This functionality is experimental and may be changed or removed completely in a future release. Elastic will take a best effort approach to fix any issues, but experimental features are not subject to the support SLA of official GA features.
NOTE: This You are looking at documentation for an older release. For the latest information, see the current release documentation.
If you want Journalbeat to connect to a cluster that has X-Pack security enabled, there are extra configuration steps:
To send data to a secured cluster through the
elasticsearchoutput, Journalbeat needs to authenticate as a user who can manage index templates, monitor the cluster, create indices, and read and write to the indices it creates.
To search the indexed Journalbeat data and visualize it in Kibana, users need access to the indices Journalbeat creates.
If encryption is enabled on the cluster, you need to enable HTTPS in the Journalbeat configuration.
Journalbeat uses the
beats_systemuser to send monitoring data to Elasticsearch. If you plan to monitor Journalbeat in Kibana and have not yet set up the password, set it up now.
For more information about X-Pack security, see Security overview.