Elasticsearch 6.4.1 - Configuring X-pack on CentOS7 x64 Issue

Hello,

I've installed Elasticsearch 6.4.1 and installed Kibana 6.4.1 Logstash 6.4.1, Packetbeat 6.4.1, and Filebeat 6.4.1 on our CentOS 7 x64 VMware VM. Reviewing the documentation on how to secure Elasticsearch here: https://www.elastic.co/guide/en/x-pack/6.2/security-getting-started.html#security-getting-started I started doing this because I was trying to integrate Packetbeat into Elasticsearch as was noted here: https://www.elastic.co/videos/getting-started-with-packetbeat?baymax=rtp&storm=beats&elektra=product&iesrc=ctr that Packetbeat would show up in the Kibana window, but it did not so I found that X-pack needed to be configured. Is this correct?

So I attempted to install an older version of X-Pack (6.2.4), because I didn't note that the page I was taken to gave me a different version. I subsequently received the 'ERROR: This plugin was built with an older plugin structure. Contact the plugin author to remove the intermediate "elasticsearch: directory within the plugin zip.' so I found that this will not work. Is it correct that Elasticsearch 6.4.1 has X-pack integrated? Also, please advise on what I need to do with X-pack if it is integrated so I can get Packetbeat working within Kibana.

Thank you,
Eloy Sanchez

Hi,

our documentation is versioned and we recommend to read the documentation for the version that you are using (you are referring to the docs for version 6.2). X-Pack has been included by default into the Elastic Stack with version 6.3.0, i.e. there is no need to install X-Pack separately anymore. Out of the box, you'll have a basic license which provides access to some but not all features (see the subscriptions page for details). If you want to use commercial features you still need to obtain a commercial license or use a trial license and try them during the trial period.

For Packetbeat or Kibana-specific questions I suggest you ask in the respective forums.

Daniel

Edit: I have clarified the wording about the inclusion of X-Pack into the default distribution of the Elastic Stack from version 6.3.0 on.

Hello Daniel,

We are doing development work to find out if Elasticsearch/Kibana/Logstash/FileBeat/Packetbeat are the solution we will use. But I first need to get it all properly configured to start testing.

So my main issue at the moment is that X-Pack does not seem to be integrated. I would like to change the default “elastic” password of “changeme”. According to this page, I need to first configure security in Elasticsearch:
https://www.elastic.co/guide/en/kibana/current/using-kibana-with-security.html

On the referenced page,
https://www.elastic.co/guide/en/elasticsearch/reference/6.4/configuring-security.html
I then need to “Verify that you are using a license that includes the X-Pack security feature.”

In your reply below, x-pack is now open-source and is included. Do I need to start the 30-day trial to use X-pack? Please advise what I need to do next to get x-pack to allow me to update passwords and perform other security-related features to help me get Elastic up and running.

Thank you,

Eloy Sanchez

Raytheon Engineering

  • This message contains information that may be confidential and privileged. Unless you are the addressee (or authorized to receive mail for the addressee), you should not use, copy or disclose to anyone this message or any information contained in this message. If you have received this message in error, please so advise the sender by reply e-mail and delete this message. Thank you for your cooperation.*

Daniel's statement is unfortunately incorrect. While we have opened up the code for X-Pack and now include it in our default distribution together with a free Basic license, the whole code base has not been open-sourced. This is described in further detail in this blog post. The parts of X-Pack not included in the free Basic license therefore still requires a commercial or trial license, and you can find a list of features and levels here.

Christian,

Thank you for that clarification. This will help me moving forward with our development efforts as we decide which features are required.

Eloy Sanchez

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.