Questions on creating user and password?

killmasta93 · April 6, 2021, 3:29am

HI,
I was wondering if someone could shed some light, Currently trying to configure x-pack to create username and password for the elastic stack, but i see that there is a few documentation but not sure which i should use?

Thank you

warkolm · April 6, 2021, 3:34am

Set up minimal security for Elasticsearch | Elasticsearch Guide [7.12] | Elastic is the best one.

killmasta93 · April 11, 2021, 2:22am

Thank you so much that did the trick

killmasta93 · April 11, 2021, 2:41am

quick question, im looking into putting letsencrypt on elastic but not sure what guides i should use i see alot but currently the elastic uses port 5601 so not sure if using nginx proxy would make everything easier?

warkolm · April 12, 2021, 12:31am

Not sure why a proxy would make it easier, it's another thing to manage.

Check out X-Pack Security for Elasticsearch with Let's Encrypt™ Certificates | Elastic Blog.

killmasta93 · April 14, 2021, 1:34pm

Thanks for the reply, after a while i realized the info was not coming in, i checked the logs and saw this on logstatsh, this was after i tried putting the webconsole password

Apr 10 21:47:25 pfelk logstash[538]: [2021-04-10T21:47:25,378][WARN ][logstash.outputs.elasticsearch][main] Attempted to resurrect connection to dead ES instance, but got an error. {:url=>"http://localhost:9200/", :error_type=>LogStash::O
_
but elasticsearch is up

● elasticsearch.service - Elasticsearch
   Loaded: loaded (/usr/lib/systemd/system/elasticsearch.service; enabled; vendor preset: enabled)
   Active: active (running) since Sat 2021-04-10 21:18:30 -05; 3 days ago
     Docs: https://www.elastic.co
 Main PID: 659 (java)
    Tasks: 114 (limit: 4915)
   CGroup: /system.slice/elasticsearch.service
           ├─ 659 /usr/share/elasticsearch/jdk/bin/java -Xshare:auto -Des.networkaddress.cache.ttl=60 -Des.networkaddress.cache.negative.ttl=10 -XX:+AlwaysPreTouch -Xss1m -Djava.awt.headless=true -Dfile.encoding=UTF-8 -Djna.nosys=true -XX
           └─1432 /usr/share/elasticsearch/modules/x-pack-ml/platform/linux-x86_64/bin/controller

Apr 10 21:17:24 pfelk systemd[1]: Starting Elasticsearch...
Apr 10 21:18:30 pfelk systemd[1]: Started Elasticsearch.

and also kibana

● kibana.service - Kibana
   Loaded: loaded (/etc/systemd/system/kibana.service; enabled; vendor preset: enabled)
   Active: active (running) since Sat 2021-04-10 21:17:13 -05; 3 days ago
 Main PID: 551 (node)
    Tasks: 11 (limit: 4915)
   CGroup: /system.slice/kibana.service
           └─551 /usr/share/kibana/bin/../node/bin/node /usr/share/kibana/bin/../src/cli

Apr 10 21:47:02 pfelk kibana[551]: {"type":"response","@timestamp":"2021-04-11T02:47:01Z","tags":[],"pid":551,"method":"post","statusCode":200,"req":{"url":"/internal/search/es","method":"post","headers":{"host":"192.168.3.253:5601","conn
Apr 10 21:47:02 pfelk kibana[551]: {"type":"response","@timestamp":"2021-04-11T02:47:01Z","tags":[],"pid":551,"method":"post","statusCode":200,"req":{"url":"/internal/search/es","method":"post","headers":{"host":"192.168.3.253:5601","conn
Apr 10 21:47:02 pfelk kibana[551]: {"type":"response","@timestamp":"2021-04-11T02:47:01Z","tags":[],"pid":551,"method":"post","statusCode":200,"req":{"url":"/internal/search/es","method":"post","headers":{"host":"192.168.3.253:5601","conn
Apr 10 21:47:02 pfelk kibana[551]: {"type":"response","@timestamp":"2021-04-11T02:47:02Z","tags":[],"pid":551,"method":"get","statusCode":200,"req":{"url":"/ui/favicons/favicon.ico","method":"get","headers":{"host":"192.168.3.253:5601","c
Apr 10 21:47:02 pfelk kibana[551]: {"type":"response","@timestamp":"2021-04-11T02:47:01Z","tags":[],"pid":551,"method":"post","statusCode":200,"req":{"url":"/internal/search/es","method":"post","headers":{"host":"192.168.3.253:5601","conn
Apr 10 21:47:02 pfelk kibana[551]: {"type":"response","@timestamp":"2021-04-11T02:47:02Z","tags":[],"pid":551,"method":"post","statusCode":200,"req":{"url":"/internal/search/es","method":"post","headers":{"host":"192.168.3.253:5601","conn
Apr 10 21:47:02 pfelk kibana[551]: {"type":"response","@timestamp":"2021-04-11T02:47:01Z","tags":[],"pid":551,"method":"post","statusCode":200,"req":{"url":"/internal/search/es","method":"post","headers":{"host":"192.168.3.253:5601","conn
Apr 10 21:47:02 pfelk kibana[551]: {"type":"response","@timestamp":"2021-04-11T02:47:02Z","tags":[],"pid":551,"method":"post","statusCode":200,"req":{"url":"/internal/search/es","method":"post","headers":{"host":"192.168.3.253:5601","conn
Apr 10 21:47:43 pfelk kibana[551]: {"type":"response","@timestamp":"2021-04-11T02:47:42Z","tags":[],"pid":551,"method":"post","statusCode":200,"req":{"url":"/api/ui_metric/report","method":"post","headers":{"host":"192.168.3.253:5601","co
Apr 11 14:25:18 pfelk kibana[551]: {"type":"response","@timestamp":"2021-04-11T19:25:18Z","tags":[],"pid":551,"method":"post","statusCode":200,"req":{"url":"/api/ui_metric/report","method":"post","headers":{"host":"192.168.3.253:5601","c

killmasta93 · April 24, 2021, 5:18pm

so after checking it seems that logstash needs to also have xpack but trying to install

root@pfelk:/usr/share/logstash/bin# logstash-plugin install x-pack
logstash-plugin: command not found

i was reading a bit on Installing X-Pack in Logstash | Logstash Reference [6.2] | Elastic
not sure if i missed something

TimV · April 26, 2021, 1:35am

What version of logstash do you have?

You're looking at docs for 6.2, which is very old and is unlikely to be relevant to your environment.

killmasta93 · April 27, 2021, 11:47pm

thanks for the reply, running

root@pfelk:/usr/share/logstash/bin# ./logstash -V
logstash 7.9.3

system · May 25, 2021, 11:48pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.