What is the encryptionKey for?

According to the getting started guide for the reporting plugin, the reporting.encryptionKey property need to be set in kibana.yml.

And without setting it, I got the following error as expected:

FATAL { [Error: reporting.encryptionKey is required in kibana.yml.]
  cause: [Error: reporting.encryptionKey is required in kibana.yml.],
  isOperational: true }

However, as long as I tested, I didn't get requested to input this key.

So my question is:
What is the encryptionKey for?
Is there any situations where I need to input this? (and should I share this key with my colleague?)


  • Ubuntu 14.04
  • Elasticsearch 2.4.1
  • Kibana 4.6.2
  • Reporting plugin (latest)
  • Not using Shield

The reporting encryption key is used to protect the metadata associated with the report generation task. The task is processed asynchronously by a worker who uses these data to perform the queries required for generating the report on the user's behalf. It is recommended to set this setting in the configuration to make sure any unprocessed tasks can be processed by the worker even after a Kibana restart. As a user you don't need to input that key and it should be treated as a sensitive infrastructure secret.

Ah okay, I got it.

So the key is used only by internal Kibana and reporting plugin's worker processes, to confirm they belong to a same Kibana service (even after the process itself is restarted).

Thank you for the helpful information!

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.