1. There are 3 types of Elastic security measures
1.1 Minimal security
Applicable to: Elasticsearch development mode
1.2 Basic security
Applicable to: Elasticsearch production environment
1.3 Basic security + TLS for REST
Better security: basic security + TLS for REST
2. Minimal security settings: minimal security for ES
2.1 Prerequisites
- Elasticsearch is installed;
- Kibana is installed;
2.2 Configure several environment variables
%ES_HOME%=ES installation directory
ES_PATH_CONF=%ES_HOME%/config
%KIB_HOME%=Kibana installation directory
KIB_PATH_CONF=%KIB_HOME%/config
Configuration as screenshot
2.3 elasticsearch.yml configuration
2.3.1 Enable es security features:
xpack.security.enabled: true
With a single node, this ensures that the node does not inadvertently connect to other clusters
discovery.type: single-node
2.3.3 Set password for built-in user
1. Open a window to start es (restart after configuration)
./bin/elasticsearch
2. Open another window to execute elasticsearch-setup-passwords
bin/elasticsearch-setup-passwords interactive
Initiating the setup of passwords for reserved users elastic,apm_system,kibana,kibana_system,logstash_system,beats_system,remote_monitoring_user.
You will be prompted to enter passwords as the process progresses.
Please confirm that you would like to continue [y/N]yEnter password for [elastic]:
Reenter password for [elastic]:
Enter password for [apm_system]:
Reenter password for [apm_system]:
Enter password for [kibana_system]:
Reenter password for [kibana_system]:
Enter password for [logstash_system]:
Reenter password for [logstash_system]:
Enter password for [beats_system]:
Reenter password for [beats_system]:
Enter password for [remote_monitoring_user]:
Reenter password for [remote_monitoring_user]:
Changed password for user [apm_system]
Changed password for user [kibana_system]
Changed password for user [kibana]
Changed password for user [logstash_system]
Changed password for user [beats_system]
Changed password for user [remote_monitoring_user]
Changed password for user [elastic]
For the above 20 lines, you can enter your password repeatedly~ At the same time, you can take a look at the user[kibana_system] here, which is mentioned below
2.4 kibana.yml configuration
2.4.1 Add kibana_system user to yml
elasticsearch.username: "kibana_system"
# 设置为任意文本字符串,默认情况下,Kibana在启动时生成一个随机键,这会导致重新启动时挂起的报表失败,将此设置配置为在重启时使用相同的键
xpack.reporting.encryptionKey: "just_need_a_fixed_string"
xpack.security.encryptionKey: "something_at_least_32_characters"
# 如果没指定加密密钥,Kibana会在启动时自动生成一个随机密钥。这样每次重启无法解密上次的加密数据,所以要指定
xpack.encryptedSavedObjects.encryptionKey: "min-32-byte-long-strong-encryption-key"If the following three are not specified, kibana will start with a warning
The built-in kibana_system user and password have been created before (entered earlier, remember).
Kibana needs to use the kibana_system user to perform some background tasks.
2.4.2 Create kibana keystore
./bin/kibana-keystore create2.4.3 Add the password of the kibana_system user to the Kibana keystore:
./bin/kibana-keystore add elasticsearch.password2.4.4 Just restart kibana
./bin/kibanahttp://localhost:5601 access again, you need an account password, just use elastic+password
2.4 The entire process es must be open
Reference: Official document: Configure security for the Elastic Stack
**粗体** _斜体_ [链接](http://example.com) `代码` - 列表 > 引用。你还可以使用@来通知其他用户。