I am using an AWS EC2 server for running a single-node Elasticsearch instance. I have kibana installed in the same server.
I am able to configure 'FluentD' to this node with security enabled, but not 'Fluent-bit'. I am getting 'broken connection' error.
When I tried to change the security settings in Elasticsearch, Kibana is not working. I tried adding 'kibana_system' username and password too. Nothing works.
I have the following questions:
-
What is the config that needs to be updated for Fluentbit to start pushing logs to ES with Security Enabled in ES?
-
If Xpack Security is disabled in ES, then how can we make Kibana work?
ES yml
network.host: 0.0.0.0
discovery.type: single-node
http.port: 9200
discovery.seed_hosts: ["x.x.x.x"]
xpack.security.enabled: true
xpack.security.enrollment.enabled: true
xpack.security.http.ssl:
enabled: true
keystore.path: certs/http.p12
xpack.security.transport.ssl:
enabled: true
verification_mode: certificate
keystore.path: certs/transport.p12
truststore.path: certs/transport.p12
Kibana yml:
server.port: 5601
server.host: "0.0.0.0"
elasticsearch.username: "kibana_system"
elasticsearch.password: "xxxx"
Fluent Bit config:
[SERVICE]
Parsers_File /parser.config
[FILTER]
Name parser
Match *
Key_Name log
Parser json
Reserve_Data On
Preserve_Key On
[OUTPUT]
Name es
Match *
Type _doc
Include_Tag_Key On
Suppress_Type_Name On
Tag_Key tag
Trace_Error On
host https://x.x.x.x
port 9200
HTTP_User ${esUser}
HTTP_Passwd ${esPassword}
tls On
tls.verify Off
Logstash_Format On
Logstash_DateFormat %Y.%m.%d
Logstash_Prefix fluentbit-${ServiceName}
Fluentbit is running as a docker