How does ES protect users' private information

We have a user management system that stores some user information, such as email, telephone and so on.

Now I want to protect this information from possible hacking attacks.

Does ES have any good protection for fields?

I have a idea, we can set the _source property of fields which store the private information to false so that we can still query that data, but we can't get it directly.

Is this approach possible? Is there a better solution?

Is your cluster secure - Secure the Elastic Stack | Elasticsearch Guide [8.3] | Elastic?

Yes, but even though we did security for cluster, we still wanted to make sure that some fields were ’more secure‘.

Then definitely check out field and document level security.

Is there any way to ensure that some fields can only be used for queries and not be seen

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.