Logstash keystore password access issue

security

(Sachin) #1

Hi ,

I was using below code to check the Logstash/elasticsearch node status

ElasticResponse() {
wget -S --no-check-certificate --spider --user {USER} --password {PASSWORD} https://${LOGSTASH_HOST} 2>&1 | tee -a $LOGFILE
cat LOGFILE |grep 'HTTP/1.0 200 OK' if [ ? == 0 ]; then
echo "date $SCRIPTNAME Connected to the elastic server" | tee -a $LOGFILE
else
return_code=10;
echo "date $SCRIPTNAME Elastic server is not working response code($return_code)" | tee -a $LOGFILE
exit $return_code
fi
}

Now with the latest upgrade 6.3.2 , I have added USER and PASSWORD to keystore ,
But Iam not able to access it in .ksh file (above code), where its accessible for .conf file

input {
elasticsearch {
hosts => ["LOGSTASH_HOST"]
user => "{USER}" password => "{PASSWORD}"
ssl => true
}

how can I access keystore password in my .ksh file or on unix machine ?


(Ioannis Kakavas) #2

Previously you had USER and PASS set as environment variables and this is why you could access them in your shell script.
Now you can use USER and PASS in your config because these are stored in the Logstash keystore which is specific to Logstash. It is not designed to be interoperable with other system processes ( Your Korn Shell in this example ) and there is no provided way to query/get values from it so there is no out-of-the-box way to do what you need.

If you want to use the same credentials outside of Logstash, you need to handle them securely on your own.


(Sachin) #3

@ikakavas : Thank you for your response.

I am able to use the LOGSTASH_KEYSTORE_PASS in my .ksh after adding as env variable.


(system) closed #4

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.