Does anyone have an example of how to call the keystore password from the yml file?
I'm clear on how to create the keystore from the link below, but unsure how to call the password from inside the elasticsearch.yml file. Help. Thanks.
https://www.elastic.co/guide/en/elasticsearch/reference/5.6/secure-settings.html
I should clarify, this password is for my email configuration. Below is an excerpt from my yml file.
xpack.notification.email.account:
exchange_account:
profile: dion
email_defaults:
from: dion@domain.com
smtp:
auth: true
starttls.enable: true
host: smtp.domain.com
port: 25
user: dion@domain.com
password: "password"The elasticsearch keystore works by the elasticsearch code looking up setting values directly in the keystore. There are no references to keystore values inside elasticsearch.yml.
In your case, check the email notification docs (specifically the secure_password setting). You would set it with a keystore command like this:
echo "mypassword" | bin/elasticsearch-keystore add --stdin xpack.notification.email.account.exchange_account.smtp.secure_password
Thanks Ryan. I don't think I have this capability in 5.6. Looks like the keystore command is only available after 6.x
Currently, neither Watcher nor Shield provide a mechanism to encrypt settings in elasticsearch.yml . Because the email account credentials appear in plain text, you should limit access to elasticsearch.yml to the user that you use to run Elasticsearch.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.