Is there a way to have Search Guard alongside the ElasticSearch when x.pack and TLS is enabled?
I am setting up the ELK stack in Kubernetes using ECK.
ECK, by default deploys ELK stack with x.pack and TLS. We need to implement log-based alerting and ElasticSearch doesn’t allow setting up connectors unless purchased. At that point, I cam across Search Guard’s Signal feature which pretty much does the same thing. In short, we need only the Signal feature of Search Guard at the moment.
From forums, I read that we can’t disable SSL in it once search guard plugin is installed on ElasticSearch. Is there a way to use existing certificates used by ElasticSearch for search guard as well and have both encryption around ?
To use the Search Guard plugin with Signals you must disable xpack security plug-in.
You can disable SSL for HTTP traffic or keep it enabled and use your existing SSL certificates.
To disable SSL in Elasticsearch, set below in elasticsearch.yml
To use your existing Elasticsearch SSL certificates, you can point them in the elasticsearch.yml file.
This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.