iProbe/Docs
0
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
Docs/ELK/ELK安全.md
iProbe ba848e218d first commit
2022-10-18 16:59:37 +08:00

1 KiB
Raw Blame History

es由x-pack提供安全。配置elasticsearch.yaml

xpack.security.enabled: true

为内置用户设置密码

./bin/elasticsearch-setup-passwords interactive

配置kibana

可以在kibana.yml中配置es的密码

elasticsearch.username: "kibana"
elasticsearch.password: "your_password"

或者使用密钥库存储

./bin/kibana-keystore create
./bin/kibana-keystore add elasticsearch.username
./bin/kibana-keystore add elasticsearch.password

还可以在启动时,加上参数

./bin/kibana --elasticsearch.hosts="http://localhost:9200" --elasticsearch.username=kibana --elasticsearch.password=password

配置logstash

使用logstash-keystore 存储敏感数据

bin/logstash-keystore create
bin/logstash-keystore add ES_HOST
bin/logstash-keystore add LS_USER
bin/logstash-keystore add LS_PWD

查看存储的数据

./bin/logstash-keystore list

logstash配置输出

output {
  elasticsearch {
    hosts => ["${ES_HOST}"]
    user => "${LS_USER}"
    password => "${LS_PWD}"
  }