Original link: https://jasonkayzk.github.io/2022/07/01/ELK%E8%AE%BE%E7%BD%AE%E5%AF%86%E7%A0%81/

ES7.7 and later versions will open the security authentication function for free, and integrate the X-pack plug-in into the open source ElasticSearch version;

This article describes how to use X-pack to set a username and password for ElasticSearch;

ELK set password

Environmental description

This article continues to use the ES 7.14.1 version;

For specific ELK deployment, please refer to my previous article:

• Deploying Single Node ELK with Docker-Compose

Source code:

• https://github.com/JasonkayZK/docker-repo/tree/elk-v7.14-single

ElasticSearch configuration

First, configure config/elasticsearch.yml

Add the following configuration (open source version is disabled by default):

 xpack.security.enabled: true

Restart ES after saving;

Then, enter ./bin/elasticsearch-setup-passwords interactive to initialize the password;

There are three users built-in:

• elastic: built-in super user;
• kibana: can only be used for kibana to connect and communicate with elasticsearch, not for kibana login;
• logstash_system: used when Logstash stores monitoring information in Elasticsearch;

So far, the encryption of ES and related components has been completed. Subsequent access and use of related components require user name and password verification. Use:

• curl localhost:9200 -u elastic:{password}

Kibana configuration

Configure username and password in config/kibana.yml :

 elasticsearch.username: "kibana"elasticsearch.password: "*****"

The account password is the password set during es initialization;

restart kibana;

Enter http://ip:5601 to open the Kibana login page, log in with the elastic account, and add a user-specified index in the role and user management to access ES;

Logstash configuration

First, modify the Logstash configuration file config/logstash.yml , add and modify the following content:

 http.host: "0.0.0.0"xpack.monitoring.elasticsearch.hosts: [ "http://elasticsearch:9200" ]xpack.monitoring.enabled: truexpack.monitoring.elasticsearch.username: logstash_systemxpack.monitoring.elasticsearch.password: *****

Also modify the configuration logstash-sample.conf in logstash:

 # Sample Logstash configuration for creating a simple# Beats -> Logstash -> Elasticsearch pipeline.input { beats { port => 5044 }}output { elasticsearch { hosts => ["http://elasticsearch:9200"] index => "%{[@metadata][beat]}-%{[@metadata][version]}-%{+YYYY.MM.dd}"- #user => "elastic"- #password => "changeme" + user => "elastic"+ password => "*****" }}

Configure the password in it!

appendix

Reference article:

• https://zhuanlan.zhihu.com/p/163337278
• https://www.jianshu.com/p/4aa3a8b70bfa

This article is reprinted from: https://jasonkayzk.github.io/2022/07/01/ELK%E8%AE%BE%E7%BD%AE%E5%AF%86%E7%A0%81/
This site is for inclusion only, and the copyright belongs to the original author.