WARNING: Version 6.0 of Metricbeat has passed its EOL date.
This documentation is no longer being maintained and may be removed. If you are running this version, we strongly advise you to upgrade. For the latest information, see the current release documentation.
Configuring Authentication Credentials for Metricbeat
editConfiguring Authentication Credentials for Metricbeat
editWhen sending data to a secured cluster through the elasticsearch
output, Metricbeat must either provide basic authentication credentials
or present a client certificate.
To configure authentication credentials for Metricbeat:
-
Create a role that has the
manage_index_templates
andmonitor
cluster privileges, andread
,write
, andcreate_index
privileges for the indices that Metricbeat creates. You can create roles from the Management / Roles UI in Kibana or through therole
API. For example, the following request creates ametricbeat_writer
role: -
Assign the writer role to the user that Metricbeat will use to connect to Elasticsearch:
-
To authenticate as a native user, create a user for the Metricbeat to use internally and assign it the writer role. You can create users from the Management / Users UI in Kibana or through the
user
API. For example, the following request creates ametricbeat_internal
user that has themetricbeat_writer
role:POST /_xpack/security/user/metricbeat_internal { "password" : "x-pack-test-password", "roles" : [ "metricbeat_writer"], "full_name" : "Internal Metricbeat User" }
-
To authenticate using PKI authentication, assign the writer role to the internal Metricbeat user in the
role_mapping.yml
configuration file. Specify the user by the distinguished name that appears in its certificate.metricbeat_writer: - "cn=Internal Metricbeat User,ou=example,o=com"
For more information, see Using Role Mapping Files.
-
-
Configure authentication credentials for the
elasticsearch
output in the Metricbeat configuration file:-
To use basic authentication, configure the
username
andpassword
settings. For example, the following Metricbeat output configuration uses the nativemetricbeat_internal
user to connect to Elasticsearch:output.elasticsearch: hosts: ["localhost:9200"] index: "metricbeat" username: "metricbeat_internal" password: "x-pack-test-password"
-
To use PKI authentication, configure the
certificate
andkey
settings:
-