一、软件安装清单
- elasticsearch7.17.22
- logstash7.17.22
- kibana:7.17.22
- filebeat7.17.22
- elasticsearch-head:5
二、配置
- 生成证书
进入elasticsearch容器
bash
bin/elasticsearch-certutil cert -out /usr/share/elasticsearch/config/elastic-certificates.p12 -pass- 将证书拷贝至其他容器后重启集群
- 设置密码
进入容器设置密码
bash
bin/elasticsearch-setup-passwords interactive- 设置elasticsearch
elasticsearch.yml
bash
# 安全认证
xpack.security.enabled: true
xpack.license.self_generated.type: basic
xpack.security.transport.ssl.enabled: true
http.cors.allow-headers: "Authorization"
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: elastic-certificates.p12- 设置logstash
logstash.yml
bash
xpack.monitoring.enabled: true
xpack.monitoring.elasticsearch.username: elastic
xpack.monitoring.elasticsearch.password: xxxxxxlogstash-filebeat.conf
bash
output {
# 选择elasticsearch
elasticsearch {
hosts => ["http://es-master:9200"]
user => "elastic"
password => "xxxxxx"
index => "%{[@metadata][beat]}-%{[@metadata][version]}-%{+YYYY.MM.dd}"
}
}- 设置kibana
kibana.yml
bash
elasticsearch.username: "elastic"
elasticsearch.password: "xxxxxx"
xpack.security.enabled: true- 验证
参考
https://www.elastic.co/guide/en/elasticsearch/reference/7.17/security-basic-setup.html