I'm running Filebeat and Metricbeat versions 6.2.2 on RHEL 5.11
I've followed the instructions on creating keystores for Filebeat and Metricbeat from the guides listed here and here. Everything works dandy - this is a great feature to NOT have passwords stored in plain text. That would never fly with our data security team.
Is it known the algorithm and strength of the key to secure the filebeat.keystore and metricbeat.keystore files? This will be important information for our data security team to understand precisely how secure the .keystore files are.
Currently, the keystore is encrypted using the AES-256-GCM algorithm.
The key is derived from the password using HMAC-SHA-512 based PBKDF2 with 10000 iterations and a random salt and IV is used for every entry stored in the keystore.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.