Loading...

#Elasticsearch #SecurityFeatures #XPack

Enable Elasticsearch Security Features for free using X-Pack basic license(Elastic Stack)

5,333 views

Loading...

Loading...

Transcript

The interactive transcript could not be loaded.

Loading...

Rating is available when the video has been rented.
This feature is not available right now. Please try again later.
Published on Nov 19, 2019

The video describes how to enable FREE basic license security features for Elasticsearch, Logastash, Kibana, and Beats(Elastic Stack).
I provide you links with ready to use virtual machine(VirtualBox) configuration image and all needed software so you can follow the video step-by-step, also the whole set of commands that I am using.
Official documentation - https://www.elastic.co/guide/en/elast...

Links from the video:
Download VirtualBox - https://download.virtualbox.org/virtu...
VirtualBox Virtual Machine image - https://drive.google.com/open?id=1els...
Putty Client - https://the.earth.li/~sgtatham/putty/...
Filebeat pipelineConfiguration.txt - https://drive.google.com/open?id=1MvG...
Ready to use filebeat archive - https://drive.google.com/open?id=1fXY...
Test Log file - https://drive.google.com/open?id=1mXw...

username: elk
password: elk

Commands:
sudo su
systemctl start elasticsearch
systemctl start kibana
systemctl start logstash
- optional you can check the status of the services if you want

Enable Elasticsearch Security:
nano /etc/elasticsearch/elasticsearch.yml

xpack.security.enabled: true
discovery.type: single-node

systemctl restart elasticsearch

cd /usr/share/elasticsearch
./bin/elasticsearch-setup-passwords interactive

passwords:
elastic
apmsystem
kibana
logstashsystem
beatssystem
remotemonitoring

Enable Kibana security:
cd /usr/share/kibana
./bin/kibana-keystore create --allow-root
./bin/kibana-keystore add elasticsearch.username --allow-root
username: kibana
./bin/kibana-keystore add elasticsearch.password --allow-root
password: kibana

systemctl restart kibana

Enable Logstash security:
tail -f /var/log/logstash/logstash-plain.log
systemctl stop logstash

nano /etc/logstash/logstash.yml
- uncomment the x-pack username and password
username: logstash_system
password: logstashsystem

sudo -E /usr/share/logstash/bin/logstash-keystore --path.settings /etc/logstash create
sudo -E /usr/share/logstash/bin/logstash-keystore --path.settings /etc/logstash add ES_USER
user:elastic
sudo -E /usr/share/logstash/bin/logstash-keystore --path.settings /etc/logstash add ES_PWD
password:elastic

Edit Logstash pipeline configuration file:
nano /etc/logstash/conf.d/estack-test-pipeline.conf

!NB Please find "pipelineConfiguration.txt" file in the links(youtube restricts curly braces in description ;))

systemctl start logstash

tail -f /var/log/logstash/logstash-plain.log

Filebeat Configuration:

- unachive the filebeat in your Program Files folder
- forward the port 5033 in VirtualBox

cd 'C:\Program Files\filebeat\'

.\filebeat.exe -c filebeat.yml -e -d "*"

If you want more videos like this please subscribe.
Follow me on my social network accounts: Instagram - https://instagram.com/nbglink facebook - https://facebook.com/techlinkbg twitter - https://twitter.com/nbglink patreon - https://www.patreon.com/nbglink

Thank you and enjoy it! ;)

#Elasticsearch #SecurityFeatures #XPack

Loading...

Advertisement
When autoplay is enabled, a suggested video will automatically play next.

Up next


to add this to Watch Later

Add to

Loading playlists...