I have created a single node ES system, as a way to ingest security data from my firewall. As part of this I need to configure the security plugin on my firewall to login to ES and setup it’s data indices.
I see there are some built in user accounts but ideally I would like to create my own account creds. What is the best way to do this?
xpack is a bit of a legacy term, at one point it is what separated the Truly OSS (Apache 2) features / versions from the from Commercial Features that Elastic Offered... MANY of which are and still and are Free to Use Elasticsearch has since changed to the Elastic V2 License which is very permissive and include 100s of free features etc.
In the Docs there is still lots of reference to xpack particularly around security setting etc.. etc..
so the tl;dr has xpack can come into play but really think of it from really a name space in settings... You do need to enable it to access some of the features etc.
Example, Security is a free and basic feature and is why many people enable xpack setting see here
Check out this to see the enormous number Free and Open features that are available to you.
When you download the default distribution from our download site the Free and Open basic is the distribution you're operating on All commercial feature are available to just enabling a license It's not a re-install or anything like that.
You can self try a Trial license if you choose as well.. and then revert back to the Free tier whenever you like.