rest - Elasticsearch security measures? -
i have set elk stack on single server , tested on small setup hands-down on elk. want use elk system logs analysis.
now, have been reading es has no security. read this: "do not have es publicly accessible. that's equivalent of making wordpress mysql database accessible world. es rest accessible db means can delete of data access endpoint."
i noob in this. means if put logs in es accessible (which scary) ??
please guide me security measures must taken? please suggest links can ensure security. how keep es cluster private?
security real subject in elk stack .
the initial position of elasticsearch : don't care security , self , acl hosts .....
with success of elk , demands security : elasticsearch realizing that's security real subject .
they developping : http://www.elasticsearch.com/products/shield/
you can see : soon
not released yet .
so see 2 solutions :
- secure kibana : kibana hosted in webserver (apache , nginx) can add security in web server layer . in case b&ackend(elastic search) not yet secured , add security in client side(kibana) . every 1 can access directelly es server rest api , get/post/delete/put data .
- secure elasticsearch : there several plugins enable security in es
Comments
Post a Comment