If you want Metricbeat to connect to a cluster that has X-Pack security enabled, there are extra configuration steps:
You can use role-based access control to grant Metricbeat users access to secured resources.
To interact with a secured cluster, Metricbeat must either provide basic authentication credentials or present a client certificate.
If encryption is enabled on the cluster, you need to enable HTTPS in the Metricbeat configuration.
For more information about X-Pack security, see Securing the Elastic Stack.