HI all:
Based on the source code of filebeat, an empty string is used as the password to generate keysotres(see https://github.com/elastic/beats/blob/c825c727948c1f87eb36e5d4bd982de06c42cfbf/libbeat/keystore/file_keystore.go#L99). So with the content of filebeat.keystore file, we can easily crash the secrets(filebeat ships with many tests which makes it even more conveniently).
Does filebeat has the plan of using users own passwords? Or is there any more secure way to store secrets in filebeat?
Hi @yuqingz!
There is an open issue for this: https://github.com/elastic/beats/issues/5737
It seems to be of low priority since it has not updates for some time now but you can definitely follow any progress on this.
C.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.