Hi guys! Could you please point me to the good tutorial how to set up
the ELK with apache as a reverse proxy. Doing it on OS X (all installed
from Homebrew)? I've found a few but they show different approaches...
I'm not sure what's correct way…
I've done this:
elk-vhost.conf:
<VirtualHost *:8443>
ServerAdmin admin@server.kibana
ServerName www.server.kibana
ServerAlias server.kibana
SSLEngine on
SSLCertificateFile "/usr/local/etc/apache2/2.4/ssl-keys/ssl_server.crt"
SSLCertificateKeyFile "/usr/local/etc/apache2/2.4/ssl-keys/ssl_server.key"
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
CustomLog /usr/local/var/log/apache2/kibana_ssl_request.log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
###-----------------###
##### -- Proxy -- #####
###-----------------###
###--elasticsearch--###
ProxyRequests Off
ProxyPass /elasticsearch/ http://127.0.0.1:9200/
<Location /elasticsearch/>
ProxyPassReverse /
SSLRequireSSL
</Location>
###-----kibana------###
<Proxy *>
Order Allow,Deny
Allow from all
Options -MultiViews
AuthType Basic
AuthName "Authenticated proxy"
AuthUserFile /usr/local/etc/apache2/2.4/elastic.htpwd
Require valid-user
</Proxy>
ProxyPass / http://127.0.0.1:5601
ProxyPassReverse / https://127.0.0.1:5601
RewriteEngine on
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
RewriteRule .* http://127.0.0.1:5601%{REQUEST_URI} [P,QSA]
ErrorLog /usr/local/var/log/apache2/kibana_error.log
LogLevel warn
CustomLog /usr/local/var/log/apache2/kibana_access.log combined
</VirtualHost>
I've also changed this files:
/usr/local/opt/kibana/src/config/index.js
changed
kibana.elasticsearch_url = kibana.elasticsearch_url || 'http://localhost:9200';
to
kibana.elasticsearch_url = kibana.elasticsearch_url || 'https://0.0.0.0/elasticsearch';
and
/usr/local/opt/kibana/src/config/kibana.yml
elasticsearch_url: "http://localhost:9200"
to
elasticsearch_url: "https://localhost/elasticsearch"