Configure Winlogbeat to use X-Pack securityedit

If you want Winlogbeat to connect to a cluster that has X-Pack security enabled, there are extra configuration steps:

  1. Grant users access to secured resources.

    You can use role-based access control to grant Winlogbeat users access to secured resources.

  2. Configure authentication credentials.

    To interact with a secured cluster, Winlogbeat must either provide basic authentication credentials or present a client certificate.

  3. Configure Winlogbeat to use encrypted connections.

    If encryption is enabled on the cluster, you need to enable HTTPS in the Winlogbeat configuration.

For more information about X-Pack security, see Securing the Elastic Stack.