I've implemented, HTTPS, Transport layer and user authentication and authorization security layers in ElasticSearch and Kibana. Now, how can I verify whether these have been implemented properly and these are in place? Basically, something of a report of sorts. May be of the certificates used are expired or turned invalid, how will I come to know to this later in time?
No, Elastic stack does not come with any tool that you can use to verify if the installation of all the components and configurations and whether they have been implemented correctly.
Go step by step verifying that the configurations you are introducing are working properly.
You could use API invocations to test whether authentication, authorization is working with test data.
As I see a specific question around certificates and whether they have expired/invalid etc. I think you could make use of https://github.com/drwetter/testssl.sh which allows you to scan and look at the results to understand more. There could be such other tools that you can make use of.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.