To access the Kibana console over the Internet or an internal network, you need to add the IP address of your host to a whitelist.

Prerequisites

An Alibaba Cloud Elasticsearch cluster is created. For more information, see Create an Elasticsearch cluster.

Go to the network access configuration page

  1. Log on to the Alibaba Cloud Elasticsearch console.
  2. In the top navigation bar, select the region where your Alibaba Cloud Elasticsearch cluster resides.
  3. Find the target cluster and click its ID.
  4. In the left-side navigation pane, click Data Visualization.
  5. In the Kibana section of the page that appears, click Edit Configuration.
    You can then view the Network Access Configuration section on the Kibana Configuration page.
  6. In the Network Access Configuration section, you can perform the following operations:

Configure a whitelist for access to the Kibana console over the Internet

  1. In the Network Access Configuration section of the Kibana Configuration page, check whether Public Network Access is turned on (indicated by the color green).
    Notice

    By default, Public Network Access is turned on.

    If Public Network Access is turned off, you cannot log on to the Kibana console over the Internet.

    • If yes, go to the next step.
    • If no, click Public Network Access to turn it on.
  2. Click Update next to Kibana Whitelist.
  3. Enter the IP address you want to add in the text box.

    The Kibana console supports both IP addresses and Classless Inter-Domain Routing (CIDR) blocks. Enter IP addresses in the format of 192.168.0.1 and CIDR blocks in the format of 192.168.0.0/24. Separate multiple IP addresses and CIDR blocks with commas (,). You can enter 127.0.0.1 to block all IPv4 addresses or enter 0.0.0.0/0 to allow all IPv4 addresses.

    If your Elasticsearch cluster is deployed in the China (Hangzhou) region, you can add IPv6 addresses to the whitelist in the format of 2401:b180:1000:24::5 or CIDR blocks in the format of 2401:b180:1000::/48. Enter ::1 to block all IPv6 addresses or ::/0 to allow all IPv6 addresses.

  4. Click OK.

Configure a whitelist for access to the Kibana console over an internal network

  1. In the Network Access Configuration section of the Kibana Configuration page, check whether Private Network Access is turned on (indicated by the color green).
    Notice

    By default, Private Network Access is turned off (indicated by the color gray).

    If Private Network Access is turned off, you cannot log on to the Kibana console over an internal network.

    • If yes, go to the next step.
    • If no, click Private Network Access to turn it on.
  2. Click Update next to Private Network Whitelist.
  3. Enter the IP address you want to add in the text box.

    The Kibana console supports both IP addresses and CIDR blocks. Enter IP addresses in the format of 192.168.0.1 and CIDR blocks in the format of 192.168.0.0/24. Separate multiple IP addresses and CIDR blocks with commas (,). You can enter 127.0.0.1 to block all IPv4 addresses or enter 0.0.0.0/0 to allow all IPv4 addresses.

  4. Click OK.