Hi, I am quite new to elasticsearch,
I enabled xpack security in elasticsearch.yml, and then created built-in users in bin/elasticsearch-setup-passwords.
After that i added in kibana.yml
elasticsearch.username: "kibana"
elasticsearch.password: "your_password".
Sice then Elasticsearch is not working it shows that the service is down and can't connect to ES (error 401)
Logstash shows that it gets logs, but it does not send them to kibana.
Can anyone help me and explain where exactly do i have to configure elasticsearch user and logstash user? and which built-in user is incharge of elasticsearch?
And i can't login to kibana using kibana user it shows me status error 403, i could only use elastic user, or users that i build myself, do u know whats my problem?
Thanks
Hi there,
Did you read our documentation about how to setup security in elasticsearch ? Also this for configuring Logstash ?
You don;t need to login to Kibana with the kibana user. The kibana user is the user that Kibana internally uses to connect to Elasticsearch.
Hi ikavkas thank you so much,
I have another question, i understood elasticsearch saves built-in users passwords in .security file, does it also save the new users and their passwords there?
And does it by default hash or encrypt them before storing them,or do i have to do it?
Thanks for the patience
Users in the native realm are stored in an internal Elasticsearch index, not a file. Only users of the file realm are stored in a file - if you select to use a file realm.
Passwords for both are stored salted and hashed using , by default, the bcrypt algorithm. You can use other algorithms if you wish, the list of supported ones is here
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.