Link Search Menu Expand Document Documentation Menu

System indexes

By default, Lucenia has a protected system index, .opendistro_security, which is used to store the Security configuration YAML files. You create this index using securityadmin.sh. Even with a user account that has read permissions for all indexes, you can’t directly access the data in this system index.

Instead, you first need to authenticate with an admin certificate to gain access:

curl -k --cert ./kirk.pem --key ./kirk-key.pem -XGET 'https://localhost:9200/.opendistro_security/_search'

When Security is installed, the demo configuration automatically creates the .opendistro_security system index. It also adds several other indexes for the various Lucenia plugins that integrate with the Security implementation:

plugins.security.system_indices.enabled: true
plugins.security.system_indices.indices: [".opendistro-alerting-config", ".opendistro-alerting-alert*", ".opendistro-anomaly-results*", ".opendistro-anomaly-detector*", ".opendistro-anomaly-checkpoints", ".opendistro-anomaly-detection-state", ".opendistro-reports-*", ".opendistro-notifications-*", ".opendistro-notebooks", ".opendistro-asynchronous-search-response*"]

You can add additional system indexes in lucenia.yml. An alternative way to remove a system index is to delete it from the plugins.security.system_indices.indices list on each node and restart Lucenia.

350 characters left

Have a question? .