When a user saves a graph workspace in Kibana, it is stored in the
index along with other saved objects like visualizations and dashboards.
By default, both the configuration and data are saved for the workspace:
The selected index pattern, fields, colors, icons, and settings.
The visualized content (the vertices and connections displayed in the workspace).
The data in a saved workspace is like a report—it is a saved snapshot that potentially summarizes millions of raw documents. Once saved, these summaries are no longer controlled by security policies. Because the original documents might be deleted after a workspace is saved, there’s no practical basis for checking permissions for the data in a saved workspace.
For this reason, you can configure the save policy for graph workspaces to ensure appropriate handling of your data. You can allow all users to save only the configuration information for a graph, require all users to explicitly include the workspace data, or completely disable the ability to save a workspace.
For example, to disable the save option entirely, set
The supported save policies are:
- Neither the configuration or data can be saved.
- Only the configuration is saved.
- Both configuration and data are saved. This is the default policy.
- Only the configuration is saved unless the user explicitly selects the include data option.
You can also use security to grant read only or all access to different roles. When security is used to grant read only access, the following indicator in Kibana is displayed. For more information on granting access to Kibana, see Granting access to Kibana.
By default, users can configure drilldown URLs to display additional information about a selected vertex in a new browser window. For example, you could configure a drilldown URL to perform a web search for the selected vertex term.
To prevent users from adding drilldown URLs, set