WARNING: Version 6.1 of Kibana has passed its EOL date.
This documentation is no longer being maintained and may be removed. If you are running this version, we strongly advise you to upgrade. For the latest information, see the current release documentation.
Some settings are sensitive, and relying on filesystem permissions to protect
their values is not sufficient. For this use case, Kibana provides a
keystore, and the
kibana-keystore tool to manage the settings in the keystore.
All commands here should be run as the user which will run Kibana.
To create the
kibana.keystore, use the
kibana.keystore will be created in the directory defined by the
path.data configuration setting.
A list of the settings in the keystore is available with the
Sensitive string settings, like authentication credentials for Elasticsearch
can be added using the
bin/kibana-keystore add the.setting.name.to.set
The tool will prompt for the value of the setting. To pass the value
through stdin, use the
cat /file/containing/setting/value | bin/kibana-keystore add the.setting.name.to.set --stdin
To remove a setting from the keystore, use the
bin/kibana-keystore remove the.setting.name.to.remove