Filebeat keystore using empty password

HI all:

Based on the source code of filebeat, an empty string is used as the password to generate keysotres(see https://github.com/elastic/beats/blob/c825c727948c1f87eb36e5d4bd982de06c42cfbf/libbeat/keystore/file_keystore.go#L99). So with the content of filebeat.keystore file, we can easily crash the secrets(filebeat ships with many tests which makes it even more conveniently).

Does filebeat has the plan of using users own passwords? Or is there any more secure way to store secrets in filebeat?

Hi @yuqingz!

There is an open issue for this: https://github.com/elastic/beats/issues/5737
It seems to be of low priority since it has not updates for some time now but you can definitely follow any progress on this.

C.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.