ELK

Overview

ELK (Elasticsearch, Logstash, Kibana) originally had no built-in auth; Kibana was open to anyone with the URL. X-Pack adds auth but advanced features (OAuth, OIDC, LDAP, SAML) are paid. casdoor/elk-auth-casdoor is a free, open-source reverse proxy that puts Casdoor (OAuth 2.0/OIDC) in front of the ELK/Kibana stack. Unauthenticated users are redirected to Casdoor; after sign-in, requests are forwarded to Kibana. Intercepted requests (including POST) are cached and replayed after login so users do not lose form data.

How to run

0. Install Go.

1. Clone casdoor/elk-auth-casdoor.

2. In Casdoor, register the proxy as an application and note Client ID, Client Secret, application name, and organization.

3. Edit the configuration.

   配置文件位于 "conf/app.conf"。 这是一个例子，你应根据自己的具体需求进行定制。

   appname = .
   # port on which the reverse proxy shall be run
   httpport = 8080
   runmode = dev
   # EDIT IT IF NECESSARY. The URL of this reverse proxy.
   pluginEndpoint = "http://localhost:8080"
   # EDIT IT IF NECESSARY. The URL of the Kibana.
   targetEndpoint = "http://localhost:5601"
   # EDIT IT. The URL of Casdoor.
   casdoorEndpoint = "http://localhost:8000"
   # EDIT IT. The clientID of your reverse proxy in Casdoor.
   clientID = ceb6eb261ab20174548d
   # EDIT IT. The clientSecret of your reverse proxy in Casdoor.
   clientSecret = af928f0ef1abc1b1195ca58e0e609e9001e134f4
   # EDIT IT. The application name of your reverse proxy in Casdoor.
   appName = ELKProxy
   # EDIT IT. The organization to which your reverse proxy belongs in Casdoor.
   organization = built-in

4. Visit http://localhost:8080 (in the above example) and log in following the redirection guidance. 然后，你应该会看到Kibana被Casdoor保护并进行了身份验证。

5. 如果一切运行正常，不要忘记通过配置防火墙（或其他方法）来阻止外部访问原始的Kibana端口。 这确保了外部人员只能通过这个反向代理来访问Kibana。