IMPORTANT: No additional bug fixes or documentation updates will be released for this version. For the latest information, see the current release documentation.
Elastic Docs Filebeat Reference [7.0] Securing Filebeat
« Secure communication with Logstash by using SSL Grant users access to secured resources »

Configure Filebeat to use X-Pack securityedit

If you want Filebeat to connect to a cluster that has X-Pack security enabled, there are extra configuration steps:

  1. Grant users access to secured resources.

    You can use role-based access control to grant Filebeat users access to secured resources.

  2. Configure authentication credentials.

    To interact with a secured cluster, Filebeat must either provide basic authentication credentials or present a client certificate.

  3. Configure Filebeat to use encrypted connections.

    If encryption is enabled on the cluster, you need to enable HTTPS in the Filebeat configuration.

  4. Set the password for the built-in monitoring user.

    Filebeat uses the beats_system user to send monitoring data to Elasticsearch. If you plan to monitor Filebeat in Kibana and have not yet set up the password, set it up now.

For more information about X-Pack security, see Securing the Elastic Stack.

« Secure communication with Logstash by using SSL Grant users access to secured resources »