Getting started with securityedit
To secure a cluster, you must enable X-Pack security on every node in the cluster. Basic authentication is enabled by default—to communicate with the cluster, you must specify a username and password. Unless you enable anonymous access, all requests that don’t include a user name and password are rejected.
To get started with X-Pack security:
- Configure security in Elasticsearch. Encrypt inter-node communications, set passwords for the built-in users, and manage your users and roles.
- Configure security in Kibana. Set the authentication credentials in Kibana and encrypt communications between the browser and the Kibana server.
- Configure security in Logstash. Set the authentication credentials for Logstash and encrypt communications between Logstash and Elasticsearch.
- Configure security in the Beats. Configure authentication credentials and encrypt connections to Elasticsearch.
- Configure the Java transport client to use encrypted communications. See Java Client and Security.
- Configure Elasticsearch for Apache Hadoop to use secured transport. See Elasticsearch for Apache Hadoop Security.
Depending on your security requirements, you might also want to:
- Integrate with LDAP or Active Directory, or require certificates for authentication.
- Use IP Filtering to allow or deny requests from particular IP addresses or address ranges.