OpenSearch Guide
The OpenSearch project, created by Amazon, is a forked search project based on old versions of Elasticsearch and Kibana. These projects were created primarily to support Amazon OpenSearch Service (formerly Amazon Elasticsearch Service).
It only takes a few minutes to get started with Satori. What you need is:
- Access to Satori's management console.
- The hostname of your OpenSearch data store, for example: my-data-store-6tajyuykpzegcu27vtv5xk7lf.us-east-1.es.amazonaws.com
Adding an OpenSearch Data Store to Satori
- Login to Satori's management console at https://app.satoricyber.com.
- In the Data Stores view, click the plus button to add a new data store.
- Select the OpenSearch option.
- Enter an informative name for the data store, for example: Sales Data Warehouse.
- Enter the hostname of your OpenSearch database, for example:
my-data-store-6tajyuykpzegcu27vtv5xk7lf.us-east-1.es.amazonaws.com
- Choose the public cloud provider and region for the Satori Data Access Controller.
- Click Create.
- Finally, you will be redirected to the Data Stores list view.
The OpenSearch Project
The openSerch project is an open source project that contains two main parts:
- The open-search-dashboard
- The open-search-server
Satori currently supports a locally deployed dashboard on a client environment.
Setting up your OpenSearch Dashboard
To connect to the OpenSearch Dashboard using Satori go the OpenSearch dashboard settings file and set the hostname with the Satori hostname that was generated by the management console.
Click on the newly created OpenSearch data store instance in the Satori management console and copy the Satori Hostname URL for example:open-search-stage.us-east-1.a.s0.satoricyber.net
and then paste it to the OpenSearch dashboard settings.
Okta SAML Authentication
Satori supports SAML authentication that enables you to connect to the Open Search data store via satori. Okta acts as the SAML IdP and uses SSO and MFA to authenticate the user.
Perform the following steps to configure Okta SAML authentication on Okta.
- Go to SAML Settings in Okta
- Uncheck the Use this for Recipient URL and Destination URL checkbox
- Set the SSO URL to the following:
Https://open-search-stage.us-east-1.a.s0.satoricyber.net:5601 /_opendistro/_security/saml/acs
- Go the Recipient URL input field and enter the Amazon URL:
Https://my-data-store-6tajyuykpzegcu27vtv5xk7lf.us-east-1.es.amazonaws.com:5601 /_opendistro/_security/saml/acs
- Now go to the Destination URL”** input field and enter the same URL:
Https://my-data-store-6tajyuykpzegcu27vtv5xk7lf.us-east-1.es.amazonaws.com:5601 /_opendistro/_security/saml/acs
- Go to the amazon opensearch instance and select the security configuration section and select Service provider Entity ID.
- Now paste this Service provider entity ID in the Audience URI (SP entity ID) input field.
- Now save the Okta configuration and login to you openseaarch dashboard instance.