I've been asked to integrate our logstash setup with LDAP authentication. So I think I'll need to add shield to our 3 ES nodes. Logstash lives on the first ES node. Can someone please confirm if I need to use shield to integrate logstash into LDAP?
Also I've been asked to find out if there's a way to report what users have logged in via LDAP in kibana. We'd need to be able to gain visibility in into what logs they are using.
So how can we report logstash usage from logged in LDAP users in Kibana?