Questions on creating user and password?

HI,
I was wondering if someone could shed some light, Currently trying to configure x-pack to create username and password for the elastic stack, but i see that there is a few documentation but not sure which i should use?

Thank you

Set up minimal security for Elasticsearch | Elasticsearch Guide [7.12] | Elastic is the best one.

1 Like

Thank you so much that did the trick

1 Like

quick question, im looking into putting letsencrypt on elastic but not sure what guides i should use i see alot but currently the elastic uses port 5601 so not sure if using nginx proxy would make everything easier?

Not sure why a proxy would make it easier, it's another thing to manage.

Check out X-Pack Security for Elasticsearch with Let's Encryptβ„’ Certificates | Elastic Blog.

Thanks for the reply, after a while i realized the info was not coming in, i checked the logs and saw this on logstatsh, this was after i tried putting the webconsole password

Apr 10 21:47:25 pfelk logstash[538]: [2021-04-10T21:47:25,378][WARN ][logstash.outputs.elasticsearch][main] Attempted to resurrect connection to dead ES instance, but got an error. {:url=>"http://localhost:9200/", :error_type=>LogStash::O
_
but elasticsearch is up

● elasticsearch.service - Elasticsearch
   Loaded: loaded (/usr/lib/systemd/system/elasticsearch.service; enabled; vendor preset: enabled)
   Active: active (running) since Sat 2021-04-10 21:18:30 -05; 3 days ago
     Docs: https://www.elastic.co
 Main PID: 659 (java)
    Tasks: 114 (limit: 4915)
   CGroup: /system.slice/elasticsearch.service
           β”œβ”€ 659 /usr/share/elasticsearch/jdk/bin/java -Xshare:auto -Des.networkaddress.cache.ttl=60 -Des.networkaddress.cache.negative.ttl=10 -XX:+AlwaysPreTouch -Xss1m -Djava.awt.headless=true -Dfile.encoding=UTF-8 -Djna.nosys=true -XX
           └─1432 /usr/share/elasticsearch/modules/x-pack-ml/platform/linux-x86_64/bin/controller

Apr 10 21:17:24 pfelk systemd[1]: Starting Elasticsearch...
Apr 10 21:18:30 pfelk systemd[1]: Started Elasticsearch.

and also kibana

● kibana.service - Kibana
   Loaded: loaded (/etc/systemd/system/kibana.service; enabled; vendor preset: enabled)
   Active: active (running) since Sat 2021-04-10 21:17:13 -05; 3 days ago
 Main PID: 551 (node)
    Tasks: 11 (limit: 4915)
   CGroup: /system.slice/kibana.service
           └─551 /usr/share/kibana/bin/../node/bin/node /usr/share/kibana/bin/../src/cli

Apr 10 21:47:02 pfelk kibana[551]: {"type":"response","@timestamp":"2021-04-11T02:47:01Z","tags":[],"pid":551,"method":"post","statusCode":200,"req":{"url":"/internal/search/es","method":"post","headers":{"host":"192.168.3.253:5601","conn
Apr 10 21:47:02 pfelk kibana[551]: {"type":"response","@timestamp":"2021-04-11T02:47:01Z","tags":[],"pid":551,"method":"post","statusCode":200,"req":{"url":"/internal/search/es","method":"post","headers":{"host":"192.168.3.253:5601","conn
Apr 10 21:47:02 pfelk kibana[551]: {"type":"response","@timestamp":"2021-04-11T02:47:01Z","tags":[],"pid":551,"method":"post","statusCode":200,"req":{"url":"/internal/search/es","method":"post","headers":{"host":"192.168.3.253:5601","conn
Apr 10 21:47:02 pfelk kibana[551]: {"type":"response","@timestamp":"2021-04-11T02:47:02Z","tags":[],"pid":551,"method":"get","statusCode":200,"req":{"url":"/ui/favicons/favicon.ico","method":"get","headers":{"host":"192.168.3.253:5601","c
Apr 10 21:47:02 pfelk kibana[551]: {"type":"response","@timestamp":"2021-04-11T02:47:01Z","tags":[],"pid":551,"method":"post","statusCode":200,"req":{"url":"/internal/search/es","method":"post","headers":{"host":"192.168.3.253:5601","conn
Apr 10 21:47:02 pfelk kibana[551]: {"type":"response","@timestamp":"2021-04-11T02:47:02Z","tags":[],"pid":551,"method":"post","statusCode":200,"req":{"url":"/internal/search/es","method":"post","headers":{"host":"192.168.3.253:5601","conn
Apr 10 21:47:02 pfelk kibana[551]: {"type":"response","@timestamp":"2021-04-11T02:47:01Z","tags":[],"pid":551,"method":"post","statusCode":200,"req":{"url":"/internal/search/es","method":"post","headers":{"host":"192.168.3.253:5601","conn
Apr 10 21:47:02 pfelk kibana[551]: {"type":"response","@timestamp":"2021-04-11T02:47:02Z","tags":[],"pid":551,"method":"post","statusCode":200,"req":{"url":"/internal/search/es","method":"post","headers":{"host":"192.168.3.253:5601","conn
Apr 10 21:47:43 pfelk kibana[551]: {"type":"response","@timestamp":"2021-04-11T02:47:42Z","tags":[],"pid":551,"method":"post","statusCode":200,"req":{"url":"/api/ui_metric/report","method":"post","headers":{"host":"192.168.3.253:5601","co
Apr 11 14:25:18 pfelk kibana[551]: {"type":"response","@timestamp":"2021-04-11T19:25:18Z","tags":[],"pid":551,"method":"post","statusCode":200,"req":{"url":"/api/ui_metric/report","method":"post","headers":{"host":"192.168.3.253:5601","c

so after checking it seems that logstash needs to also have xpack but trying to install

root@pfelk:/usr/share/logstash/bin# logstash-plugin install x-pack
logstash-plugin: command not found

i was reading a bit on Installing X-Pack in Logstash | Logstash Reference [6.2] | Elastic
not sure if i missed something

What version of logstash do you have?

You're looking at docs for 6.2, which is very old and is unlikely to be relevant to your environment.

thanks for the reply, running

root@pfelk:/usr/share/logstash/bin# ./logstash -V
logstash 7.9.3

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.