We are using elasticsearch as back-end for our in-house logging and
monitoring system. We have multiple sites pouring in data to one ES cluster
but in different index. e.g. abc-us has data from US site, abc-india has it
from India site.
Now concerns are we need some security checks before pushing in data to
cluster.
data coming to index is coming from right IP address
incoming json request is of inserting new data and not delete/update
while reading we want certain IP should not be able to read data of
other index.
Kindly let me know if its possible to achieve using elasticsearch.
I dont think you can achieve all of these in Elasticsearch.
You can restrict the HTTP methods to GET and POST in Elasticsearch.
But for most of other tasks , Nginx would be a better option.
Elasticsearch jetty plugin might also help you -
We are using elasticsearch as back-end for our in-house logging and
monitoring system. We have multiple sites pouring in data to one ES cluster
but in different index. e.g. abc-us has data from US site, abc-india has it
from India site.
Now concerns are we need some security checks before pushing in data to
cluster.
data coming to index is coming from right IP address
incoming json request is of inserting new data and not delete/update
while reading we want certain IP should not be able to read data of
other index.
Kindly let me know if its possible to achieve using elasticsearch.
Thanks Vineeth. I will look into suggested plugin.
On Saturday, September 13, 2014 9:10:10 AM UTC+5:30, vineeth mohan wrote:
Hello Jigish ,
I dont think you can achieve all of these in Elasticsearch.
You can restrict the HTTP methods to GET and POST in Elasticsearch.
But for most of other tasks , Nginx would be a better option.
Elasticsearch jetty plugin might also help you - GitHub - sonian/elasticsearch-jetty
Thanks
Vineeth
On Sat, Sep 13, 2014 at 9:03 AM, jigish thakar <jigish...@gmail.com
<javascript:>> wrote:
We are using elasticsearch as back-end for our in-house logging and
monitoring system. We have multiple sites pouring in data to one ES cluster
but in different index. e.g. abc-us has data from US site, abc-india has it
from India site.
Now concerns are we need some security checks before pushing in data to
cluster.
data coming to index is coming from right IP address
incoming json request is of inserting new data and not
delete/update
while reading we want certain IP should not be able to read data
of other index.
Kindly let me know if its possible to achieve using elasticsearch.
The "right IP address" can be achieved with secure sockets between
hosts. You have to write your own service for this, this is not possible on
port 9200/9300. Use HTTPS on port 443 at a reverse proxy for this. Use
only private subnets for ES cluster, i.e. block it from internet access.
You must add to your HTTP reverse proxy a dispatcher which accepts only
requests on certain endpoints and can translate endpoints to index aliases
(your "certain IP" has exactly on index alias).
We are using elasticsearch as back-end for our in-house logging and
monitoring system. We have multiple sites pouring in data to one ES cluster
but in different index. e.g. abc-us has data from US site, abc-india has it
from India site.
Now concerns are we need some security checks before pushing in data to
cluster.
data coming to index is coming from right IP address
incoming json request is of inserting new data and not delete/update
while reading we want certain IP should not be able to read data of
other index.
Kindly let me know if its possible to achieve using elasticsearch.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.