Zabezpečení Elasticsearch pomocí SearchGuardu

Searchguard

Elasticsearch scripts

cd /opt/elasticsearch
sudo bin/elasticsearch-plugin install -b com.floragunn:search-guard-5:5.3.0-11
vim /etc/elasticsearch/elasticsearch.yml

Searchguard settings in elasticsearch.yml

security.manager.enabled: false

http://floragunncom.github.io/search-guard-ssl-docs/installation.html

root@e58127d1d54e:/opt/elasticsearch# plugins/search-guard-5/tools/sgadmin.sh -cd plugins/search-guard-5/sgconfig/ -ks /etc/elasticsearch/node-1-keystore.jks -kspass 95ba06bb222fd7640283 -ts /etc/elasticsearch/truststore.jks -tspass 25cb9058f1b53dd61c69 -nhnv
 Search Guard Admin v5
 Will connect to localhost:9300 ... done
 Contacting elasticsearch cluster 'elasticsearch' and wait for YELLOW clusterstate ...
 Clustername: elasticsearch
 Clusterstate: YELLOW
 Number of nodes: 1
 Number of data nodes: 1
 searchguard index does not exists, attempt to create it ... done (auto expand replicas is on)
 Populate config from /opt/elasticsearch/plugins/search-guard-5/sgconfig
 Will update 'config' with plugins/search-guard-5/sgconfig/sg_config.yml
 SUCC: Configuration for 'config' created or updated
 Will update 'roles' with plugins/search-guard-5/sgconfig/sg_roles.yml
 SUCC: Configuration for 'roles' created or updated
 Will update 'rolesmapping' with plugins/search-guard-5/sgconfig/sg_roles_mapping.yml
 SUCC: Configuration for 'rolesmapping' created or updated
 Will update 'internalusers' with plugins/search-guard-5/sgconfig/sg_internal_users.yml
 SUCC: Configuration for 'internalusers' created or updated
 Will update 'actiongroups' with plugins/search-guard-5/sgconfig/sg_action_groups.yml
 SUCC: Configuration for 'actiongroups' created or updated
 Done with success

SearchGuard + Kibana + security