Roles needed to write Logstash events

zpraxis · August 28, 2019, 7:23pm

Hi there!

I am setting up Logstash to write events in Elasticsearch, and am configuring some security as well, e.g. I intend to use basic user/password authentication. In that sense, I have already created a role called logstash_write as indicated in the documentation, and have also created a user for Logstash and mapped that role to such user.

Everything is working fine. My question is: do I have to create the logstash_reader role as well, and assign it to my Logstash user? Don't know if at some point Logstash needs to read something from the indices it creates.

Thanks in advance.

spinscale · August 29, 2019, 7:46am

that depends if you have set up an elasticsearch input or a filter.

zpraxis · August 30, 2019, 3:19am

I see. For now, I only have an elasticsearch output section in my .conf file.

Thanks.

system · September 27, 2019, 3:19am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.