WARNING: Version 6.1 of Packetbeat has passed its EOL date.
This documentation is no longer being maintained and may be removed. If you are running this version, we strongly advise you to upgrade. For the latest information, see the current release documentation.
Packetbeat and X-Pack Securityedit
If you want Packetbeat to connect to a cluster that has X-Pack Security enabled, there are extra configuration steps.
To send data to a secured cluster through the elasticsearch output,
Packetbeat needs to authenticate as a user who can manage index templates,
monitor the cluster, create indices, and read, and write to the indices
it creates. See Configuring Authentication Credentials for Packetbeat.
If encryption is enabled on the cluster, you also need to enable HTTPS in the Packetbeat configuration. See Configuring Packetbeat to use Encrypted Connections.
In addition to configuring authentication credentials for the Packetbeat itself, you need to grant authorized users permission to access the indices it creates. See Granting Users Access to Packetbeat Indices.
For more information about X-Pack Security, see Securing Elasticsearch and Kibana.