I have Search Guard Installed with ELK 7.17.3 Version , need to make it https

Search Guard
1

If you think it is a bug report or you have a technical issue, please answer the following questions. For general questions, you can delete these questions.

Elasticsearch version: 7.17.3

Server OS version: Windows 2019

Kibana version (if relevant):

Browser version (if relevant):

**Browser OS version (if relevant):**chrome

Describe the issue: Need to make the elk and kibana to https

Steps to reproduce:
1.
2.
3.

Expected behavior:

Provide configuration:
elasticsearch/config/elasticsearch.yml
elasticsearch/plugins/search-guard-7/sgconfig/sg_config.yml
kibana/config/kibana.yml (if relevant)

Provide logs:
Elasticsearch
Kibana (if relevant)

Screenshots (if relevant):

Errors in browser console (if relevant):

Additional data:

1 Like
2

The Search guard is working fine. need to know if i put the https certificates do i need to run SGadmin command again to initialize the Search guard

Or automatically it will get initialized

3

@amalk12 Securing Transport and HTTP endpoints is done at the eliasticsearch.yml level. The SG index doesn’t contain the HTTPS configuration of the Elasticsearrch nodes.

However, to apply HTTPS configuration you must restart each ES node.

4

Hi Pablo,
Thanks for the reply. Every time i restart the elk cluster nodes, is the SG needs to be initialized or is the SG index gets intialized automatically. What i found is , if the master node changes in ELK, the SG Intialization doesnt happen or take a long time to initialize .

5

@amalk12 The SG is initialized once by executing sgadmin.sh script and uploading an initial configuration. SG won’t initialize again after each restart. However, if you’re using a docker or Kubernetes solution where you delete all the storage after stopping all containers then SG will be initialized at every new deployment.

Once the SG is initialized you should see searchguard index in the Elasticsearch cluster.

How big is your cluster?
Do you assign specific roles to your ES nodes? If yes, could you share how many nodes of each role you have in the cluster?

6

Hi Pablo,

I have a 3 nodes Elastic cluster. All ES nodes are assigned the same roles. we dont have any specific roles assigned to any one

when i do a roll over restart of the cluster, the master cluster node changes … that is where i see a lag in performance of the cluster and see SG Initialization errors.

Does SG causes ES nodes to slow down in their search and processing of data

7

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.