How to pass encrypted USerName and Password in Logstash

Elastic Stack Logstash
1

Elastic Search Version 6.0.0
Logstash version 6.0.0

logstash.conf file
input {
jdbc {
jdbc_connection_string => "jdbc:postgresql://DbIP:port/DatabaseName"
jdbc_user => "dbuser"
jdbc_password => "dbpassword"
jdbc_driver_class => "org.postgresql.Driver"
jdbc_driver_library => "/home/Downloads/postgresql-42.1.4.jar"
jdbc_validate_connection => true
statement => 'select *from order_tbl'
use_column_value => true
tracking_column_type =>"numeric"
tracking_column => "ford_id"
clean_run => true
}
}
output {
elasticsearch {
user => ESUser
password => ESPassword
ssl => true
sniffing => true
index => "1_999"
document_type => "1_999"
document_id => "%{ford_id}"
hosts => ["https://ESIp:Port"]
}
}

In the above conf file I specified actual username and password of DB and ES.I want to pass encrypt username and password of DB as well Elastic Search .Because of security reasons I can't hard code those values.I can't take read from Environment variable also.I Want to use AES algoritham for encrytion purpose.

One more thing How to decrypt in Elastic Search Side if Encrypted username and password came into the Elastic Search.

Please help as soon as possible.

2

In the above conf file I specified actual username and password of DB and ES.I want to pass encrypt username and password of DB as well Elastic Search

That's not supported.

3

You mean say encrypted username and password of Database can't pass?
encrypted username and password of Elastic search can't pass?

Any latest version will support or not?.

Security reasons I can't pass actual value to conf file.

Any Way of writing wrapper class of logstash ?

4

Logstash doesn't support storing encrypted credentials in its configuration file. Not for the jdbc input and not for the elasticsearch output.

Any Way of writing wrapper class of logstash ?

I'm not sure what you mean but that, but it's certainly an option to contribute to the plugins in question (or fork them locally).

5

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.