TLS 1.2 enable on elasticsearch output plugin

Hi Team,

Currently we are using a ES cloud cluster and separate logstash (v6.3) instance which communicate with ES cloud cluster using HTTPS host name.

Like below

    output {
    elasticsearch {
    hosts => [ "https://f2e7ce03eae34b35806XXXXXXXXXX.us-xxxx.gcp.cloud.es.io:9243/" ]
    user => "elastic"
    password => "xxxxxxxxxxxxxxx"
    index => "transactions-d-%{+YYYY.MM.dd}"
    }
    }

https://www.elastic.co/blog/support-ending-for-tls-1-0-tls-1-1-http-traffic-to-elasticsearch-service

According to above blog, it suggests us to use HTTP over TLS (HTTPS) with support for TLS 1.2.

What sort of change are we expecting here ? or else is it already secured with TLS 1.2 since we already communicating via HTTPS url ?

Appreciate your prompt response

If you are using an https URL then the connection is encrypted. Given that the blog says the change was implemented several months ago then if logstash is able to connect I think you are safe to assume that you are using TLS 1.2.

1 Like