To access the Grok Debugger in Kibana, you typically need to have the `manage_pipeline` permission if you are using Elastic Stack security features. This permission is required because the Grok Debugger utilizes Elasticsearch's simulate API, which is part of the pipeline management functionality[5][9][10].
If you are using a superuser account like the `elastic` user, which has cluster admin privileges, you should inherently have all necessary permissions, including `manage_pipeline`, and thus should be able to access the Grok Debugger without additional configuration[1][5].
Additionally, ensure that the Grok Debugger is enabled and available in your Kibana setup. In some cases, using the non-oss version of Kibana might be necessary to access certain features like the Grok Debugger[1].
If you are setting up roles for non-superusers, you would need to assign them the `manage_pipeline` permission to allow access to the Grok Debugger[3][5].
Citations:[1] https://discuss.elastic.co/t/grok-debugger-not-shown-in-dev-tools/249853
[2] https://www.elastic.co/guide/en/kibana/current/advanced-options.html
[3] https://discuss.elastic.co/t/role-to-use-grok-debugger-and-console-granular-access-control/109619
[4] https://stackoverflow.com/questions/38096827/querying-kibana-using-grok-pattern
[5] https://www.elastic.co/guide/en/kibana/current/xpack-grokdebugger.html
[6] https://discuss.elastic.co/t/cannot-access-grokdebugger-in-kibana6-on-freebsd-11/143609
[7] https://latenode.com/blog/a-complete-guide-to-using-the-grok-debugger
[8] https://www.elastic.co/guide/en/elasticsearch/reference/current/grok.html
[9] https://github.com/elastic/kibana/issues/18029
[10] https://www.elastic.co/guide/en/kibana/7.17/xpack-grokdebugger.html