Data access control is a very important area of the system. Opensource Elasticsearch doesn’t respond to the need for user authentication, as all stored data is accessible to anyuser without restriction.
Time to end this!
The Data Access Control Module is the basis for the Energy Logserver. Implementing user authentication and data access controls responds to the need for full identification of users accessing the data.
Who has access to the data?
Security in the Energy Logserver operates on two levels. Authorization is performed at GUI and API programming level. We can define roles in the system taking into account two aspects: What kind of action the role can perform - adding a document, updating, deleting, and what is the target for approved action, what is the set of data the Role can operate with. Just add our users to created role and …
All those premium features are implemented in ELK stack as the plugins and addons. Out Dev team stay as close to pure Elasticsearch as possible. We keep Your data in original format, so features like the authorization functionality can be added at any time during the work of an already implemented ELK environment.
WHAT GIVES YOU AUTHORIZATION IN ENERGY LOGSERVER?
- Each system operator has his / her own login and password
- Each user is assigned to one or more Roles
- The Role determines which index or index pattern the user has access to
- Permissions can be combined, one user can have effective rights of several roles
- Data access control is implemented at Elasticsearch level, allowing you to use this mechanism in your own applications