github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-23 17:28:26 -04:00
Code Issues Projects Releases Packages Wiki Activity

[DOCS] Clarify alerting security setup (#139587)

Browse source
This commit is contained in:
Lisa Cawley 2022-08-30 13:26:53 -07:00 committed by GitHub
parent e745e3624c
commit c9e3d33656
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 14 additions and 21 deletions
Download patch file Download diff file Expand all files Collapse all files

35
docs/user/alerting/alerting-setup.asciidoc
View file

@ -5,7 +5,7 @@
<titleabbrev>Set up</titleabbrev>
++++
Alerting is automatically enabled in {kib}, but might require some additional
{kib} {alert-features} are automatically enabled, but might require some additional
configuration.
[float]
@ -13,7 +13,7 @@ configuration.
=== Prerequisites
If you are using an *on-premises* Elastic Stack deployment:
* In the kibana.yml configuration file, add the
* In the `kibana.yml` configuration file, add the
<<general-alert-action-settings,`xpack.encryptedSavedObjects.encryptionKey`>>
setting.
* For emails to have a footer with a link back to {kib}, set the
@ -22,7 +22,7 @@ setting.
If you are using an *on-premises* Elastic Stack deployment with
<<using-kibana-with-security, *security*>>:
* If you are unable to access {kib} Alerting, ensure that you have not
* If you are unable to access {kib} {alert-features}, ensure that you have not
{ref}/security-settings.html#api-key-service-settings[explicitly disabled API keys].
The alerting framework uses queries that require the
@ -35,31 +35,24 @@ The alerting framework uses queries that require the
When relying on alerting and actions as mission critical services, make sure you
follow the
<<alerting-production-considerations,Alerting production considerations>>.
<<alerting-production-considerations,alerting production considerations>>.
See <<alerting-scaling-guidance>> for more information on the scalability of
Alerting.
For more information on the scalability of {alert-features}, go to
<<alerting-scaling-guidance>>.
[float]
[[alerting-security]]
=== Security
To access alerting in a space, a user must have access to one of the following
features:
If you want to use the {alert-features} in a {kib} app, you must have the
appropriate feature privileges. For example, to create rules in
*{stack-manage-app} > {rules-ui}*, you must have `all` privileges for the
*Management > Stack Rules* feature. To attach actions to the rule, you must also
have `read` privileges for the *{connectors-feature}* feature. For more
information on configuring roles that provide access to features, go to
<<kibana-feature-privileges>>.
* Alerting
* <<xpack-apm,*APM*>>
* <<logs-app,*Logs*>>
* <<xpack-ml,*{ml-cap}*>>
* <<metrics-app,*Metrics*>>
* <<xpack-siem,*Security*>>
* <<uptime-app,*Uptime*>>
See <<kibana-feature-privileges, feature privileges>> for more information on
configuring roles that provide access to these features.
Also note that a user will need +read+ privileges for the
*Actions and Connectors* feature to attach actions to a rule or to edit a rule
that has an action attached to it.
For details about the prerequisites for each API, refer to <<alerting-apis>>.
[float]
[[alerting-restricting-actions]]