Problems securing communication between filebeat and logstash


(strt) #1

I have the ELK stack installed with filebeat configured on the client machine. How do I go about securing the connection.

I've tried here:-

This comes with a message advising that the key should be certificate type pkcs8. I convert the certificate to pkcs8 and change the config to poin to the .p8 and I receive the same error.

I then try following:-

https://www.elastic.co/guide/en/beats/filebeat/current/configuring-ssl-logstash.html

copying the generated /etc/ca.crt, /etc/client.crt, /etc/client.key files to the client and changing the config to

output.logstash:
  hosts: ["logs.mycompany.com:5044"]
  ssl.certificate_authorities: ["/etc/ca.crt"]
  ssl.certificate: "/etc/client.crt"
  ssl.key: "/etc/client.key"

This time I receive an error message advising that the pem file cannot be found, even though it's in the correct location, specified in the config file. I have given the file 0600 permissions.

Has anyone managed to secure the connection?


(system) #2

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.