Roles needed to write Logstash events

zpraxis · August 28, 2019, 7:23pm

Hi there!

I am setting up Logstash to write events in Elasticsearch, and am configuring some security as well, e.g. I intend to use basic user/password authentication. In that sense, I have already created a role called logstash_write as indicated in the documentation, and have also created a user for Logstash and mapped that role to such user.

Everything is working fine. My question is: do I have to create the logstash_reader role as well, and assign it to my Logstash user? Don't know if at some point Logstash needs to read something from the indices it creates.

Thanks in advance.

spinscale · August 29, 2019, 7:46am

that depends if you have set up an elasticsearch input or a filter.

zpraxis · August 30, 2019, 3:19am

I see. For now, I only have an elasticsearch output section in my .conf file.

Thanks.

system · September 27, 2019, 3:19am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Roles required to create logs Elasticsearch	6	2681	January 18, 2020
Role that would allow a user to create index in ES Elasticsearch elastic-stack-security	5	3650	June 28, 2021
Permissions of logstash_write user Elasticsearch	1	305	September 9, 2019
Logstash user in Xpack Logstash	4	2545	September 1, 2017
Confusion about authentication for Logstash Logstash elastic-stack-security	2	750	July 6, 2017

Roles needed to write Logstash events

Related topics