the elasticsearch debug is here:
_closed=false, allow_alisases_to_multiple_indices=true, forbid_closed_indices=true]
[2016-06-16 17:26:05,666][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] raw indices [.kibana]
[2016-06-16 17:26:05,666][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] Resolved [.kibana] to {}
[2016-06-16 17:26:05,666][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] requested resolved aliases and indices: [.kibana]
[2016-06-16 17:26:05,666][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] requested resolved types: [config]
[2016-06-16 17:26:05,666][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] mapped roles: [sg_kibana4_server, sg_public]
[2016-06-16 17:26:05,666][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] ---------- evaluate sg_role: sg_kibana4_server
[2016-06-16 17:26:05,666][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] Try wildcard match for ?kibana
[2016-06-16 17:26:05,666][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] Wildcard match for ?kibana: [.kibana]
[2016-06-16 17:26:05,666][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] matches for ?kibana, will check now types [*]
[2016-06-16 17:26:05,666][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] resolvedActions for ?kibana/*: [indices:*]
[2016-06-16 17:26:05,666][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] match requested action indices:data/read/search against ?kibana/*: [indices:*]
[2016-06-16 17:26:05,666][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] remaining requested aliases and indices: []
[2016-06-16 17:26:05,666][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] remaining requested resolved types: []
[2016-06-16 17:26:05,666][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] found a match for 'sg_kibana4_server', evaluate other roles for fls/dls purposes
[2016-06-16 17:26:05,666][DEBUG][com.floragunn.searchguard.configuration.PrivilegesEvaluator] sg_role sg_public is empty