Logstash Keystore password can be read from Linux command


the command cat /proc/$LOGSTASH_PID/environ can tell about the logstash keystore password since it's a an environment variable (LOGSTASH_KEYSTORE_PASS)

Is there a way to secure this password ?
Thank you

No. If you have access to the Logstash process there's currently no way to keep the keystore password secret.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.