Siren Platform User Guide

Beats configuration

To enable authentication in a beat which connects directly to Elasticsearch, set the following parameters in the output.elasticsearch section:

  • protocol: Set to https.
  • username: The username of the user having the Logstash role.
  • password: The password of the user having the Logstash role.
  • tls.certificate_authorities: An array containing the path to the CA truststore file in PEM format.

For example:

output:

  elasticsearch:
    hosts: ['localhost:9220']

    protocol: 'https'
    username: 'logstash'
    password: 'password'

    tls:
      certificate_authorities: ['/etc/pki/filebeat/ca.pem']

The root certification authority in PEM format must be copied to all nodes running one or more beats.

Search results

    No results found