A solid, open source Elasticsearch security solution.
What's new in
ReadonlyREST PRO/Enterprise for Kibana
- Feature: works on Kibana 6.0
- Feature: works in airgapped environments
- Feature: works with delegated authentication "proxy_auth"
- Feature: hides RW parts of Kibana UI (when the current user has no write privileges)
- Feature: preserve comments and YAML formatting in settings UI
- Feature: load balancer support (shared cookie encryption key)
ReadonlyREST for Elasticsearch
- Feature: works on Elasticsearch 6.0
- Feature: supports reindex requests
- Feature: custom audit log serializers
- Feature: LDAP allows fetching groups from a user attribute
- Security fix: reads settings from config/readonlyrest.yml
- Security fix: x-forwarded-for rule behaves like IETF specs.
- Security fix: hosts rule resolves allowed hosts right before checking rule
- Security fix: smarter handling of MultiSearch and MultiGet requests
- Bug Fix: fixes hang on shutdown in Windows