Configure Kibana 4 with Nginx | Securing

Kibana 4 CentOS 7
RAJ APRIL 10, 2015 0 COMMENTS ANALYTICS, CENTOS 7, ELK, KIBANA, RHEL 7

Kibana

In this tutorial we will be looking how to configure kibana 4 with Nginx. On version 4, kibana
can be started as a standalone service instead of configuring Nginx to serve kibana
installation.
There are two advantages when we configure Kibana 4 with Nginx,
1. Kibana 4 normally listens on port 5601 and it is accessible through http:ip-add-ress:5601.
With Nginx, we can make kibana portal available on port 80 or 443; here we will configure
Nginx with SSL for kibana to secure the communication between kibana and end user
browser.
2. Kibana does not comes with any kind of password protected access to portal. With Nginx,
we can configure in such a way that the user should fulfill authentication mechanism before
entering to portal.

Install Nginx:
To install Nginx using yum we need to include the Nginx repository, install the Nginx
repository.
# rpm -Uvh http://nginx.org/packages/centos/7/noarch/RPMS/nginx-releasecentos-7-0.el7.ngx.noarch.rpm

Install the Nginx by issuing the following command.

# yum -y install nginx httpd-tools

Create a password file for basic authentication of http users, this is to enable the password
protected access to kibana portal. Replace raj with your own user name.
# htpasswd -c /etc/nginx/conf.d/kibana.htpasswd raj

Configure Nginx:
Create a confiiguration file with the name kibana4.conf in /etc/nginx/conf.d directory.
# vi /etc/nginx/conf.d/kibana4.conf

Place the following content to the kibana4.conf file, assuming that both kibana and Nginx
are installed on same server.
server {

listen
80;
server_name kibana.itzgeek.local;
## Replace with your domain name
return 301 https://$server_name$request_uri;
}
server {
listen
*:443 ;
ssl on;
ssl_certificate /etc/pki/tls/certs/logstash-forwarder.crt; ## Replace with
your own certificate
ssl_certificate_key /etc/pki/tls/private/logstash-forwarder.key; ## Replace
with your own key
server_name
kibana.itzgeek.local; ## Replace with your domain name
access_log
/var/log/nginx/kibana.access.log;
error_log /var/log/nginx/kibana.error.log;
location / {
auth_basic "Restricted";
auth_basic_user_file /etc/nginx/conf.d/kibana.htpasswd;
proxy_pass http://kibana.itzgeek.local:5601; ## Replace with your kibana
instance
}
}

Restart the Nginx service.

# systemctl restart nginx.service

Configure SELinux;
I used to get a below errors in Nginx logs, SELinux is the one of the reason.
2015/04/09 15:01:20 [crit] 1190#0: *3 connect() to 127.0.0.1:5601 failed (13:
Permission denied) while connecting to upstream

We can use the following command to generate the policy rules that would allow Nginx to
connect upstream server.
# grep nginx /var/log/audit/audit.log | audit2allow -M nginx
# semodule -i nginx.pp

Access Kibana:
Now access kibana portal with FQDN (http://kibana.itzgeek.local), you will be redirected
to secure version of FQDN; you may asked to trust the secure connection incase if you
have used self signed certificate. Once you redirected https version of website, you would
be asked to enter the user name and password that you have created earlier.
Or you can use ipaddress instead of FQDN.
https://your-ip-address

Configure Kibana 4 with Nginx

Thats All!, you have successfully configured Kibana with Nginx.