By default, a new encryption key is generated for X-Pack reporting each time you start Kibana. This means if a static encryption key is not persisted in the Kibana configuration, any pending reports will fail when you restart Kibana.
If you are load balancing across multiple Kibana instances, they need to have the same reporting encryption key. Otherwise, report generation will fail if a report is queued through one instance and another instance picks up the job from the report queue. The other instance will not be able to decrypt the reporting job metadata.
To set a static encryption key for reporting, set the
xpack.reporting.encryptionKey property in the
configuration file. You can use any text string as the encryption key.