------------------| 26 | | `max_count` | false | positive integer | 27 | 28 | ## Example 29 | 30 | ```json 31 | { 32 | "steps": [ 33 | ... 34 | { 35 | "name": "active", 36 | "conditions": [ 37 | ... 38 | { 39 | "type": "doc_count", 40 | "max_count": 1000000 41 | }, 42 | ... 43 | ], 44 | "actions": [ ... ] 45 | }, 46 | ... 47 | ] 48 | } 49 | ``` -------------------------------------------------------------------------------- /_content/_docs_aim/conditions_size.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Size Condition 3 | html_title: Size Condition 4 | permalink: automated-index-management-conditions-size 5 | category: aim-conditions 6 | order: 203 7 | layout: docs 8 | edition: community 9 | description: How the size condition works 10 | --- 11 | 12 | 13 | {% include beta_warning.html %} 14 | 15 | # Size Condition 16 | {: .no_toc} 17 | 18 | {% include toc.md %} 19 | 20 | This condition checks the current size of the index and triggers the action execution when the index size is larger than the configured maximum. 21 | 22 | ## Parameters 23 | 24 | | Parameter | Optional | Note | 25 | |-----------|----------|---------------------------------------------------| 26 | | `max_size` | false | positive integer with unit ending (b, kb, mb, gb) | 27 | 28 | ## Example 29 | 30 | ```json 31 | { 32 | "steps": [ 33 | ... 34 | { 35 | "name": "my_step", 36 | "conditions": [ 37 | ... 38 | { 39 | "type": "size", 40 | "max_size": "50gb" 41 | }, 42 | ... 43 | ], 44 | "actions": [ ... ] 45 | }, 46 | ... 47 | ] 48 | } 49 | ``` 50 | -------------------------------------------------------------------------------- /_content/_docs_aim/rest_api.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: REST API 3 | html_title: REST API 4 | permalink: automated-index-management-rest 5 | category: aim 6 | subcategory: aim-rest 7 | order: 400 8 | layout: docs 9 | edition: community 10 | description: AIM REST API 11 | --- 12 | -------------------------------------------------------------------------------- /_content/_docs_aim/rest_api_policy_delete.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Delete Policy 3 | html_title: Delete Policy 4 | permalink: automated-index-management-rest-policy-delete 5 | category: aim-rest 6 | order: 402 7 | layout: docs 8 | edition: community 9 | description: Use the delete policy REST API to delete policies 10 | --- 11 | 12 | 13 | {% include beta_warning.html %} 14 | 15 | # Delete Policy 16 | {: .no_toc} 17 | 18 | {% include toc.md %} 19 | 20 | ## Endpoint 21 | 22 | ``` 23 | DELETE /_aim/policy/{policy_name} 24 | ``` 25 | 26 | Deletes a Policy 27 | 28 | ## Path Parameters 29 | 30 | | Parameter | Note | 31 | |-----------------|--------------------| 32 | | `policy_name` | Name of the policy | 33 | 34 | ## Responses 35 | 36 | ### 200 OK 37 | 38 | The policy was successfully deleted. 39 | 40 | ### 403 Forbidden 41 | 42 | The user does not have sufficient privileges to access this endpoint. 43 | 44 | ### 404 Not Found 45 | 46 | The requested policy does not exist. 47 | 48 | ### 412 Precondition Failed 49 | 50 | The policy exists and is still in use. 51 | 52 | ### 503 Service Unavailable 53 | 54 | AIM is currently inactive. 55 | 56 | ## Privileges 57 | 58 | The user needs to have the privilege `cluster:admin:searchguard:aim:policy/delete` to access this endpoint. 59 | 60 | This permission is included in the following built-in action groups: 61 | 62 | - SGS_AIM_ALL 63 | - SGS_AIM_POLICY_MANAGE 64 | -------------------------------------------------------------------------------- /_content/_docs_aim/rest_api_policy_get.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Get Policy 3 | html_title: Get Policy 4 | permalink: automated-index-management-rest-policy-get 5 | category: aim-rest 6 | order: 401 7 | layout: docs 8 | edition: community 9 | description: Use the get policy REST API to get a policy 10 | --- 11 | 12 | 13 | {% include beta_warning.html %} 14 | 15 | # Get Policy 16 | {: .no_toc} 17 | 18 | {% include toc.md %} 19 | 20 | ## Endpoint 21 | 22 | ``` 23 | GET /_aim/policy/{policy_name} 24 | ``` 25 | 26 | Retrieves a policy in JSON format. 27 | 28 | ``` 29 | GET /_aim/policy/{policy_name}/internal 30 | ``` 31 | 32 | Retrieves a policy in JSON format including internal steps. 33 | 34 | ## Path Parameters 35 | 36 | | Parameter | Note | 37 | |-----------------|--------------------| 38 | | `policy_name` | Name of the policy | 39 | 40 | ## Responses 41 | 42 | ### 200 OK 43 | 44 | The policy exists and the user has sufficient privileges to access it. The response body contains the policy in JSON format. 45 | 46 | ### 403 Forbidden 47 | 48 | The user does not have sufficient privileges to access this endpoint. 49 | 50 | ### 404 Not Found 51 | 52 | The requested policy does not exist. 53 | 54 | ## Privileges 55 | 56 | The user needs to have the privilege `cluster:admin:searchguard:aim:policy/get` to access this endpoint. 57 | 58 | This permission is included in the following built-in action groups: 59 | 60 | - SGS_AIM_ALL 61 | - SGS_AIM_POLICY_READ 62 | - SGS_AIM_POLICY_MANAGE 63 | - SGS_AIM_POLICY_INSTANCE_READ 64 | - SGS_AIM_POLICY_INSTANCE_MANAGE 65 | -------------------------------------------------------------------------------- /_content/_docs_aim/rest_api_policy_instance_execute.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Policy Instance Execute 3 | html_title: Policy Instance Execute 4 | permalink: automated-index-management-rest-policy-instance-execute 5 | category: aim-rest 6 | order: 411 7 | layout: docs 8 | edition: community 9 | description: Use the execute REST API to execute a managed index 10 | --- 11 | 12 | 13 | {% include beta_warning.html %} 14 | 15 | # Policy Instance Execute 16 | {: .no_toc} 17 | 18 | {% include toc.md %} 19 | 20 | ## Endpoint 21 | 22 | ``` 23 | POST /_aim/execute/{index_name} 24 | ``` 25 | 26 | Executes the policy instance for the specified index immediately. 27 | 28 | ## Path Parameters 29 | 30 | | Parameter | Note | 31 | |----------------|---------------------------| 32 | | `index_name` | Name of the managed index | 33 | 34 | ## Responses 35 | 36 | ### 200 OK 37 | 38 | The requested index exists and is managed by AIM. The execution was scheduled successfully. 39 | 40 | ### 403 Forbidden 41 | 42 | The user does not have sufficient privileges to access this endpoint. 43 | 44 | ### 404 Not Found 45 | 46 | The requested index does not exist or is not managed by AIM. 47 | 48 | ### 503 Service Unavailable 49 | 50 | AIM is currently inactive. 51 | 52 | ## Privileges 53 | 54 | The user needs to have the privilege `cluster:admin:searchguard:aim:policy:instance:execute/post` to access this endpoint. 55 | 56 | This permission is included in the following built-in action groups: 57 | 58 | - SGS_AIM_ALL 59 | - SGS_AIM_POLICY_INSTANCE_MANAGE 60 | -------------------------------------------------------------------------------- /_content/_docs_aim/rest_api_policy_instance_retry.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Policy Instance Retry 3 | html_title: Policy Instance Retry 4 | permalink: automated-index-management-rest-policy-instance-retry 5 | category: aim-rest 6 | order: 412 7 | layout: docs 8 | edition: community 9 | description: Use the retry REST API to set the retry flag for a managed index 10 | --- 11 | 12 | 13 | {% include beta_warning.html %} 14 | 15 | # Policy Instance Retry 16 | {: .no_toc} 17 | 18 | {% include toc.md %} 19 | 20 | ## Endpoint 21 | 22 | ``` 23 | POST /_aim/retry/{index_name} 24 | ``` 25 | 26 | Sets the retry flag to `true` for the specified managed index. If the policy instance failed, it will be retried on next execution. 27 | 28 | ## Path Parameters 29 | 30 | | Parameter | Note | 31 | |----------------|---------------------------| 32 | | `index_name` | Name of the managed index | 33 | 34 | ## Responses 35 | 36 | ### 200 OK 37 | 38 | The requested index exists and is managed by AIM. The retry flag was set to `true` successfully. 39 | 40 | ### 403 Forbidden 41 | 42 | The user does not have sufficient privileges to access this endpoint. 43 | 44 | ### 404 Not Found 45 | 46 | The requested index does not exist or is not managed by AIM. 47 | 48 | ### 503 Service Unavailable 49 | 50 | AIM is currently inactive. 51 | 52 | ## Privileges 53 | 54 | The user needs to have the privilege `cluster:admin:searchguard:aim:policy:instance:retry/post` to access this endpoint. 55 | 56 | This permission is included in the following built-in action groups: 57 | 58 | - SGS_AIM_ALL 59 | - SGS_AIM_POLICY_INSTANCE_MANAGE 60 | -------------------------------------------------------------------------------- /_content/_docs_aim/rest_api_policy_instance_state.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Policy Instance State 3 | html_title: Policy Instance State 4 | permalink: automated-index-management-rest-policy-instance-state 5 | category: aim-rest 6 | order: 410 7 | layout: docs 8 | edition: community 9 | description: Use the state REST API to get a state from a managed index 10 | --- 11 | 12 | 13 | {% include beta_warning.html %} 14 | 15 | # Policy Instance State 16 | {: .no_toc} 17 | 18 | {% include toc.md %} 19 | 20 | ## Endpoint 21 | 22 | ``` 23 | GET /_aim/state/{index_name} 24 | ``` 25 | 26 | Retrieves the state of a managed index. 27 | 28 | ## Path Parameters 29 | 30 | | Parameter | Note | 31 | |----------------|---------------------------| 32 | | `index_name` | Name of the managed index | 33 | 34 | ## Responses 35 | 36 | ### 200 OK 37 | 38 | The requested index exists and is managed by AIM. The response body contains the state in JSON format. 39 | 40 | ### 403 Forbidden 41 | 42 | The user does not have sufficient privileges to access this endpoint. 43 | 44 | ### 404 Not Found 45 | 46 | The requested index does not exist or is not managed by AIM. 47 | 48 | ## Privileges 49 | 50 | The user needs to have the privilege `cluster:admin:searchguard:aim:policy:instance:status/get` to access this endpoint. 51 | 52 | This permission is included in the following built-in action groups: 53 | 54 | - SGS_AIM_ALL 55 | - SGS_AIM_POLICY_INSTANCE_READ 56 | - SGS_AIM_POLICY_INSTANCE_MANAGE 57 | -------------------------------------------------------------------------------- /_content/_docs_aim/rest_api_settings_delete.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Delete Settings 3 | html_title: Put Settings 4 | permalink: automated-index-management-rest-settings-delete 5 | category: aim-rest 6 | order: 422 7 | layout: docs 8 | edition: community 9 | description: Use the put settings REST API to update dynamic AIM settings 10 | --- 11 | 12 | 13 | {% include beta_warning.html %} 14 | 15 | # Delete Settings 16 | {: .no_toc} 17 | 18 | {% include toc.md %} 19 | 20 | ## Endpoint 21 | 22 | ``` 23 | DELETE /_aim/settings/{key} 24 | ``` 25 | 26 | Deletes a setting. AIM will fall back to default configuration for the specified setting. 27 | 28 | ## Path Parameters 29 | 30 | | Parameter | Note | 31 | |-----------|---------------------| 32 | | `key` | Name of the setting | 33 | 34 | ## Responses 35 | 36 | ### 200 OK 37 | 38 | The settings key exists and the user has sufficient privileges to access it. The setting has been deleted. 39 | 40 | ### 403 Forbidden 41 | 42 | The user does not have sufficient privileges to access this endpoint. 43 | 44 | ### 404 Not Found 45 | 46 | The requested settings key does not exist. 47 | 48 | ## Privileges 49 | 50 | The user needs to have the privilege `cluster:admin:searchguard:aim:settings/delete` to access this endpoint. 51 | 52 | This permission is included in the following built-in action groups: 53 | 54 | - SGS_AIM_ALL -------------------------------------------------------------------------------- /_content/_docs_aim/rest_api_settings_get.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Get Settings 3 | html_title: Get Settings 4 | permalink: automated-index-management-rest-settings-get 5 | category: aim-rest 6 | order: 421 7 | layout: docs 8 | edition: community 9 | description: Use the get settings REST API to retrieve dynamic AIM settings 10 | --- 11 | 12 | 13 | {% include beta_warning.html %} 14 | 15 | # Get Settings 16 | {: .no_toc} 17 | 18 | {% include toc.md %} 19 | 20 | ## Endpoint 21 | 22 | ``` 23 | GET /_aim/settings/{key} 24 | ``` 25 | 26 | Retrieves a dynamic setting and includes the current value in the response body. 27 | 28 | ## Path Parameters 29 | 30 | | Parameter | Note | 31 | |-----------|---------------------| 32 | | `key` | Name of the setting | 33 | 34 | ## Responses 35 | 36 | ### 200 OK 37 | 38 | The settings key exists and the user has sufficient privileges to access it. The response body contains the settings value in JSON format. 39 | 40 | ### 403 Forbidden 41 | 42 | The user does not have sufficient privileges to access this endpoint. 43 | 44 | ### 404 Not Found 45 | 46 | The requested setting does not exist. 47 | 48 | ## Privileges 49 | 50 | The user needs to have the privilege `cluster:admin:searchguard:aim:settings/get` to access this endpoint. 51 | 52 | This permission is included in the following built-in action groups: 53 | 54 | - SGS_AIM_ALL -------------------------------------------------------------------------------- /_content/_docs_aim/rest_api_settings_put.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Put Settings 3 | html_title: Put Settings 4 | permalink: automated-index-management-rest-settings-put 5 | category: aim-rest 6 | order: 420 7 | layout: docs 8 | edition: community 9 | description: Use the put settings REST API to update dynamic AIM settings 10 | --- 11 | 12 | 13 | {% include beta_warning.html %} 14 | 15 | # Put Settings 16 | {: .no_toc} 17 | 18 | {% include toc.md %} 19 | 20 | ## Endpoint 21 | 22 | ``` 23 | PUT /_aim/settings/{key} 24 | ``` 25 | 26 | Updates a setting. 27 | 28 | ## Path Parameters 29 | 30 | | Parameter | Note | 31 | |-----------|---------------------| 32 | | `key` | Name of the setting | 33 | 34 | ## Request Body 35 | 36 | The settings value has to be specified in JSON format in the request body. 37 | 38 | ## Responses 39 | 40 | ### 200 OK 41 | 42 | The settings key exists and the user has sufficient privileges to access it. The setting has been updated. 43 | 44 | ### 403 Forbidden 45 | 46 | The user does not have sufficient privileges to access this endpoint. 47 | 48 | ### 404 Not Found 49 | 50 | The requested settings key does not exist. 51 | 52 | ## Example 53 | 54 | ``` 55 | PUT /_aim/settings/execution.delay 56 | "5m" 57 | ``` 58 | 59 | This sets the execution delay setting to 5 minutes (see [settings](settings.md)). 60 | 61 | ## Privileges 62 | 63 | The user needs to have the privilege `cluster:admin:searchguard:aim:settings/put` to access this endpoint. 64 | 65 | This permission is included in the following built-in action groups: 66 | 67 | - SGS_AIM_ALL 68 | -------------------------------------------------------------------------------- /_content/_docs_auth_auth/auth_auth_configuration.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Overview 3 | html_title: Authentication 4 | permalink: authentication-authorization 5 | category: authauth 6 | order: 100 7 | layout: docs 8 | edition: community 9 | description: How to configure, mix and chain authentication and authorization domains for Search Guard. 10 | #resources: 11 | # - "search-guard-presentations#configuration-basics|Search Guard configuration basics (presentation)" 12 | 13 | --- 14 | 17 | # Configuring authentication 18 | {: .no_toc} 19 | 20 | 21 | Search Guard offers you a great variety of different authentication modules and configuration options. 22 | 23 | The basic configuration is often very simple; still, Search Guard offers powerful mechanisms to work with special use-cases and setups. 24 | 25 | You can choose now: 26 | 27 | - Do you want to jump directly to one of the "Quick Start" docs for a particular authentication mode? 28 | - [Password-based authentication](./auth_auth_httpbasic.md) 29 | - [LDAP and Active Directory](../_docs_auth_auth/auth_auth_ldap.md) 30 | - [JWT](../_docs_auth_auth/auth_auth_jwt.md) 31 | - Or do you want to learn more about the [general configuration approach](../_docs_auth_auth/auth_auth_rest_config.md)? 32 | 33 | **Note:** OIDC and SAML based authentication is only available for Kibana. See the documentation on [Kibana authentication](../docs_kibana/kibana_authentication.md) for details. 34 | 35 | 36 | -------------------------------------------------------------------------------- /_content/_docs_auth_auth/auth_auth_httpbasic.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Overview 3 | permalink: http-basic-authorization 4 | category: password-based 5 | order: 100 6 | layout: docs 7 | edition: community 8 | description: How to set up HTTP Basic Authentication on the REST layer of Elasticsearch with Search Guard. 9 | --- 10 | 13 | 14 | # Password-based authentication 15 | {: .no_toc} 16 | 17 | If you want to use a user name and password to log into Elasticsearch, you need to use the `basic` authentication frontend combined with an authentication backend. For the authentication backend, you have the following options: 18 | 19 | * The simplest setup uses the Search Guard **internal users database** as the authentication backend; for this, you just have to define the users. No further configuration is necessary. See the section [internal users database](internalusers.md) for more details on this. 20 | 21 | * If you want to use **Active Directory/LDAP** for authenticating users, you can use the `ldap` authentication backend. This requires a bit more configuration; see the [LDAP and Active Directory docs](../_docs_auth_auth/auth_auth_ldap.md) for more information. 22 | 23 | **Note:** Users of older Search Guard versions might know the `challenge` flag which controls whether Search Guards sends HTTP Basic challenges for unauthenticated requests. The new version of Search Guard is capable of sending multiple challenges at once. Thus, this flag is no longer needed. 24 | 25 | -------------------------------------------------------------------------------- /_content/_docs_auth_auth/auth_auth_jwt_overview.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: JWT 3 | permalink: json-web-tokens-overview 4 | category: authauth 5 | order: 500 6 | layout: docs 7 | subcategory: jwt 8 | edition: enterprise 9 | description: How to configure JSON web tokens (JWT) to implement Single-Sign-On access to your Elasticsearch cluster. 10 | resources: 11 | - "https://search-guard.com/jwt-secure-elasticsearch/|Using JSON web tokens to secure Elasticsearch (blog post)" 12 | - "https://jwt.io/|jwt.io - useful tools for generating and validating JWT (website)" 13 | 14 | --- 15 | 18 | 19 | # Using JSON web tokens for Elasticsearch access control 20 | {: .no_toc} 21 | -------------------------------------------------------------------------------- /_content/_docs_auth_auth/auth_auth_ldap_overview.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Active Directory and LDAP 3 | html_title: Active Directory and LDAP 4 | permalink: active-directory-ldap-overview 5 | category: authauth 6 | subcategory: ldap 7 | order: 300 8 | layout: docs 9 | description: Use Search Guard's Active Directory and LDAP module to protect your Elasticsearch cluster against unauthorized access. 10 | --- 11 | 14 | 15 | # Active Directory and LDAP 16 | {: .no_toc} 17 | 18 | {% include toc.md %} 19 | 20 | 21 | ## Where to go next 22 | 23 | * Configure the [connection settings](../_docs_auth_auth/auth_auth_ldap_connection_settings.md) for your Active Directory or LDAP server 24 | * Use Active Directory and LDAP for [user authentication](../_docs_auth_auth/auth_auth_ldap_authentication.md). 25 | * Use Active Directory and LDAP for [user authorization](../_docs_auth_auth/auth_auth_ldap_authorisation.md). 26 | -------------------------------------------------------------------------------- /_content/_docs_auth_auth/auth_auth_password_based.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Password-based authentication 3 | permalink: password-based-auth 4 | category: authauth 5 | subcategory: password-based 6 | order: 200 7 | layout: docs 8 | edition: community 9 | description: How to set up HTTP Basic Authentication on the REST layer of Elasticsearch with Search Guard. 10 | --- 11 | -------------------------------------------------------------------------------- /_content/_docs_auth_auth/auth_auth_proxy_overview.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Proxy authentication 3 | permalink: proxy-authentication-overview 4 | category: authauth 5 | subcategory: proxy 6 | order: 800 7 | layout: docs 8 | edition: community 9 | description: Use Search Guard's Proxy authentication feature to connect Elasticsearch to any third-party identity provider. 10 | --- 11 | 14 | 15 | # Proxy based authentication 16 | {: .no_toc} 17 | 18 | {% include toc.md %} 19 | 20 | The proxy based authentication enables you to use a single sign on (SSO) solution - which you might already have - instead of the Search Guard authentication backend. 21 | 22 | Most of these solutions work as a proxy in front of Elasticsearch. Usually the request is routed to the SSO proxy first. The SSO proxy authenticates the user. If authentication succeeds, the (verified) username and its (verified) roles are set in HTTP header fields. The names of these fields are dependent on the SSO solution you have in place. 23 | -------------------------------------------------------------------------------- /_content/_docs_auth_auth/auth_auth_rest_config_overview.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: General configuration 3 | html_title: Authentication Configuration 4 | permalink: authentication-authorization-configuration-overview 5 | category: authauth 6 | subcategory: sg_authc 7 | order: 150 8 | layout: docs 9 | edition: community 10 | description: How to configure, mix and chain authentication and authorization domains for Search Guard. 11 | resources: 12 | - "search-guard-presentations#configuration-basics|Search Guard configuration basics (presentation)" 13 | 14 | --- 15 | 18 | -------------------------------------------------------------------------------- /_content/_docs_configuration_changes/configuration_sgctl.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Using sgctl 3 | permalink: sgctl-overview 4 | category: configuration 5 | subcategory: sgctl 6 | order: 100 7 | layout: docs 8 | edition: community 9 | index: false 10 | description: Use the powerful and easy-to-use sgctl command line tool to manage and configure everything in Search Guard. 11 | --- 12 | 15 | 16 | # Using sgctl to configure Search Guard 17 | {: .no_toc} 18 | 19 | {% include toc.md %} 20 | 21 | The Search Guard configuration for an Elasticsearch cluster can be managed by either using sgctl, the [REST API](rest-api) or the [Search Guard config UI](configuration-gui). 22 | 23 | -------------------------------------------------------------------------------- /_content/_docs_configuration_changes/configuration_sgctl_system_administration.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: System Administration 3 | permalink: sgctl-system-administration 4 | category: sgctl 5 | order: 300 6 | layout: docs 7 | edition: community 8 | description: sgctl offers some handy and powerful tools for administering a Search Guard secured Elasticsearch custer 9 | --- 10 | 11 | 14 | 15 | # System administration 16 | {: .no_toc} 17 | 18 | {% include toc.md %} 19 | 20 | sgctl offers some handy and powerful switches for administering a Search Guard secured Elasticsearch custer. 21 | 22 | ## Cache invalidation 23 | 24 | Search Guard by default caches authenticated users and their roles and permissions for one hour. You can invalidate the cache by reloading the Search Guard configuration: 25 | 26 | ```bash 27 | ./sgctl.sh rest DELETE /_searchguard/api/cache 28 | ``` 29 | 30 | ## Rescue tools 31 | 32 | Enable shard allocation and exit. May be useful if you disabled shard allocation while performing a full cluster restart, and you need to recreate the Search Guard index. 33 | ```bash 34 | ./sgctl.sh rest PUT _cluster/settings --json='{"persistent": { "cluster.routing.allocation.enable": null}}' 35 | ``` 36 | 37 | 38 | 39 | 40 | -------------------------------------------------------------------------------- /_content/_docs_configuration_changes/kibana_gui_add_index.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_docs_configuration_changes/kibana_gui_add_index.png -------------------------------------------------------------------------------- /_content/_docs_configuration_changes/kibana_gui_auth.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_docs_configuration_changes/kibana_gui_auth.png -------------------------------------------------------------------------------- /_content/_docs_configuration_changes/kibana_gui_dlsfls.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_docs_configuration_changes/kibana_gui_dlsfls.png -------------------------------------------------------------------------------- /_content/_docs_configuration_changes/kibana_gui_edit_clone_delete.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_docs_configuration_changes/kibana_gui_edit_clone_delete.png -------------------------------------------------------------------------------- /_content/_docs_configuration_changes/kibana_gui_filterbar.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_docs_configuration_changes/kibana_gui_filterbar.png -------------------------------------------------------------------------------- /_content/_docs_configuration_changes/kibana_gui_license.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_docs_configuration_changes/kibana_gui_license.png -------------------------------------------------------------------------------- /_content/_docs_configuration_changes/kibana_gui_list.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_docs_configuration_changes/kibana_gui_list.png -------------------------------------------------------------------------------- /_content/_docs_configuration_changes/kibana_gui_main.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_docs_configuration_changes/kibana_gui_main.png -------------------------------------------------------------------------------- /_content/_docs_configuration_changes/kibana_gui_nav.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_docs_configuration_changes/kibana_gui_nav.png -------------------------------------------------------------------------------- /_content/_docs_configuration_changes/kibana_gui_permissions.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_docs_configuration_changes/kibana_gui_permissions.png -------------------------------------------------------------------------------- /_content/_docs_configuration_changes/kibana_gui_reserved.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_docs_configuration_changes/kibana_gui_reserved.png -------------------------------------------------------------------------------- /_content/_docs_configuration_changes/kibana_gui_tenants.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_docs_configuration_changes/kibana_gui_tenants.png -------------------------------------------------------------------------------- /_content/_docs_configuration_changes/kibana_index_level_permissions.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_docs_configuration_changes/kibana_index_level_permissions.png -------------------------------------------------------------------------------- /_content/_docs_configuration_changes/search_guard_index.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_docs_configuration_changes/search_guard_index.png -------------------------------------------------------------------------------- /_content/_docs_dls_fls/dlsfls_dls_index.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Document-level security 3 | html_title: Document-level security 4 | permalink: document-level-security-index 5 | category: dlsfls 6 | subcategory: dls 7 | order: 100 8 | layout: docs 9 | edition: enterprise 10 | description: Use Document- and Field-Level Security to implement fine grained access control to documents and fields in your Elasticsearch cluster. 11 | resources: 12 | - "search-guard-presentations#dls-fls|Document- and Field-level security (presentation)" 13 | - https://search-guard.com/document-field-level-security-search-guard/|Document- and field-level security with Search Guard (blog post) 14 | - https://search-guard.com/attribute-based-document-access/|Attribute based document access (blog post) 15 | 16 | --- 17 | 20 | 21 | -------------------------------------------------------------------------------- /_content/_docs_elasticstack/elasticstack_alerting.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: X-Pack Alerting 3 | permalink: search-guard-xpack-alerting 4 | category: elasticstack 5 | order: 700 6 | layout: docs 7 | edition: community 8 | description: How to configure Search Guard to integrate with the X-Pack Alerting for Elasticsearch 9 | --- 10 | 13 | # Using Search Guard with X-Pack Alerting 14 | {: .no_toc} 15 | 16 | {% include toc.md %} 17 | 18 | Search Guard provides [**free Alerting for Elasticsearch**](elasticsearch-alerting-getting-started), perfectly integrated with all security features. 19 | {: .note .js-note .note-info} 20 | 21 | 22 | Search Guard is compatible with the X-Pack Alerting component. 23 | 24 | This documentation assumes that you already installed and configured Kibana and the [Search Guard Kibana](../_docs_kibana/kibana_installation.md) plugin. 25 | 26 | ## Elasticsearch: Enable Alerting 27 | 28 | In `elasticsearch.yml`, disable X-Pack Security and enable X-Pack Alerting: 29 | 30 | ```yaml 31 | xpack.security.enabled: false 32 | xpack.watcher.enabled: true 33 | ... 34 | ``` 35 | 36 | ## Elasticsearch: Add the alerting user 37 | 38 | For using X-Pack Alerting, the respective user must have the built-in `SGS_XP_ALERTING` and `SGS_KIBANA_USER` role assigned. 39 | 40 | ## Kibana: Enable X-Pack Alerting 41 | 42 | In `kibana.yml`, disable X-Pack Security and enable X-Pack Alerting: 43 | 44 | 45 | ```yaml 46 | xpack.security.enabled: false 47 | xpack.watcher.enabled: true 48 | ... 49 | ``` 50 | 51 | {% include es8_migration_note.html deprecated_properties="xpack.security.enabled, xpack.watcher.enabled" %} 52 | -------------------------------------------------------------------------------- /_content/_docs_elasticstack/elasticstack_alternatives.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: X-Pack Alternatives 3 | permalink: search-guard-xpack-alternatives 4 | category: elasticstack 5 | subcategory: elasticstack-alternatives 6 | order: 1000 7 | layout: docs 8 | edition: community 9 | description: A list of free alternatives for the commercial X-Pack Elasticsearch plugins. 10 | --- 11 | 14 | # X-Pack Alternatives -------------------------------------------------------------------------------- /_content/_docs_elasticstack/elasticstack_machine_learning.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: X-Pack Machine Learning 3 | permalink: search-guard-xpack-machine-learning 4 | category: elasticstack 5 | order: 800 6 | layout: docs 7 | edition: community 8 | description: How to configure Search Guard to integrate with the X-Pack Machine Learning for Elasticsearch 9 | --- 10 | 13 | # Using Search Guard with X-Pack Machine Learning 14 | {: .no_toc} 15 | 16 | {% include toc.md %} 17 | 18 | Search Guard is compatible with the X-Pack Machine Learning component. 19 | 20 | This documentation assumes that you already installed and configured Kibana and the [Search Guard Kibana](../_docs_kibana/kibana_installation.md) plugin. 21 | 22 | ## Elasticsearch: Enable Machine Learning 23 | 24 | In `elasticsearch.yml`, disable X-Pack Security and enable X-Pack Machine Learning: 25 | 26 | ```yaml 27 | xpack.security.enabled: false 28 | xpack.ml.enabled: true 29 | ... 30 | ``` 31 | 32 | ## Elasticsearch: Add the machine learning user 33 | 34 | For using X-Pack Machine learning, the respective user must have the built-in `SGS_XP_MACHINE_LEARNING` and `SGS_KIBANA_USER` role assigned. 35 | 36 | ## Kibana: Enable X-Pack Machine Learning 37 | 38 | In `kibana.yml`, disable X-Pack Security and enable X-Pack Machine Learning: 39 | 40 | ``` 41 | xpack.security.enabled: false 42 | xpack.ml.enabled: true 43 | ... 44 | ``` 45 | 46 | {% include es8_migration_note.html deprecated_properties="xpack.security.enabled, xpack.ml.enabled" %} 47 | -------------------------------------------------------------------------------- /_content/_docs_installation/sg53_migration.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Overview 3 | html_title: Migrating older SG authentication configuration 4 | permalink: sg-classic-config-migration 5 | category: kibana-authentication-migration-overview 6 | order: 100 7 | layout: docs 8 | edition: community 9 | description: How to migrate older Kibana authentication configurations to sg_frontend_authc.yml 10 | --- 11 | 14 | 15 | # Migrating from Search Guard 53 and before 16 | {: .no_toc} 17 | 18 | If you have an existing cluster running Search Guard 53 or earlier, you need to migrate your configuration. 19 | 20 | The easiest way to do so is to use the `sgctl` command which can automatically convert most configurations. We provide you the necessary instructions to perform the update in the following sections: 21 | 22 | **[Quick Start](sg53_migration_quick.md):** If you want to quickly shoot up a new test cluster using a migrated configuration, follow this guide. 23 | 24 | **[Production Cluster](sg53_migration_prod.md):** If you are running a production cluster and must achieve a migration without an outage, you have to follow a specific update sequence. 25 | 26 | 27 | ## Advanced Topics 28 | 29 | For some advanced configurations, automatic conversion might be not available. 30 | 31 | **[Feature Map](sg53_migration_feature_map.md):** For reference, we provide you an overview which describes how the classic authentication features map to the new authentication features. -------------------------------------------------------------------------------- /_content/_docs_installation/sg53_migration_overview.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Migrating to FLX 3 | html_title: Migrating from older Search Guard versions to FLX 4 | permalink: sg-classic-config-migration-overview 5 | category: installation 6 | subcategory: kibana-authentication-migration-overview 7 | order: 800 8 | layout: docs 9 | edition: community 10 | description: How to migrate older Search Guard authentication configurations 11 | --- 12 | 15 | 16 | # Migrating from Search Guard 53 and before to Search Guard FLX 17 | {: .no_toc} 18 | 19 | If you have an existing cluster running Search Guard 53 or earlier, you need to migrate your configuration. 20 | 21 | The easiest way to do so is to use the `sgctl` command which can automatically convert most configurations. We provide you the necessary instructions to perform the update in the following sections: 22 | 23 | **[Quick Start](sg53_migration_quick.md):** If you want to quickly shoot up a new test cluster using a migrated configuration, follow this guide. 24 | 25 | **[Production Cluster](sg53_migration_prod.md):** If you are running a production cluster and must achieve a migration without an outage, you have to follow a specific update sequence. 26 | 27 | 28 | ## Advanced Topics 29 | 30 | For some advanced configurations, automatic conversion might be not available. 31 | 32 | **[Feature Map](sg53_migration_feature_map.md):** For reference, we provide you an overview which describes how the classic authentication features map to the new authentication features. 33 | 34 | -------------------------------------------------------------------------------- /_content/_docs_kibana/Kibana_login.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_docs_kibana/Kibana_login.png -------------------------------------------------------------------------------- /_content/_docs_kibana/kibana.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Kibana 3 | html_title: Kibana Plugin 4 | slug: kibana-search-guard 5 | category: esstack 6 | subcategory: kibana 7 | order: 100 8 | layout: docs 9 | description: How to install the Search Guard Kibana plugin which adds authentication, multi tenany and the configuration GUI. 10 | --- 11 | -------------------------------------------------------------------------------- /_content/_docs_kibana/kibana_advanced.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Advanced Topics 3 | html_title: Kibana Advanced Topics 4 | slug: kibana-advanced 5 | category: kibana 6 | subcategory: kibana-advanced 7 | order: 1000 8 | layout: docs 9 | --- 10 | 13 | -------------------------------------------------------------------------------- /_content/_docs_kibana/kibana_auth_exception.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_docs_kibana/kibana_auth_exception.png -------------------------------------------------------------------------------- /_content/_docs_kibana/kibana_authentication.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Authentication 3 | html_title: Kibana Authentication 4 | slug: kibana-authentication 5 | category: kibana 6 | subcategory: kibana-authentication 7 | order: 200 8 | layout: docs 9 | edition: community 10 | description: Use the Search Guard Kibana plugin to add authentication and session management to Kibana. 11 | --- 12 | 15 | 16 | # Kibana authentication 17 | 18 | Search Guard protects Kibana by adding authentication and authorization. You can use nearly all features that Search Guard provides for Elasticsearch also for Kibana. 19 | 20 | In addition, Search Guard adds multi-tenancy to Kibana which makes it possible to store saved objects like dashboards and visualizations by tenant. Tenants can be configured per role. 21 | 22 | ## Installation 23 | 24 | Please refer to the [Kibana plugin installation](kibana_installation.md) guide. 25 | 26 | ## Authentication 27 | 28 | The Search Guard Kibana plugin supports the following authentication types: 29 | 30 | * [HTTP Basic Authentication](kibana_authentication_basicauth.md) 31 | * [Proxy Authentication](kibana_authentication_proxy.md) 32 | * [JSON web tokens](kibana_authentication_jwt.md) 33 | * [OpenID Connect](kibana_authentication_openid.md) 34 | * [SAML](kibana_authentication_saml.md) 35 | * [Kerberos](kibana_authentication_kerberos.md) 36 | * [Anonymous Authentication](kibana_authentication_anonymous.md) 37 | 38 | ## Multi-Tenancy 39 | 40 | Please refer to the [Multi-Tenancy](kibana_multitenancy.md) guide. -------------------------------------------------------------------------------- /_content/_docs_kibana/kibana_authentication_basicauth_overview.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Password based authentication 3 | html_title: Username/password based authentication for Kibana 4 | slug: kibana-authentication-http-basic-overview 5 | category: kibana-authentication 6 | subcategory: kibana-authentication-basic-overview 7 | order: 200 8 | layout: docs 9 | edition: community 10 | description: How to configure Kibana for Username/password based authentication. Secure Kibana access with a login screen. 11 | --- 12 | 15 | 16 | # Password-based authentication for Kibana 17 | {: .no_toc} 18 | 19 | -------------------------------------------------------------------------------- /_content/_docs_kibana/kibana_authentication_debug.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_docs_kibana/kibana_authentication_debug.png -------------------------------------------------------------------------------- /_content/_docs_kibana/kibana_authentication_openid_overview.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: OIDC 3 | html_title: Kibana OpenID 4 | permalink: kibana-authentication-openid-overview 5 | category: kibana-authentication 6 | subcategory: kibana-authentication-openid-overview 7 | order: 210 8 | layout: docs 9 | edition: enterprise 10 | 11 | --- 12 | 15 | 16 | # Kibana OpenID Connect Authentication 17 | 18 | -------------------------------------------------------------------------------- /_content/_docs_kibana/kibana_authentication_saml_overview.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: SAML 3 | html_title: Kibana SAML 4 | permalink: kibana-authentication-saml-overview 5 | category: kibana-authentication 6 | subcategory: kibana-authentication-saml-overview 7 | order: 220 8 | layout: docs 9 | edition: enterprise 10 | description: How to configure Kibana for SAML Single Sign On authentication and IdP integrations. 11 | resources: 12 | - "https://search-guard.com/kibana-elasticsearch-saml/|Using SAML for Kibana Single Sign-On (blogpost)" 13 | 14 | 15 | --- 16 | 19 | 20 | # Kibana SAML authentication 21 | -------------------------------------------------------------------------------- /_content/_docs_kibana/kibana_authentication_troubleshooting.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Troubleshooting 3 | html_title: Authentication Troubleshooting 4 | permalink: kibana-authentication-troubleshooting 5 | category: kibana-authentication 6 | order: 1000 7 | layout: docs 8 | edition: community 9 | description: What to do when things do not work as they are supposed to 10 | --- 11 | 14 | 15 | # Kibana Authentication Troubleshooting 16 | {: .no_toc} 17 | 18 | In case you encounter problems with authentication in Kibana, you can use a special configuration option to display useful debugging information while logging in. 19 | 20 | To do so, use the following command: 21 | 22 | ``` 23 | $ ./sgctl.sh set frontend_config debug --true 24 | ``` 25 | 26 | **Important:** Be aware that this might expose sensitive information to all users which can access the cluster. Don't use this on production clusters. 27 | 28 | After having activated the configuration, open Kibana in your browser and try to log in. If you encounter a login failure, you should see more detailed information about the login process. This can look like this: 29 | 30 | 31 | ![Login page with authentication failure and debug information](kibana_authentication_debug.png) 32 | 33 | 34 | 35 | -------------------------------------------------------------------------------- /_content/_docs_kibana/kibana_basic_auth.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_docs_kibana/kibana_basic_auth.png -------------------------------------------------------------------------------- /_content/_docs_kibana/kibana_customize_login.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_docs_kibana/kibana_customize_login.jpg -------------------------------------------------------------------------------- /_content/_docs_kibana/kibana_customize_login.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Customizing the login page 3 | html_title: Customizing the Search Guard Kibana Plugin login page 4 | permalink: kibana-login-customizing 5 | category: kibana-authentication-basic-overview 6 | order: 250 7 | layout: docs 8 | edition: community 9 | description: How to customize the Kibana login page with your own logo, corporate identity and messages. 10 | --- 11 | 14 | 15 | # Customizing the login page 16 | {: .no_toc} 17 | 18 | You can fully customize the login page to adapt it to your needs. Per default, the login page shows the following elements: 19 | 20 |

21 | 23 |

24 | 25 | You can use `sg_frontend_authc` to customize the login page. Such a configuration can look like this: 26 | 27 | ```yaml 28 | default: 29 | login_page: 30 | brand_image: "https://mycompany.example.com/mylogo.png" 31 | title: "Hello!" 32 | button_style: "background-color: green" 33 | authcz: 34 | - type: basic 35 | ``` 36 | 37 | These options are available: 38 | 39 | **login_page.brand_image:** An absolute URL to your brand image. 40 | 41 | **login_page.show_brand_image:** Set this to `false` when you want to have no brand image at all on the login page. 42 | 43 | **login_page.title:** Title of the login page. Can contain HTML tags. 44 | 45 | **login_page.button_style:** Style attribute of the login button. 46 | -------------------------------------------------------------------------------- /_content/_docs_kibana/kibana_filter_roles.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_docs_kibana/kibana_filter_roles.png -------------------------------------------------------------------------------- /_content/_docs_kibana/kibana_in_iframe.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Kibana in IFrame 3 | html_title: Kibana in IFrame 4 | permalink: kibana-in-iframe 5 | category: kibana-advanced 6 | order: 200 7 | layout: docs 8 | edition: community 9 | description: How to run Kibana powered by SearchGuard in an iframe on a third party website. 10 | --- 11 | 14 | 15 | # Kibana in IFrame 16 | {: .no_toc} 17 | 18 | {% include toc.md %} 19 | 20 | Web browsers changed the default behavior for cookies so that: 21 | 22 | * Cookies without a `SameSite` attribute are treated as `SameSite=Lax`. 23 | * Cookies for cross-site usage must specify `SameSite=None; Secure` to include third party content. 24 | 25 | It means that Kibana can't be accessed via an iframe on a third party web site by default. The cookies at the Kibana side must be configured to add `SameSite=None; Secure` attributes. 26 | 27 | ## Kibana configuration 28 | 29 | **kibana.yml** 30 | ```yaml 31 | searchguard: 32 | cookie: 33 | secure: true 34 | isSameSite: None 35 | ``` 36 | 37 | ## References 38 | 39 | [Reject insecure SameSite=None cookies](https://www.chromestatus.com/feature/5633521622188032){:target="_blank"} 40 | 41 | [Temporarily rolling back SameSite Cookie Changes](https://blog.chromium.org/2020/04/temporarily-rolling-back-samesite.html){:target="_blank"} 42 | 43 | [SameSite cookies explained](https://web.dev/samesite-cookies-explained/){:target="_blank"} 44 | 45 | [Incrementally Better Cookies](https://tools.ietf.org/html/draft-west-cookie-incrementalism-00){:target="_blank"} 46 | 47 | -------------------------------------------------------------------------------- /_content/_docs_kibana/kibana_main_screen.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_docs_kibana/kibana_main_screen.png -------------------------------------------------------------------------------- /_content/_docs_kibana/kibana_mt_nav.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_docs_kibana/kibana_mt_nav.png -------------------------------------------------------------------------------- /_content/_docs_kibana/kibana_multi_login.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_docs_kibana/kibana_multi_login.png -------------------------------------------------------------------------------- /_content/_docs_kibana/kibana_read_only.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Read Only mode 3 | html_title: Kibana Read Only mode 4 | permalink: kibana-read-only 5 | category: kibana 6 | order: 400 7 | layout: docs 8 | edition: enterprise 9 | description: Use the Kibana read only mode to give users access to dashboards, but prevent them from accessing anything else. 10 | --- 11 | 12 | # Read only mode 13 | {: .no_toc} 14 | 15 | {% include toc.md %} 16 | 17 | Search Guard provides a read only mode for Kibana. When a user is assigned to this mode, only the dashboards and, if configured, the Multi-Tenancy navigation entries are accessible. 18 | 19 | Thus, a user can view already configured dashboards and change tenants, but is not able to use any other functionalities of Kibana. 20 | 21 | ## Defining read only roles 22 | 23 | The Kibana read only mode is based on the Search Guard roles of a user: 24 | 25 | If a user is assigned to one or more configured *read only roles*, the Kibana read only mode is activated automatically upon login. 26 | 27 | Use the following entry in `kibana.yml` to configure the read only roles: 28 | 29 | ``` 30 | searchguard.readonly_mode.roles: ["sg_read_only_1", "sg_read_only_2", ...] 31 | ``` 32 | 33 | If a Search Guard user has either the role `sg_read_only_1` or `sg_read_only_2`, the Kibana read only mode is activated. 34 | 35 | ## Read only mode: effects 36 | 37 | In read only mode: 38 | 39 | * Only the Dashboard application is accessible 40 | * Only the Dashboard and (if configured) the Multi-Tenancy links are visible 41 | * The controls to create, edit and delete dashboards are hidden 42 | * All tenants are switched to read only automatically -------------------------------------------------------------------------------- /_content/_docs_kibana/kibana_select_tenants.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_docs_kibana/kibana_select_tenants.png -------------------------------------------------------------------------------- /_content/_docs_kibana/saml_roles_keycloak.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_docs_kibana/saml_roles_keycloak.png -------------------------------------------------------------------------------- /_content/_docs_kibana/saml_roles_okta.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_docs_kibana/saml_roles_okta.png -------------------------------------------------------------------------------- /_content/_docs_kibana/saml_sign_documents_keycloak.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_docs_kibana/saml_sign_documents_keycloak.png -------------------------------------------------------------------------------- /_content/_docs_kibana/saml_sp_acs_okta.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_docs_kibana/saml_sp_acs_okta.png -------------------------------------------------------------------------------- /_content/_docs_kibana/saml_sp_entity_keycloak.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_docs_kibana/saml_sp_entity_keycloak.png -------------------------------------------------------------------------------- /_content/_docs_kibana/saml_sp_entity_okta.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_docs_kibana/saml_sp_entity_okta.png -------------------------------------------------------------------------------- /_content/_docs_other_integrations/grafana.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_docs_other_integrations/grafana.png -------------------------------------------------------------------------------- /_content/_docs_other_integrations/grafana_basicauth.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_docs_other_integrations/grafana_basicauth.png -------------------------------------------------------------------------------- /_content/_docs_other_integrations/grafana_client_authentication.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_docs_other_integrations/grafana_client_authentication.png -------------------------------------------------------------------------------- /_content/_docs_other_integrations/grafana_https.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_docs_other_integrations/grafana_https.png -------------------------------------------------------------------------------- /_content/_docs_other_integrations/grafana_root_ca.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_docs_other_integrations/grafana_root_ca.png -------------------------------------------------------------------------------- /_content/_docs_quickstart/authentication_flow.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_docs_quickstart/authentication_flow.png -------------------------------------------------------------------------------- /_content/_docs_quickstart/guided_tour.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: "Guided Tour: Search Guard Basics" 3 | html_title: Guided Tour 4 | permalink: first_steps 5 | category: quickstart 6 | subcategory: first_steps 7 | order: 400 8 | layout: docs 9 | edition: community 10 | --- 11 | 12 | 13 | 14 | # Guided Tour: Search Guard Basics 15 | {: .no_toc} 16 | -------------------------------------------------------------------------------- /_content/_docs_quickstart/kibana_access_control_indices.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_docs_quickstart/kibana_access_control_indices.png -------------------------------------------------------------------------------- /_content/_docs_quickstart/kibana_login_screen.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_docs_quickstart/kibana_login_screen.png -------------------------------------------------------------------------------- /_content/_docs_quickstart/role_mapping_general.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_docs_quickstart/role_mapping_general.png -------------------------------------------------------------------------------- /_content/_docs_quickstart/rolemapping.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_docs_quickstart/rolemapping.png -------------------------------------------------------------------------------- /_content/_docs_rest_api/restapi_api_cache.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Cache API 3 | html_title: Cache API 4 | permalink: rest-api-cache 5 | category: restapi 6 | order: 500 7 | layout: docs 8 | edition: enterprise 9 | description: How to use the cache REST API endpoint to flush the Search Guard cache. 10 | --- 11 | 14 | 15 | # Cache API 16 | {: .no_toc} 17 | 18 | {% include toc.md %} 19 | 20 | Used to manage the Search Guard internal user, authentication and authorization cache. 21 | 22 | ## Endpoint 23 | 24 | ``` 25 | /_searchguard/api/cache 26 | ``` 27 | 28 | ## DELETE 29 | 30 | ``` 31 | DELETE /_searchguard/api/cache 32 | ``` 33 | 34 | Flushes the Search Guard cache. 35 | 36 | ```json 37 | { 38 | "status":"OK", 39 | "message":"Cache flushed successfully." 40 | } 41 | ``` 42 | -------------------------------------------------------------------------------- /_content/_docs_rest_api/restapi_api_license.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: License API 3 | html_title: License API 4 | permalink: rest-api-license 5 | category: restapi 6 | order: 480 7 | layout: docs 8 | edition: enterprise 9 | description: How to use the license REST API endpoints to retrieve and apply a Search Guard license. 10 | --- 11 | 12 | # License API 13 | {: .no_toc} 14 | 15 | {% include toc.md %} 16 | 17 | Used to retrieve and update the Search Guard license. 18 | 19 | ## Endpoint 20 | 21 | ``` 22 | /_searchguard/api/license/ 23 | ``` 24 | 25 | ## GET 26 | 27 | ``` 28 | GET /_searchguard/api/license/ 29 | ``` 30 | Returns the currently installed license in JSON format. 31 | 32 | ## PUT 33 | 34 | ``` 35 | PUT /_searchguard/api/license/ 36 | ``` 37 | 38 | Validates and replaces the currently active Search Guard license. Invalid (e.g. expired) licenses are rejected. 39 | 40 | ```json 41 | PUT /_searchguard/api/license/ 42 | { 43 | "sg_license": 44 | } 45 | ``` -------------------------------------------------------------------------------- /_content/_docs_signals/advanced_topics: -------------------------------------------------------------------------------- 1 | --- 2 | title: Advanced Topics 3 | html_title: Advanced Topics 4 | permalink: elasticsearch-alerting-advanced-topics 5 | category: signals 6 | subcategory: advanced-topics 7 | order: 1200 8 | layout: docs 9 | edition: community 10 | canonical: elasticsearch-alerting-advanced-topics 11 | description: Advanced topics for Signals, the Alerting solution for Elasticsearch and Kibana 12 | --- -------------------------------------------------------------------------------- /_content/_docs_signals/advanced_topics_watch_overview.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Watch overview page query params 3 | html_title: Watch overview page query params 4 | permalink: elasticsearch-alerting-watch-overview-parameters 5 | category: advanced-topics 6 | order: 100 7 | layout: docs 8 | edition: community 9 | description: How to use query parameters to change 10 | --- 11 | 12 | Filtering and Sorting Watches in Kibana 13 | 14 | Introduced in Search Guard FLX 1.1.0 15 | {: .available-since} 16 | 17 | The Signals Kibana UI provides an overview page for watches. The filter, sorting and pagination of this page can be controlled with URL params. 18 | 19 | ``` 20 | Example: ?query=ticket&pageIndex=0&pageSize=10&sortField=status&sortDirection=asc 21 | ``` 22 | 23 | 24 | | Parameter | Description | 25 | |---|-------------------------------------------------| 26 | | query | A filter expression to filter the watches table | 27 | | pageIndex | The pagination position | 28 | | pageSize | The number of displayed watches per page | 29 | | sortField | The attribute to sort by | 30 | | sortDirection | The sort directions, either asc or desc | 31 | {: .config-table} -------------------------------------------------------------------------------- /_content/_docs_signals/inputs.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Inputs 3 | html_title: Alerting Data Input 4 | permalink: elasticsearch-alerting-inputs 5 | category: signals 6 | subcategory: inputs 7 | order: 400 8 | layout: docs 9 | edition: community 10 | canonical: elasticsearch-alerting-inputs-overview 11 | description: Signals Alerting for Elasticsearch offers multiple data inputs like Elasticsearch queries and HTTP endpoints. 12 | --- 13 | 14 | 15 | 16 | # Inputs 17 | {: .no_toc} 18 | 19 | Each watch can have one or more inputs. Inputs can be freely defined anywhere in the execution chain. 20 | 21 | Each input will fetch data from a data source, and place it in the runtime data context under a configurable key for later usage. 22 | 23 | At the moment, Signals supports the following input types: 24 | 25 | * [Constants](inputs_static.md) 26 | * Define constants you can then use at multiple places in the execution chain 27 | * [Elasticsearch](inputs_elasticsearch.md) 28 | * Use the full power of Elasticsearch queries and aggregations 29 | * [HTTP](inputs_http.md) 30 | * Pull in data from a REST endpoint 31 | 32 | All data from all inputs can be combined by using [Transformation](transformations_transformations.md) and [Calculations](transformations_calculations.md), used in [Conditions](conditions.md) and pushed to [action endpoints](actions.md). 33 | 34 | -------------------------------------------------------------------------------- /_content/_docs_signals/inputs_overview.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Inputs Overview 3 | html_title: Inputs Overview 4 | permalink: elasticsearch-alerting-inputs-overview 5 | category: inputs 6 | order: 0 7 | layout: docs 8 | edition: community 9 | description: In Signals Alerting for Elasticsearch, each watch can have one or more data inputs that collect data for further processing. 10 | --- 11 | 12 | 13 | 14 | # Inputs 15 | {: .no_toc} 16 | 17 | Each watch can have one or more inputs. Inputs can be freely defined anywhere in the execution chain. 18 | 19 | Each input will fetch data from a data source, and place it in the runtime data context under a configurable key for later usage. 20 | 21 | At the moment, Signals supports the following input types: 22 | 23 | * [Static](inputs_static.md) 24 | * Define constants you can then use at multiple places in the execution chain 25 | * [Elasticsearch](inputs_elasticsearch.md) 26 | * Use the full power of Elasticsearch queries and aggregations 27 | * [HTTP](inputs_http.md) 28 | * Pull in data from a REST endpoint 29 | 30 | All data from all inputs can be combined by using [Transformation](transformations_transformations.md) and [Calculations](transformations_calculations.md), used in [Conditions](conditions.md) and pushed to [action endpoints](actions.md). 31 | 32 | -------------------------------------------------------------------------------- /_content/_docs_signals/rest_api_account_delete.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Delete Account 3 | html_title: Delete Account 4 | permalink: elasticsearch-alerting-rest-api-account-delete 5 | category: signals-rest 6 | order: 820 7 | layout: docs 8 | edition: community 9 | description: Use the Delete REST API endpoint to remove PagerDuty, Email, Slack and Webhook connectors by ID. 10 | --- 11 | 12 | 13 | 14 | # Delete Account 15 | {: .no_toc} 16 | 17 | {% include toc.md %} 18 | 19 | 20 | ## Endpoint 21 | 22 | ``` 23 | DELETE /_signals/account/{account_type}/{account_id} 24 | ``` 25 | 26 | Deletes the account of type `{account_type}` identified by the `{account_id}` path parameter. 27 | 28 | 29 | ## Path Parameters 30 | 31 | **{account_type}** The type of the account to be deleted. Required. 32 | 33 | **{account_id}** The id of the account to be deleted. Required. 34 | 35 | ## Responses 36 | 37 | ### 200 OK 38 | 39 | The account was successfully deleted. 40 | 41 | ### 403 Forbidden 42 | 43 | The user does not have the permission to delete accounts. 44 | 45 | ### 404 Not found 46 | 47 | An account with the given id does not exist. 48 | 49 | ### 409 Conflict 50 | 51 | The account is still used by a watch 52 | 53 | ## Permissions 54 | 55 | For being able to access the endpoint, the user needs to have the privilege `cluster:admin:searchguard:signals:account/delete` . 56 | 57 | This permission is included in the following [built-in action groups](security_permissions.md): 58 | 59 | * SGS\_SIGNALS\_ACCOUNT\_MANAGE 60 | 61 | ## Examples 62 | 63 | ``` 64 | DELETE /_signals/account/slack/my_account 65 | ``` 66 | 67 | 68 | **Response** 69 | 70 | ``` 71 | 200 OK 72 | ``` 73 | -------------------------------------------------------------------------------- /_content/_docs_signals/rest_api_proxy_delete.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Delete proxy 3 | html_title: Delete proxy 4 | permalink: elasticsearch-alerting-rest-api-proxy-delete 5 | category: signals-rest 6 | order: 858 7 | layout: docs 8 | edition: community 9 | description: Use to delete proxy by id 10 | --- 11 | 12 | 13 | 14 | # Delete proxy 15 | {: .no_toc} 16 | 17 | {% include toc.md %} 18 | 19 | 20 | ``` 21 | DELETE /_signals/proxies/{proxy-id} 22 | ``` 23 | 24 | Delete the proxy with the provided id. 25 | 26 | 27 | ## Responses 28 | 29 | ### 200 OK 30 | 31 | The proxy was found and deleted. 32 | 33 | ### 403 Forbidden 34 | 35 | The user does not have the required permissions to access the endpoint. 36 | 37 | ### 404 Not Found 38 | 39 | The proxy with the requested id does not exist. 40 | 41 | ## Permissions 42 | 43 | For being able to access the endpoint, the user needs to have the privilege `cluster:admin:searchguard:signals:proxies/delete`. 44 | 45 | ## Examples 46 | 47 | ### Delete proxy with the id `my-proxy` 48 | 49 | ``` 50 | DELETE /_signals/proxies/my-proxy 51 | ``` 52 | 53 | **Response** 54 | 55 | ``` 56 | 200 OK 57 | ``` 58 | 59 | ```json 60 | { 61 | "status": 200 62 | } 63 | ``` 64 | 65 | -------------------------------------------------------------------------------- /_content/_docs_signals/rest_api_proxy_get_all.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Get all proxies 3 | html_title: Get all proxies 4 | permalink: elasticsearch-alerting-rest-api-proxy-get-all 5 | category: signals-rest 6 | order: 856 7 | layout: docs 8 | edition: community 9 | description: Use to retrieve information about proxies. 10 | --- 11 | 12 | 13 | 14 | # Get all proxies 15 | {: .no_toc} 16 | 17 | {% include toc.md %} 18 | 19 | 20 | ``` 21 | GET /_signals/proxies/ 22 | ``` 23 | 24 | Load information about all proxies. 25 | 26 | 27 | ## Responses 28 | 29 | ### 200 OK 30 | 31 | List which contains all defined proxies in the system. 32 | 33 | ### 403 Forbidden 34 | 35 | The user does not have the required permissions to access the endpoint. 36 | 37 | ## Permissions 38 | 39 | For being able to access the endpoint, the user needs to have the privilege `cluster:admin:searchguard:signals:proxies/findall`. 40 | 41 | ## Examples 42 | 43 | ### Get all proxies 44 | 45 | ``` 46 | GET /_signals/proxies/ 47 | ``` 48 | 49 | **Response** 50 | 51 | ``` 52 | 200 OK 53 | ``` 54 | 55 | ```json 56 | { 57 | "status": 200, 58 | "data": [ 59 | { 60 | "id": "my-proxy", 61 | "name": "my test proxy", 62 | "uri": "http://127.0.0.1:9199" 63 | } 64 | ] 65 | } 66 | ``` 67 | 68 | -------------------------------------------------------------------------------- /_content/_docs_signals/rest_api_proxy_get_one.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Get one proxy 3 | html_title: Get one proxy 4 | permalink: elasticsearch-alerting-rest-api-proxy-get-one 5 | category: signals-rest 6 | order: 857 7 | layout: docs 8 | edition: community 9 | description: Use to retrieve one proxy. 10 | --- 11 | 12 | 13 | 14 | # Get one proxy 15 | {: .no_toc} 16 | 17 | {% include toc.md %} 18 | 19 | 20 | ``` 21 | GET /_signals/proxies/{proxy-id} 22 | ``` 23 | 24 | Load information about the proxy with the given id. 25 | 26 | 27 | ## Responses 28 | 29 | ### 200 OK 30 | 31 | The proxy was found, information about proxy is present in response body. 32 | 33 | ### 403 Forbidden 34 | 35 | The user does not have the required permissions to access the endpoint. 36 | 37 | ### 404 Not Found 38 | 39 | The proxy with the requested id does not exist. 40 | 41 | ## Permissions 42 | 43 | For being able to access the endpoint, the user needs to have the privilege `cluster:admin:searchguard:signals:proxies/findone`. 44 | 45 | ## Examples 46 | 47 | ### Get proxy with id `my-proxy` 48 | 49 | ``` 50 | GET /_signals/proxies/my-proxy 51 | ``` 52 | 53 | **Response** 54 | 55 | ``` 56 | 200 OK 57 | ``` 58 | 59 | ```json 60 | { 61 | "status": 200, 62 | "data": { 63 | "id": "my-proxy", 64 | "name": "my test proxy", 65 | "uri": "http://127.0.0.1:9199" 66 | } 67 | } 68 | ``` 69 | -------------------------------------------------------------------------------- /_content/_docs_signals/rest_api_trust_store_delete.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Delete trust store 3 | html_title: Delete trust store 4 | permalink: elasticsearch-alerting-rest-api-trust-store-delete 5 | category: signals-rest 6 | order: 854 7 | layout: docs 8 | edition: community 9 | description: Use to delete trust store by id 10 | --- 11 | 12 | 13 | 14 | # Delete trust store 15 | {: .no_toc} 16 | 17 | {% include toc.md %} 18 | 19 | 20 | ``` 21 | DELETE /_signals/truststores/{trust-store-id} 22 | ``` 23 | 24 | Delete the trust store with the provided id. 25 | 26 | 27 | ## Responses 28 | 29 | ### 200 OK 30 | 31 | The trust store was found and deleted 32 | 33 | ### 403 Forbidden 34 | 35 | The user does not have the required permissions to access the endpoint. 36 | 37 | ### 404 Not Found 38 | 39 | The trust store with the requested id does not exist. 40 | 41 | ## Permissions 42 | 43 | For being able to access the endpoint, the user needs to have the privilege `cluster:admin:searchguard:signals:truststores/delete`. 44 | 45 | ## Examples 46 | 47 | ### Delete truststore with the id `ca-trust-anchor` 48 | 49 | ``` 50 | DELETE /_signals/truststores/ca-trust-anchor 51 | ``` 52 | 53 | **Response** 54 | 55 | ``` 56 | 200 OK 57 | ``` 58 | 59 | ```json 60 | { 61 | "status": 200 62 | } 63 | ``` 64 | 65 | -------------------------------------------------------------------------------- /_content/_docs_signals/runtime_context.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_docs_signals/runtime_context.png -------------------------------------------------------------------------------- /_content/_docs_signals/security_execution_context.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Execution context 3 | html_title: Execution context 4 | permalink: elasticsearch-alerting-security-security-context 5 | category: security 6 | order: 200 7 | layout: docs 8 | edition: community 9 | description: Understanding the security execution context of Signals Alerting for Elasticsearch 10 | --- 11 | 12 | 13 | 14 | # Security execution context 15 | {: .no_toc} 16 | 17 | Signals is fully integrated with all Search Guard security features. 18 | 19 | In particular this means that each watch is executed in a **security context** that controls **to what data on Elasticsearch the watch has access to**: 20 | 21 | * The security context is stored as part of the watch definition 22 | * It is encrypted, and can be changed only by the Signals application 23 | * It is not accessible via the REST API. 24 | 25 | Each watch is executed with the **Search Guard permissions** the user that created the watch had **at the time of watch creation**. 26 | 27 | The security context is not bound to a Search Guard user or a Search Guard role. This makes sure that even if the user who created watches is deleted, the created watches will continue to work. 28 | 29 | The permissions that are stored in the security context of the watch include access permissions to indices, and also all advanced settings like [Document- and Field-level security](document-level-security) or [Field anonymization](field-anonymization). 30 | 31 | If a user edits a watch has had been created before by a different user, the security context will be replaced with the permissions of the current user. 32 | -------------------------------------------------------------------------------- /_content/_docs_signals/security_indices.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Signals Indices 3 | html_title: Alerting Indices 4 | permalink: elasticsearch-alerting-security-indices 5 | category: security 6 | order: 50 7 | layout: docs 8 | edition: community 9 | description: How Signals for Elasticsearch uses a protected configuration index to protect sensitive data 10 | --- 11 | 12 | 13 | 14 | # Signals Indices 15 | {: .no_toc} 16 | 17 | The Signals configuration index, as the Search Guard configuration index, may contain sensitive data. 18 | 19 | Access to the Signals configuration index is thus protected. In particular, you cannot access the index data directly by any of the Elasticsearch APIs. 20 | 21 | To access and change configuration data, use the [Signals REST API](rest_api.md). 22 | 23 | Alternatively, direct access is possible by using an [Admin Certificate](configuring-tls#configuring-admin-certificates). An admin certificate will bypass any Search Guard or Signals access control checks and thus gives you full access to the cluster. -------------------------------------------------------------------------------- /_content/_docs_signals/status_logging.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Status and Logging 3 | html_title: Status and Logging of Signals Alerting 4 | permalink: elasticsearch-alerting-status-logging 5 | category: signals 6 | order: 1000 7 | layout: docs 8 | edition: community 9 | description: 10 | index: false 11 | --- 12 | 13 | 14 | 15 | # Status and Logging 16 | {: .no_toc} 17 | 18 | {% include toc.md %} 19 | 20 | Coming soon. -------------------------------------------------------------------------------- /_content/_docs_signals/transformations.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Transformations 3 | html_title: Data Transformations 4 | permalink: elasticsearch-alerting-transformations-calculations 5 | category: signals 6 | subcategory: transformations 7 | order: 500 8 | layout: docs 9 | edition: community 10 | description: Signals Alerting for Elasticsearch uses Painless scripting for data manipulation and control flow. 11 | canonical: elasticsearch-alerting-transformations-calculations-overview 12 | description: 13 | --- 14 | 15 | 16 | 17 | # Transformations and Calculations 18 | {: .no_toc} 19 | 20 | In many cases, you will want to run transformations and calculations on the raw data pulled in by [inputs](inputs.md). 21 | 22 | For example, you may want to calculate an average value over some fields, or clean up data before [storing it back to Elasticsearch](actions_index.md). 23 | 24 | You can use painless scripts to either 25 | 26 | * transform your data in any execution context 27 | * calculate values and store them in a new execution context 28 | 29 | Both transformations and calculations are implemented as inline or stored painless scripts that operate on the execution runtime data. You can use the full power of painless to massage the data any way you want. -------------------------------------------------------------------------------- /_content/_docs_signals/transformations_overview.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Transformations Overview 3 | html_title: Transformations / Calculations 4 | permalink: elasticsearch-alerting-transformations-calculations-overview 5 | category: transformations 6 | order: 0 7 | layout: docs 8 | edition: community 9 | description: 10 | index: false 11 | --- 12 | 13 | 14 | 15 | # Transformations and Calculations 16 | {: .no_toc} 17 | 18 | In many cases, you will want to run transformations and calculations on the raw data pulled in by [inputs](elasticsearch-alerting-inputs-overview). 19 | 20 | For example, you may want to calculate an average value over some fields, or clean up data before [storing it back to Elasticsearch](actions_index.md). 21 | 22 | You can use painless scripts to either 23 | 24 | * [transform](transformations_transformations.md) your data in any execution context 25 | * [calculate](transformations_calculations.md) values and store them in a new execution context 26 | 27 | Both transformations and calculations are implemented as inline or stored painless scripts that operate on the execution runtime data. You can use the full power of painless to massage the data any way you want. -------------------------------------------------------------------------------- /_content/_docs_signals/triggers_timezones.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Handling Timezones 3 | html_title: Timezones 4 | permalink: elasticsearch-alerting-triggers-timezones 5 | category: triggers 6 | order: 200 7 | layout: docs 8 | edition: community 9 | description: Signals Alerting for Elasticsearch supports different timezones for triggers that control when a watch is executed. 10 | --- 11 | 12 | 13 | 14 | # Handling Timezones for Alerting triggers 15 | {: .no_toc} 16 | 17 | Signals supports different [time zones](triggers_timezones.md). If no time zone is specified, the default JVM time zone is used. 18 | 19 | You can specify the timezone of each trigger by adding a `timezone` ID to the schedule of a trigger: 20 | 21 | ```json 22 | { 23 | "trigger": 24 | { 25 | "schedule": 26 | { 27 | "timezone": "Europe/Berlin", 28 | "weekly":[ {"on":["monday","wednesday"], "at":["12:00","18:00"]} ] 29 | } 30 | }, 31 | } 32 | ``` 33 | 34 | A timezone ID can be either something like "Europe/Berlin" or "UTC+01:00". For details on timezone IDs, refer to the [JavaDocs on timezones](https://docs.oracle.com/javase/8/docs/api/java/time/ZoneId.html). 35 | -------------------------------------------------------------------------------- /_content/_docs_signals/watch_anatomy.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_docs_signals/watch_anatomy.png -------------------------------------------------------------------------------- /_content/_docs_systemintegrators/systemintegrators_inter_cluster_evaluator.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Inter-node traffic evaluator 3 | html_title: Inter-node traffic 4 | permalink: search-guard-oem-inter-node-traffic 5 | category: systemintegrators 6 | order: 500 7 | layout: docs 8 | edition: community 9 | description: How implement a custom inter-node traffic evaluator for Search Guard. 10 | 11 | --- 12 | 15 | 16 | # Custom inter-node traffic evaluator 17 | 18 | If the provided methods of listing the DNs of node certificates or adding an OID to the certificates does not work for you, you can implement your own class to identify inter-cluster traffic. It must implement the following interface: 19 | 20 | ```java 21 | com.floragunn.searchguard.transport.InterClusterRequestEvaluator 22 | ``` 23 | 24 | And provide a single argument constructor that takes a 25 | 26 | ```java 27 | org.elasticsearch.common.settings.Settings 28 | ``` 29 | 30 | as argument. For example: 31 | 32 | ```java 33 | public final class MyInterClusterRequestEvaluator 34 | implements InterClusterRequestEvaluator { 35 | 36 | public MyInterClusterRequestEvaluator(final Settings settings) { 37 | ... 38 | } 39 | 40 | @Override 41 | public boolean isInterClusterRequest( 42 | TransportRequest request, 43 | X509Certificate[] localCerts, 44 | X509Certificate[] peerCerts, 45 | final String principal) { 46 | ... 47 | } 48 | } 49 | ``` 50 | 51 | Make sure the class is on the classpath, and configure your custom implementation in `elasticsearch.yml`: 52 | 53 | ``` 54 | searchguard.cert.intercluster_request_evaluator_class: ... 55 | ``` -------------------------------------------------------------------------------- /_content/_docs_systemintegrators/systemintegrators_snapshot_restore_searchguard_index.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Search Guard index restore 3 | html_title: Index restore 4 | permalink: search-guard-oem-index-restore 5 | category: systemintegrators 6 | order: 300 7 | layout: docs 8 | edition: community 9 | description: How to enable snapshot and restore of the Search Guard index for regular users. 10 | --- 11 | 12 | 15 | 16 | # Snapshot and restore access to the Search Guard index 17 | 18 | By default, Search Guard does not allow to take a snapshot and restore the Search Guard index. This limitation can be lifted by explicitly allowing access to the Search Guard index in elasticsearch.yml: 19 | 20 | ``` 21 | searchguard.unsupported.restore.sgindex.enabled: true 22 | ``` 23 | 24 | Please also refer to the [snapshot and restore configuration](../_docs_roles_permissions/configuration_snapshots.md) documentation. 25 | 26 | -------------------------------------------------------------------------------- /_content/_docs_systemintegrators/systemintegrators_ssl_only.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: SSL only mode 3 | html_title: SSL only mode 4 | permalink: search-guard-oem-ssl-only 5 | category: systemintegrators 6 | order: 100 7 | layout: docs 8 | edition: community 9 | description: How to enable Search Guard SSL only mode. This adds TLS encryption to Elasticsearch, but skips authentication and authorization. 10 | --- 11 | 14 | 15 | # SSL only mode 16 | 17 | Search Guard can be operated in "SSL only mode". If this is enabled, Search Guard behaves as if only the SSL functionality was deployed: 18 | 19 | * The authentication / authorization modules are not loaded 20 | * The DLS/FLS, Audit Logging and Compliance features are not loaded 21 | 22 | Effectively this is identical with only deploying the Search Guard SSL plugin. The TLS only mode can be activated by the following setting in elasticsearch.yml: 23 | 24 | ``` 25 | searchguard.ssl_only: true 26 | ``` 27 | 28 | -------------------------------------------------------------------------------- /_content/_docs_versions/config_environment_variables.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_docs_versions/config_environment_variables.png -------------------------------------------------------------------------------- /_content/_docs_versions/versions_academic.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Academic and Scientific Licensing 3 | html_title: Academic Licensing 4 | permalink: search-guard-acadmic-scientic-licensing 5 | category: versions 6 | order: 400 7 | layout: docs 8 | description: Search Guard offers free licenses to non-commercial academic and scientific usage. 9 | resources: 10 | - "https://search-guard.com/product/|Search Guard editions feature comparison (website)" 11 | 12 | --- 13 | 16 | 17 | # Academic and Scientific License 18 | {: .no_toc} 19 | 20 | {% include toc.md %} 21 | 22 | ## Academic and Scientific License 23 | 24 | Because we love to support education and science, we offer free licenses for non-profit academic and scientific usage. 25 | 26 | Free enterprise licenses are available for: 27 | 28 | * Non-profit academic and scientific projects 29 | * Non-profit educational purposes 30 | * Unlimited amount of clusters 31 | * Unlimited amount of time 32 | 33 | Please see the [License and Support page](https://search-guard.com/licensing/){:target="_blank"} to see if your institution is eligible for this programme. 34 | 35 | -------------------------------------------------------------------------------- /_content/_docs_versions/versions_oem.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: OEM Licenses 3 | permalink: oem-licenses 4 | category: versions 5 | order: 500 6 | layout: docs 7 | description: Search Guard offers OEM licenses for system integrators that want to ship Search Guard as part of their own products. 8 | resources: 9 | - "https://search-guard.com/product/|Search Guard editions feature comparison (website)" 10 | 11 | --- 12 | 15 | 16 | # OEM License 17 | {: .no_toc} 18 | 19 | If you're a system integrator or want to ship Search Guard as part of your own product, please [see our partners page](https://search-guard.com/partners/){:target="_blank"} for further information. -------------------------------------------------------------------------------- /_content/_howto/addendum_a_configuration_examples.md: -------------------------------------------------------------------------------- 1 | # This page has moved 2 | 3 | The online version version of the documentation can be found here: 4 | 5 | [Search Guard Documentation](http://docs.search-guard.com/) -------------------------------------------------------------------------------- /_content/_howto/addendum_b_permission_settings_examples.md: -------------------------------------------------------------------------------- 1 | # This page has moved 2 | 3 | The online version version of the documentation can be found here: 4 | 5 | [Search Guard Documentation](http://docs.search-guard.com/) -------------------------------------------------------------------------------- /_content/_resources/elasticsearch_active_directory_ldap.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_resources/elasticsearch_active_directory_ldap.png -------------------------------------------------------------------------------- /_content/_resources/elasticsearch_auditlogging.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_resources/elasticsearch_auditlogging.png -------------------------------------------------------------------------------- /_content/_resources/elasticsearch_json_web_tokens.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_resources/elasticsearch_json_web_tokens.png -------------------------------------------------------------------------------- /_content/_resources/elasticsearch_search_guard_document_field_level_security.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_resources/elasticsearch_search_guard_document_field_level_security.png -------------------------------------------------------------------------------- /_content/_resources/search_guard_architecture_request_flow.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_resources/search_guard_architecture_request_flow.png -------------------------------------------------------------------------------- /_content/_resources/search_guard_configuration_basics.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_resources/search_guard_configuration_basics.png -------------------------------------------------------------------------------- /_content/_resources/search_guard_installation.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_resources/search_guard_installation.png -------------------------------------------------------------------------------- /_content/_resources/zero_trusted_networks.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_resources/zero_trusted_networks.png -------------------------------------------------------------------------------- /_content/_troubleshooting/kibana_config_mismatch.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_troubleshooting/kibana_config_mismatch.png -------------------------------------------------------------------------------- /_content/_troubleshooting/kibana_mt_disabled.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_content/_troubleshooting/kibana_mt_disabled.png -------------------------------------------------------------------------------- /_diagrams/config_environment_variables.drawio: -------------------------------------------------------------------------------- 1 | 5Vlbc5s4GP01PIYBiYv3MbGz7bTpbmfSmSZPGcXIoFYgKmQb59evBMIggxM2xU53+wQ6uiB9R+e72Bacp+U7jvLkE4swtYATlRZcWAC4LnDkQyG7GgmgBmJOIj2oBW7JE9ZgM2xNIlwYAwVjVJDcBJcsy/BSGBjinG3NYStGza/mKMY94HaJaB/9SiKR1OjMd1r8PSZxor8MHEf3pKgZrIEiQRHbdiB4bcE5Z0zUb2k5x1QZr7FLPe/PI737jXGciTETfvjhUxK5fwXfPn66+7i7CbIPTxe+3pvYNQfGkTy/bjIuEhazDNHrFr3ibJ1FWK3qyFY75oaxXIKuBL9hIXaaTLQWTEKJSKnuxSURd533e7WU7evWotQrV41d08gE3911G51ZqtlOq1rNvPp86lBHzaahgq35Ej9jq+b6IR5j8cw4sCdXqgKzFMv9yHkcUyTIxtwH0tcz3o9rGZQvmsR/Qahed4PoWn/JAgGV272KyMZgOvixVlfvSuBSXCBK4syCl3IExSvR9sq3WD1phPKqv15M7q1ar+6c5hPyiVL5kavsscirtpMIkT/gDD1Sdd/UVMHluc67iQHItu2334R0eSsSn5+UcVDCClH8qpsbgC5quNrVY/sBzwqlR9nYN4vLzw/v/779YoWLzpEeDw90eMwD72r6zm1CBL7NUeV2tlwprOsntZQxl9Z43nv1vY2e4Ongo6Ov62uHv21jmRvqMUknju3ByR1U+H+POFXrM+ZE2gvz6cMQGBmGvLcMQ+BoGFoxeeAhyauOi6JiUCneDfKyr/giRlFKso7a6vVelJt7FrlBxzf1Fjh9vYEhvQWn0lvwlnprNXbf6XlJb63E7g2FnTzDg/+FDA8OScuIZrjMJWdD8ayNYnChMjobl3ImxfaSpcNR7Wfil47fiyp4T6Iv4JvxLIA9eQE4IK+TqaspUw02DmwWS6PlRw+vC1eV4hrl4nij+BCaTscLB4J8OOB0Zv6JzOK9bJVCcPZ9X1MD8+bIWjlX49IyVj8r2CvKtssEcWFHSJoKFfjI7XvNlXuG2L7N386mfxwNqZ2Ec3yZNn3NNX0Bdapq6HylzZnqlHG+fFSFoiqvAzFWSp0zylQ2m7FMiW9FKD2ADrSnVEeWiF5qOCVRRI/p1owr08u2Wcaz4cwFZpLme3136Xv2LPQH5A1OFkn6v9wU8UN9q+2dJGN6opbSlqpC+RmqVPqt00A3mCbIByY9MByZQ5+Omn7KNa94WXOZ77FMzZcmKX8finzPtUewFJyVJb/H0nW2IZxlKa5Kzg3iREW14vfhCYTggCcwQNNswNG9gibZbP/NqPo6/wnB638A -------------------------------------------------------------------------------- /_diagrams/config_environment_variables.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_diagrams/config_environment_variables.png -------------------------------------------------------------------------------- /_diagrams/role_mapping_general.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_diagrams/role_mapping_general.png -------------------------------------------------------------------------------- /_diagrams/rolemapping.drawio: -------------------------------------------------------------------------------- 1 | 7VltU+MgEP41/Xg3eWlq/dim6r3ojNPOnd4nBxOacJKQIfTNX39LAk1SYrVq1Tmrzsg+LLDsPsAGOq6fLM84yuILFmLacaxw2XFHHcex3eM+/JPIqkR6UpJAxEmolCpgQu6xAi2FzkiI84aiYIwKkjXBgKUpDkQDQ5yzRVNtymhz1AxF2AAmAaImekVCEZdo37Mq/BsmUaxGdixL1SRIKysgj1HIFjXIPem4PmdMlKVk6WMqnaf9UrY7faB2bRjHqXhKg4tft5OfET0a0/yHE1/NAz74/cU5KruZIzpTM1bWipV2QcTZLDNHUwbMMRd42RYLdKt7qKYLPMEswYKvQE+16ioHrZrionL3UU9hcc3VtttTYVYhjtY9V16AgnLEDk6xXcMpv3LMDcfkC5JQlII0nLJUTFSNBXIQExqeoxWbSWtzgYI7LQ1jxsk96CMwamQDANVcKOo7PdkbodRnlPFiHBdb8rfRciJ7VGNxnEPbSx0aewO6QMuG4jnKhbaSUYqynJSBkg0TxCOSDpkQLFFKepanTaOmxQ/UI0qiFLAAxgInKV+Us7G7IJvU2U7FTUKZxKlRwz5uocZRf1/M6LYyI0UJSIOO73QGYI71UOFvyLDBIpisKEjA2R3WDk5ZSauazxWUZyggaXSOp3Ky3QoZq/lLiIETp7TYbWIShjiV0WcC6TUp45oxkorCQd4Q/sBK3/rqdTywyQfZrmT4k+pc+CwFMxEp4oiBRwssudSIuPP0iK/X2eMRV3uD0zP2hlYCOHvbGjyDAENYiTgNAeSMFjQAW/hNiGH+IpEe+AQRr+9/LSfTK4Xfc947/OZxOcGIBzFgZzPE1yw4HBUf5KhQtZ5nZhXrHLORVWjw9bnTN7gzBqo8eHbk0U08S1B6A7FgMx5AFnzYSLavypecI61s2N9GcmyQ4XsaSuMfzyJaCwVVakwBw13bKpZUrfj/82dvlGk5e1op4+0r99TfkTXKDAJBwC87kWZyNrkZnwxGB4rs75BZNT9D3o8ytkGZC5RlEI5DgvLBEhQgj0kW9y2/bfXNz1Pzk0OisnOi8uCd2U6JShsr9paoOOZd2OGD983C35Z0vG34zfsOI7rAhYG8aZf7JkV5TgJ9DphwLBJ9UoCv+OpaRaoQ/kgB4qHE0bJeOVppaUnEte4DyrVWIFWNpKDb7Lhtl9vYtvRRuQUmGeGtParlg8PGM8PWK02vLUVQGMcUCTJvPk60RV2NcClXQG072fy6LWeqtOqPB7rhsjm+6sfubfRTOsLop+DcepYvoGHvM9LwvUmj32f6XiP43edyaINEm/08m0MgVs9opXr1GOme/AM= -------------------------------------------------------------------------------- /_diagrams/rolemapping.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_diagrams/rolemapping.png -------------------------------------------------------------------------------- /_diagrams/rolemapping_general.drawio: -------------------------------------------------------------------------------- 1 | 7ZltT+MwDIB/TT/eqW3WMT5u4+VeQEJMd3AfQ5u1EWkzpRnb+PXntM76NmAgpiEYTFrtOG5iP6ldzSHjdHmu6Cy5lBETju9GS4ecOL7vkeMBfBnNqtT0jWQUseIRGlWKCX9kqHRRO+cRyxuGWkqh+aypDGWWsVA3dFQpuWiaTaVo3nVGY9ZRTEIqutobHumk1A4Ct9L/YDxO8M6+6+JISq0xKvKERnJRU5FTh4yVlLq8SpdjJkzwbFzKeWdPjK4Xplimt5lw+edu8jsWR9ci/+UnNw+hGv795h2Vbh6omOOOJ4yqMAHd+ZyqCL6VhGCUW9ArG5d8wVNBM5BGU5npCY64IIcJF9EFXcm5WVeuaXhvpVEiFX8EeypgyAMFDCuNaff7xhsXYiyFVMV9CHPNf2PmxHjEeymWw9wrGwSvpbqky4bhBc21XaUUgs5yfles20xMqYp5NpJayxSN7C7PmouaFn8wTgWPM9CFcC+mbCzK3Xg9kDG6TGm2fDJv3poGOEZMpkyrFZjghOAYAcIT1ENxUeG4Pi1JDUXPKikegXjtuqIELhCU10Az6EBzDYxkNAVp6Ix9Zwi3dqsLvy9M8ifna5rcwtjvx3odpBpcECxdsKHkPbNxz2RJWy0VqMpnNORZfMGmZuu9SnON0TAqCUmYiuIAJjyKWGagkJpqercmdyZ5potoBSP4wMLH7vfACWBNY5C9SoaPMVd6LDNYJuVFLhngtWAGsQYIfueQbEPFM+e1ywqyASdoKzas3fujcdxB42cWmV1u4mKbC2SHF15MhDSctCyv2IGtEM9tX35+onYGUeBvB1Ew2BFEtmLWIBqGmkNctsUIoaEC0sNMDaM4/0DN+xckz9aD/QHT7wDTySXLoqHpB021FjTPeWi7j6460antTyAmanWLeSmEf0aA6KN4sqwPnqystOT61vqA69oskKpJRrBzyjWzqNORtjID+5JzFbJnIkKeSGEtRcGmDKFOMUE1f2iuY1Pa8A5XBtgaIX7QIGTQ6kTK5eOkesva9tMire0Hshcz3fFTMLTe9NuxIt3n0CWdzeBAH9rhvbXDxGsysf92mHivbIcPDfLuGmTibqbnozTIxO/A8ieHhhay/VJ3g5DMwRz5eKGfGcGDAcoeMtV0j87uWiZfCLidMbb3/pmQjYwditb+ilazH/oANavX7ZhbTxwUP/+D4L0qD/nglSd4svK8sk2pVaBDAdpLAXoetf0XoN29jztbviPv69XX7zUf9Z5Lmi62ffdtv+d0HO365bf7y9CXzSF5rxy2Hb05hyBWvxyW5tXvr+T0Pw== -------------------------------------------------------------------------------- /_diagrams/search_guard_index.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/_diagrams/search_guard_index.png -------------------------------------------------------------------------------- /_includes/additional_resources.html: -------------------------------------------------------------------------------- 1 | {%if page.resources != null %} 2 |
3 |

Additional resources

4 | 17 |
18 | {% endif %} 19 | -------------------------------------------------------------------------------- /_includes/additional_resources_search.html: -------------------------------------------------------------------------------- 1 | {%if page.showsearch != false %} 2 | 3 |
4 | 5 |

Not what you were looking for? Try the search.

6 | 7 |
8 |
9 |
10 | 11 | 12 |
13 |
14 |
15 | {% endif %} -------------------------------------------------------------------------------- /_includes/beta_warning.html: -------------------------------------------------------------------------------- 1 | This is a Technical Preview and should not yet be used in production. 2 | {: .note .js-note .note-warning} -------------------------------------------------------------------------------- /_includes/contact_us.html: -------------------------------------------------------------------------------- 1 |
2 |
3 |
4 | Questions? Drop us a note! 5 |
6 |
7 | 8 | -------------------------------------------------------------------------------- /_includes/es8_migration_note.html: -------------------------------------------------------------------------------- 1 | Note: If you are using Elasticsearch 8, properties like `{{ include.deprecated_properties }}` are now configured only in `elasticsearch.yml` and should not be present in `kibana.yml` config file. Please, refer to [ES8 migration guide](sg-upgrade-7-8). 2 | {: .note .js-note .note-warning} 3 | -------------------------------------------------------------------------------- /_includes/left_nav_changelogs.html: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /_includes/left_nav_items_anchors.html: -------------------------------------------------------------------------------- 1 | {% assign items = site[include.collectionname] | where:'category', include.category | sort: 'order' %} 2 |
  • 3 | 7 | {{site.labels.navigation[include.category]}} 8 | 31 |
    • -------------------------------------------------------------------------------- /_includes/left_nav_resources.html: -------------------------------------------------------------------------------- 1 | 2 | 7 | 8 | -------------------------------------------------------------------------------- /_includes/left_nav_search.html: -------------------------------------------------------------------------------- 1 | 2 |
    3 |
    4 |
    5 | 6 | 7 |
    8 |
    9 |
    -------------------------------------------------------------------------------- /_includes/left_nav_troubleshooting.html: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /_includes/main_nav_items.html: -------------------------------------------------------------------------------- 1 | {% assign items = site[include.collectionname] | where:'category', include.category | sort: 'order' %} 2 |
  • 3 | {%if include.url != null %} 4 | {{site.labels.navigation[include.category]}} 5 | {% else %} 6 | {{site.labels.navigation[include.category]}} 7 | {% endif %} 8 | 9 |
    • 10 | -------------------------------------------------------------------------------- /_includes/main_nav_items_flat.html: -------------------------------------------------------------------------------- 1 | {% assign items = site[include.collectionname] | where:'category', include.category | sort: 'order' %} 2 |
  • 3 | {% for item in items %} 4 | {{ item.title }} 5 | {% endfor %} 6 |
    • 7 | -------------------------------------------------------------------------------- /_includes/scripts.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | -------------------------------------------------------------------------------- /_includes/sgversions_demo.html: -------------------------------------------------------------------------------- 1 | {% assign sgversions = site.sgversions[include.versions] %} 2 | 3 | {% for version in sgversions %} 4 | 5 | {% assign sgversions = version | split: "|" %} 6 | {% assign endoflife = sgversions[4] %} 7 | 8 | {% capture demo_url %} 9 | https://maven.search-guard.com/search-guard-flx-release/com/floragunn/search-guard-flx-elasticsearch-plugin/{{ sgversions[1] }}-es-{{ sgversions[0] }}/search-guard-flx-elasticsearch-plugin-{{ sgversions[1] }}-es-{{ sgversions[0] }}-demo-installer.sh 10 | {% endcapture %} 11 | 12 | {% if endoflife == "no" %} 13 | Elasticsearch {{ sgversions[0] }} 14 | {% endif %} 15 | {% endfor %} -------------------------------------------------------------------------------- /_includes/toc.md: -------------------------------------------------------------------------------- 1 | {::options parse_block_html="true" /} 2 |
    3 |

    Content

    4 | * TOC 5 | {:toc} 6 |
    7 | {::options parse_block_html="false" /} 8 | -------------------------------------------------------------------------------- /_layouts/changelogs.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | {% include html_head.html %} 5 | 6 | 7 | 10 |
    11 | 12 | {% include main_navigation.html %} 13 | 14 |
    15 |
    16 |
    17 |
    18 | 27 |
    28 | {{ content }} 29 |
    30 |
    31 |
    32 |
    33 |
    34 | 35 | {% include footer.html %} 36 | 37 |
    38 | 39 | {% include scripts.html %} 40 | 41 | -------------------------------------------------------------------------------- /_layouts/resources.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | {% include html_head.html %} 5 | 6 | 7 | 10 |
    11 | 12 | {% include main_navigation.html %} 13 | 14 |
    15 |
    16 |
    17 |
    18 | 27 |
    28 | {{ content }} 29 |
    30 |
    31 |
    32 |
    33 |
    34 | 35 | {% include footer.html %} 36 | 37 |
    38 | 39 | {% include scripts.html %} 40 | 41 | -------------------------------------------------------------------------------- /_layouts/troubleshooting.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | {% include html_head.html %} 5 | 6 | 7 | 10 |
    11 | 12 | {% include main_navigation.html %} 13 | 14 |
    15 |
    16 |
    17 |
    18 | 27 |
    28 | {{ content }} 29 | {% include additional_resources.html %} 30 | {% include additional_resources_search.html %} 31 |
    32 |
    33 |
    34 |
    35 |
    36 | 37 | {% include footer.html %} 38 | 39 |
    40 | 41 | {% include scripts.html %} 42 | 43 | -------------------------------------------------------------------------------- /_versions.yml: -------------------------------------------------------------------------------- 1 | index: true 2 | 3 | baseurl: /latest 4 | 5 | algolia: 6 | index_name: 'latest' -------------------------------------------------------------------------------- /fonts/FontAwesome.otf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/fonts/FontAwesome.otf -------------------------------------------------------------------------------- /fonts/Pe-icon-7-stroke.eot: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/fonts/Pe-icon-7-stroke.eot -------------------------------------------------------------------------------- /fonts/Pe-icon-7-stroke.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/fonts/Pe-icon-7-stroke.ttf -------------------------------------------------------------------------------- /fonts/Pe-icon-7-stroke.woff: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/fonts/Pe-icon-7-stroke.woff -------------------------------------------------------------------------------- /fonts/fontawesome-webfont.eot: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/fonts/fontawesome-webfont.eot -------------------------------------------------------------------------------- /fonts/fontawesome-webfont.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/fonts/fontawesome-webfont.ttf -------------------------------------------------------------------------------- /fonts/fontawesome-webfont.woff: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/fonts/fontawesome-webfont.woff -------------------------------------------------------------------------------- /fonts/fontawesome-webfont.woff2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/fonts/fontawesome-webfont.woff2 -------------------------------------------------------------------------------- /img/logos/SG_Fav-114px.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/img/logos/SG_Fav-114px.png -------------------------------------------------------------------------------- /img/logos/SG_Fav-144px.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/img/logos/SG_Fav-144px.png -------------------------------------------------------------------------------- /img/logos/SG_Fav-172px.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/img/logos/SG_Fav-172px.png -------------------------------------------------------------------------------- /img/logos/SG_Fav-32px.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/img/logos/SG_Fav-32px.png -------------------------------------------------------------------------------- /img/logos/SG_Fav-57px.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/img/logos/SG_Fav-57px.png -------------------------------------------------------------------------------- /img/logos/SG_Helmet_Blue.svg: -------------------------------------------------------------------------------- 1 | 2 | 3 | 5 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 22 | 24 | 25 | 26 | 27 | -------------------------------------------------------------------------------- /img/logos/SG_Helmet_White.svg: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | -------------------------------------------------------------------------------- /img/logos/apple-touch-icon.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/img/logos/apple-touch-icon.png -------------------------------------------------------------------------------- /img/logos/favicon-96x96.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/img/logos/favicon-96x96.png -------------------------------------------------------------------------------- /img/logos/favicon.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/img/logos/favicon.ico -------------------------------------------------------------------------------- /img/logos/favicon.svg: -------------------------------------------------------------------------------- 1 | 2 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 19 | 21 | 22 | 23 | -------------------------------------------------------------------------------- /img/logos/search-guard-frontmatter.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/img/logos/search-guard-frontmatter.png -------------------------------------------------------------------------------- /img/logos/search-guard-logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/img/logos/search-guard-logo.png -------------------------------------------------------------------------------- /img/logos/search-guard-social.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/img/logos/search-guard-social.png -------------------------------------------------------------------------------- /img/logos/web-app-manifest-192x192.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/img/logos/web-app-manifest-192x192.png -------------------------------------------------------------------------------- /img/logos/web-app-manifest-512x512.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/img/logos/web-app-manifest-512x512.png -------------------------------------------------------------------------------- /js/custom.js: -------------------------------------------------------------------------------- 1 | $(document).ready(function() { 2 | // Start writing your custom functions here. 3 | // All the necessary pluigns are already loaded. 4 | }); -------------------------------------------------------------------------------- /manifest.json: -------------------------------------------------------------------------------- 1 | { 2 | "short_name": "Search Guard", 3 | "name": "Search Guard - Security and Alerting for Elasticsearch", 4 | "icons": [ 5 | { 6 | "src": "/img/logos/favicon.ico", 7 | "sizes": "64x64 32x32 24x24 16x16", 8 | "type": "image/x-icon" 9 | } 10 | ], 11 | "start_url": ".", 12 | "display": "standalone", 13 | "theme_color": "#000000", 14 | "background_color": "#ffffff" 15 | } 16 | -------------------------------------------------------------------------------- /merge_all.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # we have only one version for flx atm 4 | # versions=( "7.x-53" "7.x-52" "7.x-51" "7.x-50" "7.x-49" "7.x-48" "7.x-47" "7.x-46" "7.x-45" "7.x-43" "7.x-42" "7.x-41" "7.x-40" "7.x-38" "7.x-37" "7.x-36" "7.x-35" ) 5 | # for i in "${versions[@]}" 6 | # do 7 | # git checkout "$i" && git pull && git merge 7.x --no-edit && git push 8 | # echo "Merged flx in $i" 9 | # done 10 | # git checkout 7.x 11 | 12 | -------------------------------------------------------------------------------- /run_local.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | bundle install 3 | bundle exec jekyll serve --watch --config _config.yml,_versions.yml 4 | -------------------------------------------------------------------------------- /sass/_sg_code.scss: -------------------------------------------------------------------------------- 1 | code, 2 | pre{ 3 | color:#333; 4 | text-shadow:0 1px white; 5 | font-family:Consolas, Monaco, 'Andale Mono', monospace; 6 | direction:ltr; 7 | text-align:left; 8 | white-space:pre; 9 | word-spacing:normal; 10 | word-break:normal; 11 | line-height:1.5; 12 | -moz-tab-size:4; 13 | -o-tab-size:4; 14 | tab-size:4; 15 | -webkit-hyphens:none; 16 | -moz-hyphens:none; 17 | -ms-hyphens:none; 18 | hyphens:none; 19 | } 20 | 21 | pre::-moz-selection, 22 | pre::-moz-selection, 23 | code::-moz-selection, 24 | code::-moz-selection{ 25 | text-shadow:none; 26 | background:$grey; 27 | } 28 | 29 | pre::selection, 30 | pre::selection, 31 | code::selection, 32 | code::selection{ 33 | text-shadow:none; 34 | background:$grey; 35 | } 36 | 37 | @media print{code, 38 | pre{text-shadow:none;} 39 | } 40 | 41 | pre{ 42 | padding:1em; 43 | margin:.5em 0; 44 | overflow:auto; 45 | } 46 | 47 | :not(pre) > code, 48 | pre{ 49 | background:$lightGrey; 50 | } 51 | 52 | :not(pre) > code{ 53 | padding:.1em; 54 | border-radius:.3em; 55 | } 56 | 57 | .code-highlight :not(pre)>code[class*=language-], .code-highlight pre[class*=language-] { 58 | background-color: $lightGrey; 59 | } 60 | -------------------------------------------------------------------------------- /sass/_sg_edition_buttons.scss: -------------------------------------------------------------------------------- 1 | .edition-button { 2 | border-width: 2px !important; 3 | font-size: 1.2em !important; 4 | vertical-align:middle !important; 5 | margin: 0px !important; 6 | } 7 | 8 | .edition-button-community { 9 | color: $communityEdition !important; 10 | border-color: $communityEdition !important; 11 | } 12 | 13 | .edition-button-enterprise { 14 | color: $enterpriseEdition !important; 15 | border-color: $enterpriseEdition !important; 16 | } 17 | 18 | .edition-button-compliance { 19 | color: $complianceEdition !important; 20 | border-color: $complianceEdition !important; 21 | } 22 | 23 | .edition-button-beta { 24 | color: $green !important; 25 | border-color: $green !important; 26 | } -------------------------------------------------------------------------------- /sass/_sg_header_footer.scss: -------------------------------------------------------------------------------- 1 | .header { 2 | background-color: $navyBlue; 3 | } 4 | 5 | .footer { 6 | background: $darkBlue; 7 | color: $white; 8 | } 9 | 10 | .copyright a { 11 | color: $white; 12 | } 13 | 14 | .footer-menu li a { 15 | color: $white; 16 | } 17 | 18 | .fa-angle-up:before { 19 | color: $white; 20 | } 21 | -------------------------------------------------------------------------------- /sass/_sg_navigation.scss: -------------------------------------------------------------------------------- 1 | .menu-vertical { 2 | background-color: #e8eced; 3 | } 4 | 5 | .main-nav-level-1 { 6 | color: #fff; 7 | text-transform: uppercase; 8 | line-height: 20px; 9 | letter-spacing: 1px; 10 | font-weight: 600; 11 | margin-bottom: 2px; 12 | } 13 | 14 | .main-nav-level-1-bold { 15 | color: #fff; 16 | text-transform: uppercase; 17 | line-height: 20px; 18 | letter-spacing: 1px; 19 | font-weight: 900; 20 | margin-bottom: 2px; 21 | } 22 | 23 | .main-nav-level-2 { 24 | font-size: 1.1em !important; 25 | } 26 | 27 | .left-nav-level-1 { 28 | font-size: 1.05em !important; 29 | margin-top: 5px !important; 30 | margin-bottom: 5px !important; 31 | } 32 | 33 | .left-nav-level-2 { 34 | font-size: 1.02em !important; 35 | } 36 | 37 | .left-nav-level-3, .left-nav-level-4 { 38 | font-size: 1em !important; 39 | } 40 | 41 | .menu ul { 42 | border-style: none; 43 | } 44 | 45 | li.selected > a{ 46 | font-weight: 500 !important; 47 | } -------------------------------------------------------------------------------- /sass/_sg_notes.scss: -------------------------------------------------------------------------------- 1 | .note { 2 | padding: 20px 20px 20px 25px; 3 | border: 1px solid #246e94; 4 | border-radius: 3px; 5 | box-shadow: #3f8c81 !important; 6 | margin-bottom: 30px; 7 | margin-top: 30px !important; 8 | position: relative; 9 | font-weight: 400 !important; 10 | } 11 | 12 | .note a { 13 | text-decoration: underline; 14 | } 15 | 16 | .note-title { 17 | margin-top: 0px; 18 | } 19 | 20 | .note-warning { 21 | box-shadow: inset 5px 0 0 0 $navyBlue; 22 | color: $navyBlue; 23 | } 24 | 25 | .note-info { 26 | box-shadow: inset 5px 0 0 0 $green; 27 | color: $green; 28 | } 29 | 30 | .additional-resources { 31 | padding: 20px 20px 20px 25px; 32 | border: 1px solid $navyBlueActive; 33 | border-radius: 3px; 34 | margin-bottom: 30px; 35 | margin-top: 40px; 36 | position: relative; 37 | font-weight: 400; 38 | box-shadow: inset 5px 0 0 0 $navyBlueActive; 39 | color: $navyBlueActive; 40 | } 41 | 42 | .additional-resources-title { 43 | margin-bottom: 5px; 44 | font-weight: 400; 45 | color: $navyBlueActive; 46 | font-size: 1.2em; 47 | } 48 | 49 | .additional-resources a { 50 | color: $navyBlueActive; 51 | text-decoration: none; 52 | } 53 | 54 | 55 | 56 | -------------------------------------------------------------------------------- /sass/_sg_search.scss: -------------------------------------------------------------------------------- 1 | .search-input { 2 | font-size: 1.2em !important; 3 | font-weight: 400 !important; 4 | } 5 | -------------------------------------------------------------------------------- /sass/_sg_toc.scss: -------------------------------------------------------------------------------- 1 | .faq-table-of-contents { 2 | border-radius: 3px; 3 | margin-bottom: 30px; 4 | border: 1px solid $grey; 5 | padding: 30px; 6 | padding-left: 30px; 7 | padding-right: 30px; 8 | padding-top: 10px; 9 | padding-bottom: 0px; 10 | background-color: $grey; 11 | position: relative; 12 | } 13 | 14 | .faq-table-of-contents-title{ 15 | margin-bottom: 5px; 16 | font-weight: 400; 17 | color: $navyBlueActive; 18 | } 19 | 20 | .faq-table-of-contents a { 21 | color: $navyBlueActive; 22 | text-decoration: none; 23 | } 24 | 25 | #markdown-toc { 26 | list-style-type: none; 27 | margin: 0 0 0.8em 0; 28 | } -------------------------------------------------------------------------------- /sass/backgrounds.scss: -------------------------------------------------------------------------------- 1 | .background-gradient-grey { 2 | /* Permalink - use to edit and share this gradient: http://colorzilla.com/gradient-editor/#ffffff+0,f2f2f2+95,f2f2f2+95,f2f2f2+100 */ 3 | background: #ffffff; 4 | /* Old browsers */ 5 | background: -moz-linear-gradient(top, #ffffff 0%, #f2f2f2 95%, #f2f2f2 95%, #f2f2f2 100%); 6 | /* FF3.6-15 */ 7 | background: -webkit-linear-gradient(top, #ffffff 0%, #f2f2f2 95%, #f2f2f2 95%, #f2f2f2 100%); 8 | /* Chrome10-25,Safari5.1-6 */ 9 | background: linear-gradient(to bottom, #ffffff 0%, #f2f2f2 95%, #f2f2f2 95%, #f2f2f2 100%); 10 | /* W3C, IE10+, FF16+, Chrome26+, Opera12+, Safari7+ */ 11 | filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffffff', endColorstr='#f2f2f2', GradientType=0); 12 | /* IE6-9 */ 13 | } -------------------------------------------------------------------------------- /sass/box.scss: -------------------------------------------------------------------------------- 1 | .box { 2 | margin-bottom: 30px; 3 | position: relative; 4 | } 5 | .box.box-small-icon { 6 | padding-left: 40px; 7 | } 8 | .box.box-small-icon .box-title { 9 | font-size: 1.5625em; 10 | } 11 | .box-small-icon-alt { 12 | padding-left: 150px; 13 | padding-right: 60px; 14 | padding-top: 20px; 15 | } 16 | .box-small-icon-alt .box-title { 17 | font-size: 1.5625em; 18 | } 19 | .box-small-icon-alt .box-icon { 20 | position: absolute; 21 | left: 40px; 22 | top: 1px; 23 | width: 80px; 24 | height: 80px; 25 | border: 1px solid #cbd3dd; 26 | border-radius: 50%; 27 | text-align: center; 28 | font-size: 32px; 29 | line-height: 80px; 30 | } 31 | .box-icon { 32 | position: absolute; 33 | left: 0; 34 | top: 1px; 35 | width: 22px; 36 | } 37 | .box-icon-large { 38 | color: #2288cc; 39 | font-size: 2.5em; 40 | margin-bottom: 20px; 41 | width: 75px; 42 | height: 75px; 43 | line-height: 75px; 44 | border-radius: 50%; 45 | background-color: #f6f7f8; 46 | } 47 | .box-title { 48 | font-size: 2.1875em; 49 | font-weight: 300; 50 | } 51 | .box-image .box-title { 52 | font-size: 1.5625em; 53 | } 54 | .box-description { 55 | font-size: 1em; 56 | font-weight: 300; 57 | line-height: 1.5; 58 | color: #808488; 59 | } -------------------------------------------------------------------------------- /sass/category.scss: -------------------------------------------------------------------------------- 1 | .category-list { 2 | margin-bottom: 30px; 3 | } 4 | .category-list-title { 5 | font-size: 1.25em; 6 | color: #333333; 7 | line-height: 1.4; 8 | background-color: #f6f7f8; 9 | padding: 16px 30px; 10 | margin-bottom: 0; 11 | } 12 | .category-list-content { 13 | padding: 20px 30px; 14 | list-style-type: none; 15 | margin: 0; 16 | } 17 | .category-list-content-item { 18 | padding: 5px 0; 19 | position: relative; 20 | } 21 | .category-list-content-item:before { 22 | position: absolute; 23 | width: 5px; 24 | height: 5px; 25 | background-color: #cbd3dd; 26 | content: ''; 27 | display: block; 28 | left: -18px; 29 | top: 16px; 30 | } 31 | .category-list-content-item-text { 32 | font-size: 1.125em; 33 | font-weight: 300; 34 | line-height: 1.2; 35 | } -------------------------------------------------------------------------------- /sass/colors.scss: -------------------------------------------------------------------------------- 1 | /* ========================================================================== 2 | Colors configuration 3 | ========================================================================== */ 4 | 5 | $navyBlue: #246E94; 6 | $darkBlue: #184962; 7 | $navyBlueHover: #1E5B7A; 8 | $navyBlueActive: #184962; 9 | $turkis: #00FCE5; 10 | $turkisHover: #00E3CE; 11 | $turkisActive: #00C9B7; 12 | $green: #007D71; 13 | $darkGrey: #63737E; 14 | $grey: #E8ECED; 15 | $lightGrey: #F5F7F7; 16 | $communityEdition: #00C9B7; 17 | $enterpriseEdition: #009688; 18 | $complianceEdition: #007D71; 19 | $editionText: #0A635B; 20 | $white: #FFF; 21 | $buttonGhost: #0A635B; 22 | $textLoud: #184962; 23 | $buttonGreen: #009688; 24 | $borderColor: #CCCCCC; 25 | $borderGrey: #E0E0E0; 26 | $backButton: #08998B; 27 | 28 | $color_black: #333 ; 29 | $color_grey: #99a3b1 ; 30 | $color_grey-dark: #808488 ; 31 | $color_grey-lighter: #F6F7F8 ; 32 | $color_grey-light: #CBD3DD ; 33 | $color_blue: #28C ; 34 | $color_blue-light: #48CACC ; 35 | $color_purple: #8D3DEB ; 36 | $color_orange: #FF530D ; 37 | $color_green: #4b5 ; 38 | $color_red: #FF3625 ; 39 | $color_yellow: #FDC441 ; -------------------------------------------------------------------------------- /sass/custom.scss: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/floragunncom/search-guard-docs/9aef0cb456691e3fbe1735b51f6adfe2744e19ed/sass/custom.scss -------------------------------------------------------------------------------- /sass/fonts.scss: -------------------------------------------------------------------------------- 1 | /* ========================================================================== 2 | Fonts configuration 3 | ========================================================================== */ 4 | 5 | // Importing fonts from http://google.com/fonts 6 | @import url(https://fonts.googleapis.com/css?family=Roboto:500,900,100,300,700,400&subset=latin,cyrillic-ext,cyrillic,latin-ext&display=swap); 7 | @import url(https://fonts.googleapis.com/css?family=Roboto+Slab:400,100,300,700&subset=latin,cyrillic-ext,cyrillic,latin-ext&display=swap); 8 | 9 | // Font Family 10 | $font_primary: 'Roboto', sans-serif; 11 | $font_secondary: "Roboto Slab", serif; 12 | 13 | // Icons 14 | $icons: 'FontAwesome'; 15 | 16 | // Font Size 17 | $font-size_base: 16px; 18 | 19 | // Font Weight 20 | $font_thin: 100; 21 | $font_light: 300; 22 | $font_normal: 400; 23 | $font_medium: 500; 24 | $font_bold: 700; 25 | $font_black: 900; 26 | -------------------------------------------------------------------------------- /sass/gridview.scss: -------------------------------------------------------------------------------- 1 | .grid-view-elem { 2 | padding: 30px; 3 | margin-bottom: 30px; 4 | background-color: #f6f7f8; 5 | } 6 | .grid-view-elem-title { 7 | font-size: 1em; 8 | margin-bottom: 10px; 9 | font-weight: 400; 10 | } 11 | .grid-view-title-descr { 12 | font-size: 0.875em; 13 | margin-left: 10px; 14 | vertical-align: top; 15 | font-weight: 300; 16 | } 17 | .grid-view-elem-description { 18 | font-size: 0.875em; 19 | line-height: 1.5; 20 | font-weight: 300; 21 | margin: 0; 22 | } -------------------------------------------------------------------------------- /sass/image.scss: -------------------------------------------------------------------------------- 1 | .image { 2 | padding: 4px; 3 | border: 1px solid #cbd3dd; 4 | border-radius: 3px; 5 | margin-bottom: 15px; 6 | max-width: 100%; 7 | } 8 | .image.remove-border { 9 | border: 0; 10 | } 11 | .image.isolated { 12 | margin: 30px 0; 13 | } -------------------------------------------------------------------------------- /sass/info.scss: -------------------------------------------------------------------------------- 1 | .info { 2 | margin-bottom: 30px; 3 | } 4 | .info-content { 5 | list-style-type: none; 6 | margin: 0; 7 | padding: 0; 8 | border-radius: 0 0 3px 3px; 9 | } 10 | .info-title { 11 | font-size: 1.5em; 12 | line-height: 1.4; 13 | color: white; 14 | background-color: #2288cc; 15 | padding: 16px 50px 16px 30px; 16 | margin: 0; 17 | border-radius: 3px 3px 0 0; 18 | position: relative; 19 | } 20 | .info-close { 21 | font-size: 20px; 22 | position: absolute; 23 | right: 18px; 24 | top: 50%; 25 | margin-top: -14px; 26 | cursor: pointer; 27 | } 28 | .info-content-item { 29 | padding: 20px 30px; 30 | } 31 | .info-content-item:nth-child(odd) { 32 | background-color: #f6f7f8; 33 | } 34 | .info-content-item:nth-child(even) { 35 | background-color: #e8eaed; 36 | } 37 | .info-content-item-title { 38 | font-size: 0.875em; 39 | font-weight: 700; 40 | color: #333333; 41 | line-height: 1.5; 42 | } 43 | .info-content-item-text { 44 | font-size: 0.875em; 45 | color: #333333; 46 | line-height: 1.5; 47 | margin-bottom: 0; 48 | } 49 | .info-demiliter { 50 | padding: 30px 0; 51 | border-bottom: 1px solid #dae0e7; 52 | border-top: 1px solid #dae0e7; 53 | margin-bottom: 30px; 54 | } 55 | .info-delimiter-title { 56 | line-height: 42px; 57 | font-size: 26px; 58 | margin: 0; 59 | } 60 | .info-delimiter-button { 61 | text-align: right; 62 | text-transform: uppercase; 63 | } 64 | .info-delimiter-button .button { 65 | margin-right: 15px; 66 | } 67 | .info-delimiter-button .button:last-child { 68 | margin: 0; 69 | } -------------------------------------------------------------------------------- /sass/layout.scss: -------------------------------------------------------------------------------- 1 | html, 2 | body { 3 | height: 100%; 4 | margin: 0 !important; 5 | } 6 | body { 7 | font-size: $font-size_base; 8 | line-height: 100%; 9 | font-family: $font_primary; 10 | color: #333333; 11 | } 12 | 13 | // font sizes devices 14 | body{font-size:125%;} 15 | @media(min-width:60em){body{font-size: 100%}} 16 | 17 | #content { 18 | padding: 60px 0; 19 | } 20 | #content.pt0 { 21 | padding-top: 0; 22 | } 23 | #content.pb0 { 24 | padding-bottom: 0; 25 | } 26 | .page { 27 | min-height: 100%; 28 | position: relative; 29 | } 30 | .layout { 31 | position: relative; 32 | } 33 | .layout .col-md-2, 34 | .layout .col-md-3, 35 | .layout .col-md-4 { 36 | position: static; 37 | } 38 | .layout.with-left-sidebar .sidebar { 39 | padding-right: 20px; 40 | } 41 | .layout.with-right-sidebar .sidebar { 42 | padding-left: 20px; 43 | } 44 | .sidebar { 45 | -webkit-backface-visibility: hidden; 46 | -webkit-transform: translateZ(0); 47 | } 48 | .sidebar.sidebar-is-fixed { 49 | position: fixed; 50 | top: 30px; 51 | } 52 | .sidebar.sidebar-is-bottom { 53 | position: absolute; 54 | bottom: 0; 55 | } 56 | @media (min-width: 1200px) { 57 | .container-spaced { 58 | padding: 0 50px; 59 | } 60 | } 61 | @media (min-width: 480px) { 62 | .one-page-content .container-spaced { 63 | padding: 0 50px; 64 | } 65 | } -------------------------------------------------------------------------------- /sass/listview.scss: -------------------------------------------------------------------------------- 1 | .list-view { 2 | margin-bottom: 30px; 3 | } 4 | .list-item { 5 | margin-bottom: 20px; 6 | padding-bottom: 20px; 7 | border-bottom: 1px solid #cbd3dd; 8 | } 9 | .list-item:last-child { 10 | margin-bottom: 0; 11 | border: none; 12 | } 13 | .list-item-header { 14 | margin-bottom: 10px; 15 | } 16 | .list-item-header:after { 17 | display: block; 18 | content: ''; 19 | clear: both; 20 | } 21 | .list-item-title { 22 | font-size: 1.25em; 23 | line-height: 1.4; 24 | width: 75%; 25 | float: left; 26 | margin: 0; 27 | } 28 | .list-item-title a { 29 | text-decoration: none; 30 | } 31 | .list-item-meta { 32 | display: block; 33 | width: 25%; 34 | float: right; 35 | line-height: 1.6; 36 | text-align: right; 37 | max-width: 250px; 38 | font-weight: 300; 39 | font-size: 0.875em; 40 | } 41 | .list-item-meta a { 42 | color: #808488; 43 | padding: 5px 10px; 44 | background-color: #f6f7f8; 45 | border-radius: 3px; 46 | } 47 | .list-item-content { 48 | line-height: 1.4; 49 | font-weight: 300; 50 | } -------------------------------------------------------------------------------- /sass/login_signup.scss: -------------------------------------------------------------------------------- 1 | .page.login-page, 2 | .page.register-page { 3 | height: 100%; 4 | } 5 | .login, 6 | .register { 7 | position: relative; 8 | display: table; 9 | height: 100%; 10 | width: 100%; 11 | background-color: #404448; 12 | } 13 | .login-content, 14 | .register-content { 15 | display: table-cell; 16 | vertical-align: middle; 17 | } 18 | .login-wrapper, 19 | .register-wrapper { 20 | padding: 45px 60px; 21 | max-width: 500px; 22 | margin: 0 auto; 23 | border-radius: 3px; 24 | background-color: #f6f7f8; 25 | } 26 | .login-inputs, 27 | .register-inputs { 28 | margin: 50px 0 30px 0; 29 | } 30 | .login-inputs input, 31 | .register-inputs input { 32 | padding: 13px 20px; 33 | height: 50px; 34 | border-radius: 0; 35 | border-bottom: 0; 36 | line-height: 18px; 37 | } 38 | .login-inputs input:first-child, 39 | .register-inputs input:first-child { 40 | border-radius: 3px 3px 0 0; 41 | } 42 | .login-inputs input:last-child, 43 | .register-inputs input:last-child { 44 | border-radius: 0 0 3px 3px; 45 | border-bottom: 1px solid #cbd3dd; 46 | } 47 | .register-inputs { 48 | margin-bottom: 20px; 49 | } 50 | input.login-checkbox, 51 | input.register-checkbox { 52 | margin-right: 5px; 53 | margin-bottom: 30px; 54 | } 55 | .login-form, 56 | .register-form { 57 | margin-bottom: 30px; 58 | } 59 | .login-helpers, 60 | .register-helpers { 61 | margin: 0; 62 | padding: 0; 63 | list-style-type: none; 64 | } 65 | .login-helpers .login-helper-item, 66 | .register-helpers .login-helper-item, 67 | .login-helpers .register-helper-item, 68 | .register-helpers .register-helper-item { 69 | text-align: center; 70 | font-size: 0.875em; 71 | color: #808488; 72 | } -------------------------------------------------------------------------------- /sass/modal.scss: -------------------------------------------------------------------------------- 1 | .modal { 2 | display: none; 3 | width: 600px; 4 | background-color: #f6f7f8; 5 | border-radius: 3px; 6 | max-width: 80%; 7 | } 8 | .modal-header { 9 | background-color: #cbd3dd; 10 | padding: 20px 25px; 11 | position: relative; 12 | } 13 | .modal-header .fa.fa-times { 14 | position: absolute; 15 | top: 50%; 16 | width: 20px; 17 | height: 20px; 18 | right: 15px; 19 | margin-top: -10px; 20 | cursor: pointer; 21 | text-align: center; 22 | line-height: 18px; 23 | } 24 | .modal-title { 25 | margin: 0; 26 | } 27 | .modal-content { 28 | padding: 25px; 29 | line-height: 1.4; 30 | font-weight: 300; 31 | } 32 | .modal-footer { 33 | border-top: 1px solid #cbd3dd; 34 | padding: 20px 25px; 35 | } 36 | .modal-footer.center { 37 | text-align: center; 38 | } 39 | .modal-footer .button { 40 | margin-right: 10px; 41 | } 42 | .modal-footer .button:last-child { 43 | margin-right: 0; 44 | } -------------------------------------------------------------------------------- /sass/navigation.scss: -------------------------------------------------------------------------------- 1 | .navigation { 2 | margin: 0; 3 | padding: 0; 4 | list-style-type: none; 5 | margin-bottom: 30px; 6 | } 7 | .navigation:after { 8 | clear: both; 9 | display: block; 10 | content: ''; 11 | } 12 | .navigation-next a, 13 | .navigation-previous a { 14 | color: white; 15 | border-radius: 3px; 16 | padding: 10px 20px; 17 | display: block; 18 | background-color: #44bb55; 19 | font-weight: 300; 20 | -webkit-transition: background-color 0.25s ease; 21 | -moz-transition: background-color 0.25s ease; 22 | -ms-transition: background-color 0.25s ease; 23 | -o-transition: background-color 0.25s ease; 24 | transition: background-color 0.25s ease; 25 | } 26 | .navigation-next a:hover, 27 | .navigation-previous a:hover { 28 | text-decoration: none; 29 | background-color: #3da84d; 30 | } 31 | .navigation-next { 32 | float: right; 33 | } 34 | .navigation-previous { 35 | float: left; 36 | } -------------------------------------------------------------------------------- /sass/notification.scss: -------------------------------------------------------------------------------- 1 | .notification { 2 | padding: 150px 0; 3 | position: relative; 4 | } 5 | .notification-icon { 6 | text-align: center; 7 | margin-bottom: 20px; 8 | } 9 | .notification-close { 10 | position: absolute; 11 | right: 30px; 12 | top: 30px; 13 | width: 30px; 14 | height: 30px; 15 | cursor: pointer; 16 | } 17 | .notification-close:before, 18 | .notification-close:after { 19 | width: 2px; 20 | height: 30px; 21 | position: absolute; 22 | display: block; 23 | content: ''; 24 | background-color: #808488; 25 | top: 0; 26 | left: 13px; 27 | } 28 | .notification-close:before { 29 | -webkit-transform: rotate(45deg); 30 | -moz-transform: rotate(45deg); 31 | -ms-transform: rotate(45deg); 32 | -o-transform: rotate(45deg); 33 | transform: rotate(45deg); 34 | } 35 | .notification-close:after { 36 | -webkit-transform: rotate(-45deg); 37 | -moz-transform: rotate(-45deg); 38 | -ms-transform: rotate(-45deg); 39 | -o-transform: rotate(-45deg); 40 | transform: rotate(-45deg); 41 | } 42 | .notification-title { 43 | font-size: 2.375em; 44 | text-align: center; 45 | } 46 | .notification-description { 47 | font-size: 1.25em; 48 | text-align: center; 49 | margin-bottom: 30px; 50 | } 51 | .notification-buttons { 52 | text-align: center; 53 | } 54 | .notification-buttons .button { 55 | margin-right: 10px; 56 | } 57 | .notification-buttons .button:last-child { 58 | margin-right: 0; 59 | } -------------------------------------------------------------------------------- /sass/number.scss: -------------------------------------------------------------------------------- 1 | .number-box { 2 | margin-bottom: 30px; 3 | padding-left: 60px; 4 | position: relative; 5 | } 6 | .numbers > .row > div:last-child .number-box { 7 | border: none; 8 | } 9 | .number-icon { 10 | position: absolute; 11 | left: -15px; 12 | top: 2px; 13 | font-size: 3.4375em; 14 | width: 60px; 15 | text-align: center; 16 | color: #99a3b1; 17 | } 18 | .number-wrapper { 19 | font-size: 2.1875em; 20 | display: block; 21 | line-height: 40px; 22 | font-weight: 300; 23 | } 24 | .number-description { 25 | font-size: 0.8125em; 26 | display: block; 27 | margin-left: 3px; 28 | line-height: 1.4; 29 | color: #2288cc; 30 | } -------------------------------------------------------------------------------- /sass/pageinfo.scss: -------------------------------------------------------------------------------- 1 | .page-title { 2 | font-size: 5em; 3 | color: #1a1a1a; 4 | font-weight: 100; 5 | margin-bottom: 30px; 6 | } 7 | .page-info-simple .page-title { 8 | font-weight: 300; 9 | color: #333333; 10 | font-size: 4.5em; 11 | } 12 | .header-back-light .page-title { 13 | color: white; 14 | } 15 | .page-description { 16 | color: #1a1a1a; 17 | text-transform: uppercase; 18 | font-size: 1.25em; 19 | letter-spacing: 2px; 20 | line-height: 1.5; 21 | font-weight: 300; 22 | margin-bottom: 40px; 23 | } 24 | .page-info-simple .page-description { 25 | text-transform: none; 26 | font-size: 1.5em; 27 | letter-spacing: 0; 28 | } 29 | .header-back-light .page-description { 30 | color: white; 31 | } 32 | .header-back-app .page-title { 33 | margin-bottom: 50px; 34 | font-weight: 100; 35 | } 36 | .header-back-app .page-description { 37 | margin-bottom: 70px; 38 | font-weight: 100; 39 | } 40 | .morphext > .animated { 41 | display: inline-block; 42 | color: #2288cc; 43 | z-index: 4; 44 | position: relative; 45 | } -------------------------------------------------------------------------------- /sass/panels.scss: -------------------------------------------------------------------------------- 1 | #content.panels { 2 | padding: 100px 0; 3 | background-color: #f6f7f8; 4 | } 5 | .panel { 6 | background-color: white; 7 | padding: 50px; 8 | box-shadow: 0 0 6px rgba(153, 153, 153, 0.29); 9 | margin-bottom: 50px; 10 | } 11 | .panel img { 12 | max-width: 100%; 13 | } 14 | .panel:last-child { 15 | margin-bottom: 0; 16 | } 17 | .panel-image { 18 | width: 80%; 19 | } 20 | .panel-header { 21 | font-size: 1.875em; 22 | text-align: center; 23 | line-height: 1.4; 24 | font-weight: 300; 25 | margin-bottom: 30px; 26 | } -------------------------------------------------------------------------------- /sass/promotitle.scss: -------------------------------------------------------------------------------- 1 | .promo-title-wrapper { 2 | margin-bottom: 70px; 3 | padding-top: 140px; 4 | } 5 | .give-it-try .promo-title-wrapper { 6 | margin-bottom: 50px; 7 | } 8 | .promo-title-less-space { 9 | padding-top: 100px; 10 | } 11 | .promo-title-no-icon { 12 | padding-top: 80px; 13 | } 14 | .promo-title-no-icon .promo-title:before { 15 | display: none; 16 | } 17 | .promo-title { 18 | text-align: center; 19 | font-size: 3.25em; 20 | font-weight: 100; 21 | color: #1a1a1a; 22 | margin-bottom: 20px; 23 | position: relative; 24 | } 25 | .promo-title:before { 26 | position: absolute; 27 | content: attr(data-icon); 28 | display: block; 29 | font-family: 'Pe-icon-7-stroke'; 30 | font-size: 29px; 31 | opacity: 0.3; 32 | width: 40px; 33 | height: 40px; 34 | text-align: center; 35 | top: -60px; 36 | left: 50%; 37 | margin-left: -20px; 38 | speak: none; 39 | } 40 | .promo-description { 41 | text-align: center; 42 | font-size: 1.25em; 43 | color: #808488; 44 | max-width: 80%; 45 | margin: 0 auto; 46 | } -------------------------------------------------------------------------------- /sass/rotator.scss: -------------------------------------------------------------------------------- 1 | .rotator { 2 | margin-bottom: 40px; 3 | } 4 | .rotator-light { 5 | color: white; 6 | } 7 | .rotator-text { 8 | font-size: 4.125em; 9 | text-align: center; 10 | line-height: 1.2; 11 | font-weight: 100; 12 | } -------------------------------------------------------------------------------- /sass/search.scss: -------------------------------------------------------------------------------- 1 | .search { 2 | position: relative; 3 | margin-bottom: 30px; 4 | } 5 | .widget .search { 6 | margin-bottom: 0; 7 | } 8 | .search-icon { 9 | position: absolute; 10 | top: 10px; 11 | right: 10px; 12 | color: #99a3b1; 13 | font-size: 13px; 14 | } 15 | .search-input { 16 | padding-right: 30px; 17 | border-radius: 2px; 18 | } 19 | .search-minimal { 20 | text-align: right; 21 | position: relative; 22 | } 23 | .search-minimal-icon { 24 | font-size: 20px; 25 | line-height: 40px; 26 | color: #808488; 27 | cursor: pointer; 28 | margin-right: 10px; 29 | } 30 | .search-minimal-input { 31 | display: none; 32 | position: absolute; 33 | top: 6px; 34 | right: 42px; 35 | width: 180px; 36 | height: 30px; 37 | background-color: #f6f7f8; 38 | border: 1px solid #cbd3dd; 39 | border-radius: 3px; 40 | max-width: 80%; 41 | } 42 | .search-minimal-input:after { 43 | position: absolute; 44 | content: ''; 45 | display: block; 46 | width: 6px; 47 | height: 6px; 48 | right: -4px; 49 | top: 11px; 50 | border-top: 1px solid #cbd3dd; 51 | border-right: 1px solid #cbd3dd; 52 | background-color: #f6f7f8; 53 | -webkit-transform: rotate(45deg); 54 | -moz-transform: rotate(45deg); 55 | -ms-transform: rotate(45deg); 56 | -o-transform: rotate(45deg); 57 | transform: rotate(45deg); 58 | } 59 | .search-minimal-input input { 60 | border: 0; 61 | outline: none; 62 | display: block; 63 | height: 100%; 64 | width: 100%; 65 | background-color: transparent; 66 | padding: 0 10px; 67 | line-height: 16px; 68 | font-size: 12px; 69 | } 70 | 71 | -------------------------------------------------------------------------------- /sass/skills.scss: -------------------------------------------------------------------------------- 1 | .skill { 2 | margin-bottom: 30px; 3 | } 4 | .skill.inline .skill-title, 5 | .skill.inline .skill-level { 6 | display: inline-block; 7 | vertical-align: top; 8 | zoom: 1; 9 | *display: inline; 10 | line-height: 50px; 11 | margin: 0; 12 | } 13 | .skill.inline .skill-title { 14 | margin-right: 15px; 15 | } 16 | .skill.inline.small .skill-title { 17 | margin-right: 10px; 18 | } 19 | .skill.large .skill-title { 20 | font-size: 2.1875em; 21 | } 22 | .skill.large .skill-level { 23 | font-size: 1.25em; 24 | } 25 | .skill.small .skill-title { 26 | font-size: 1em; 27 | } 28 | .skill.small .skill-level { 29 | font-size: 0.625em; 30 | } 31 | .skill-level { 32 | margin: 0; 33 | padding: 0; 34 | list-style-type: none; 35 | } 36 | .skill-level > li { 37 | color: #fdc441; 38 | display: inline-block; 39 | vertical-align: top; 40 | zoom: 1; 41 | *display: inline; 42 | font-size: 1.25em; 43 | } -------------------------------------------------------------------------------- /sass/tabs.scss: -------------------------------------------------------------------------------- 1 | .tabs { 2 | margin-bottom: 30px; 3 | position: relative; 4 | width: 100%; 5 | display: block; 6 | } 7 | .tabs .content { 8 | border-radius: 3px; 9 | padding: 30px; 10 | border: 1px solid #cbd3dd; 11 | } 12 | .tabs .content p:last-child { 13 | margin: 0; 14 | } 15 | .tabs .steps { 16 | margin: 0; 17 | } 18 | .tabs .steps ul { 19 | margin: 0; 20 | padding: 0; 21 | list-style-type: none; 22 | } 23 | .tabs .steps ul > li { 24 | display: inline-block; 25 | vertical-align: top; 26 | zoom: 1; 27 | *display: inline; 28 | background-color: #f6f7f8; 29 | border: 1px solid rgba(0, 0, 0, 0.15); 30 | margin-right: 10px; 31 | margin-bottom: -1px; 32 | border-radius: 3px; 33 | } 34 | .tabs .steps ul > li i { 35 | margin-left: 2px; 36 | margin-right: 8px; 37 | } 38 | .tabs .steps ul > li.current { 39 | background-color: white; 40 | border-bottom: 1px solid white; 41 | outline: none; 42 | } 43 | .tabs .steps ul > li.current a, 44 | .tabs .steps ul > li.current a:hover { 45 | outline: none; 46 | } 47 | .tabs .steps ul > li a { 48 | font-size: 0.875em; 49 | color: #333333; 50 | padding: 10px 15px; 51 | display: block; 52 | } 53 | .tabs .steps ul > li a:hover { 54 | color: #333333; 55 | text-decoration: none; 56 | } 57 | .tab-title { 58 | display: none; 59 | } -------------------------------------------------------------------------------- /sass/tags.scss: -------------------------------------------------------------------------------- 1 | .tags { 2 | margin: 0; 3 | padding: 0; 4 | list-style-type: none; 5 | font-size: 0.75em; 6 | } 7 | .tag-item { 8 | display: inline-block; 9 | vertical-align: top; 10 | zoom: 1; 11 | *display: inline; 12 | } 13 | .tag-item a { 14 | display: block; 15 | color: #333333; 16 | margin-right: 20px; 17 | margin-bottom: 9px; 18 | padding: 2px 12px 2px 11px; 19 | border: 1px solid #cbd3dd; 20 | border-right: 0; 21 | position: relative; 22 | border-radius: 3px 0 0 3px; 23 | } 24 | .tag-item a:before { 25 | position: absolute; 26 | content: ''; 27 | display: block; 28 | height: 20px; 29 | width: 19px; 30 | top: 3px; 31 | right: -9px; 32 | background-color: white; 33 | border-radius: 0 5px 0 0; 34 | border-top: 1px solid #cbd3dd; 35 | border-right: 1px solid #cbd3dd; 36 | -webkit-transform: rotate(45deg); 37 | -moz-transform: rotate(45deg); 38 | -ms-transform: rotate(45deg); 39 | -o-transform: rotate(45deg); 40 | transform: rotate(45deg); 41 | z-index: -1; 42 | } 43 | .tag-item a:after { 44 | width: 4px; 45 | height: 4px; 46 | border-radius: 50%; 47 | display: block; 48 | content: ''; 49 | position: absolute; 50 | border: 1px solid #cbd3dd; 51 | top: 11px; 52 | right: -1px; 53 | } -------------------------------------------------------------------------------- /search.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Search Guard Search 3 | html_title: Search 4 | slug: search 5 | layout: search 6 | description: Explore the Search Guard Documentation, Knowledgebase and How-To articles. 7 | --- -------------------------------------------------------------------------------- /sitemap.xml: -------------------------------------------------------------------------------- 1 | --- 2 | layout: null 3 | --- 4 | 5 | 6 | 7 | {% assign collections = site.collections | where_exp:'collection','collection.output != false' %} 8 | {% for collection in collections %} 9 | 10 | {% assign docs = collection.docs | where_exp:'doc','doc.sitemap != false' | where_exp:'doc','doc.subcategory == null'%} 11 | {% for doc in docs %} 12 | 13 | https://docs.search-guard.com{{site.baseurl}}{{ doc.url | xml_escape }} 14 | {% if doc.last_modified_at or doc.date %} 15 | {{ doc.last_modified_at | default: doc.date | date_to_xmlschema }} 16 | {% endif %} 17 | 18 | {% for resource in doc.sitemap_resources %} 19 | 20 | https://docs.search-guard.com{{ resource | xml_escape }} 21 | {{ doc.last_modified_at | default: doc.date | date_to_xmlschema }} 22 | 23 | {% endfor %} 24 | {% endfor %} 25 | 26 | {% assign files = collection.files %} 27 | {% for file in files %} 28 | 29 | https://docs.search-guard.com{{site.baseurl}}/{{ file.name }} 30 | {{ file.modified_time | date_to_xmlschema }} 31 | 32 | {% endfor %} 33 | {% endfor %} 34 | 35 | 36 | 37 | 38 | --------------------------------------------------------------------------------