49 lines
1 KiB
Markdown
49 lines
1 KiB
Markdown
es由x-pack提供安全。配置elasticsearch.yaml
|
|
```
|
|
xpack.security.enabled: true
|
|
```
|
|
|
|
#### 为内置用户设置密码
|
|
```
|
|
./bin/elasticsearch-setup-passwords interactive
|
|
```
|
|
|
|
### 配置kibana
|
|
可以在kibana.yml中配置es的密码
|
|
```
|
|
elasticsearch.username: "kibana"
|
|
elasticsearch.password: "your_password"
|
|
```
|
|
或者使用密钥库存储
|
|
```
|
|
./bin/kibana-keystore create
|
|
./bin/kibana-keystore add elasticsearch.username
|
|
./bin/kibana-keystore add elasticsearch.password
|
|
```
|
|
还可以在启动时,加上参数
|
|
```
|
|
./bin/kibana --elasticsearch.hosts="http://localhost:9200" --elasticsearch.username=kibana --elasticsearch.password=password
|
|
```
|
|
|
|
### 配置logstash
|
|
使用logstash-keystore 存储敏感数据
|
|
```
|
|
bin/logstash-keystore create
|
|
bin/logstash-keystore add ES_HOST
|
|
bin/logstash-keystore add LS_USER
|
|
bin/logstash-keystore add LS_PWD
|
|
```
|
|
查看存储的数据
|
|
```
|
|
./bin/logstash-keystore list
|
|
```
|
|
logstash配置输出
|
|
```
|
|
output {
|
|
elasticsearch {
|
|
hosts => ["${ES_HOST}"]
|
|
user => "${LS_USER}"
|
|
password => "${LS_PWD}"
|
|
}
|
|
|
|
```
|