If you want Metricbeat to connect to a cluster that has security features enabled, there are extra configuration steps:
Grant users access to secured resources.
You can use role-based access control to grant Metricbeat users access to secured resources.
You can use API keys to grant access to Elasticsearch more securely.
Configure authentication credentials.
To interact with a secured cluster, Metricbeat must either provide basic authentication credentials or present a client certificate.
Configure Metricbeat to use encrypted connections.
If encryption is enabled on the cluster, you need to enable HTTPS in the Metricbeat configuration.
For more information about security features, see Secure a cluster.
Intro to Kibana
ELK for Logs & Metrics