If you want Packetbeat to connect to a cluster that has X-Pack security enabled, there are extra configuration steps:
You can use role-based access control to grant Packetbeat users access to secured resources.
To interact with a secured cluster, Packetbeat must either provide basic authentication credentials or present a client certificate.
If encryption is enabled on the cluster, you need to enable HTTPS in the Packetbeat configuration.
Packetbeat uses the
beats_systemuser to send monitoring data to Elasticsearch. If you plan to monitor Packetbeat in Kibana and have not yet set up the password, set it up now.
For more information about X-Pack security, see Securing the Elastic Stack.