How to pass encrypted USerName and Password in Logstash

Sekhar1 · May 22, 2018, 9:46am

Elastic Search Version 6.0.0
Logstash version 6.0.0

logstash.conf file
input {
jdbc {
jdbc_connection_string => "jdbc:postgresql://DbIP:port/DatabaseName"
jdbc_user => "dbuser"
jdbc_password => "dbpassword"
jdbc_driver_class => "org.postgresql.Driver"
jdbc_driver_library => "/home/Downloads/postgresql-42.1.4.jar"
jdbc_validate_connection => true
statement => 'select *from order_tbl'
use_column_value => true
tracking_column_type =>"numeric"
tracking_column => "ford_id"
clean_run => true
}
}
output {
elasticsearch {
user => ESUser
password => ESPassword
ssl => true
sniffing => true
index => "1_999"
document_type => "1_999"
document_id => "%{ford_id}"
hosts => ["https://ESIp:Port"]
}
}

In the above conf file I specified actual username and password of DB and ES.I want to pass encrypt username and password of DB as well Elastic Search .Because of security reasons I can't hard code those values.I can't take read from Environment variable also.I Want to use AES algoritham for encrytion purpose.

One more thing How to decrypt in Elastic Search Side if Encrypted username and password came into the Elastic Search.

Please help as soon as possible.

magnusbaeck · May 22, 2018, 10:17am

In the above conf file I specified actual username and password of DB and ES.I want to pass encrypt username and password of DB as well Elastic Search

That's not supported.

Sekhar1 · May 22, 2018, 10:30am

You mean say encrypted username and password of Database can't pass?
encrypted username and password of Elastic search can't pass?

Any latest version will support or not?.

Security reasons I can't pass actual value to conf file.

Any Way of writing wrapper class of logstash ?

magnusbaeck · May 22, 2018, 10:41am

Logstash doesn't support storing encrypted credentials in its configuration file. Not for the jdbc input and not for the elasticsearch output.

Any Way of writing wrapper class of logstash ?

I'm not sure what you mean but that, but it's certainly an option to contribute to the plugins in question (or fork them locally).

system · June 19, 2018, 10:41am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Encrypt / secure Database password in logstash.conf file Logstash elastic-stack-security	6	5229	December 30, 2019
Logstash JDBC input : Encrypted username and password Logstash	2	1713	August 30, 2018
Logstash JDBC input: Encrypted username and password Logstash	3	2822	August 30, 2018
Logstash config JDBC Password Logstash	4	545	August 7, 2018
Encrypt / secure Elasticsearch's password in logstash.conf file Logstash	6	3835	January 25, 2018

How to pass encrypted USerName and Password in Logstash

Related topics