iac
/
docker-elk
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

doc: Add and clarify information about security

This commit is contained in:
Antoine Cotten 2019-07-03 12:02:28 +02:00
parent e7f4481cc0
commit fbb1fe49c3
No known key found for this signature in database
GPG Key ID: 94637E68D4A79DD0
1 changed files with 11 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
README.md
View File

@ -130,8 +130,8 @@ Passwords for all 6 built-in users will be randomly generated. Take note of them
[Configuration](#configuration) section below. [Configuration](#configuration) section below.
> :information_source: Do not use the `logstash_system` user inside the Logstash *pipeline* file, it does not have > :information_source: Do not use the `logstash_system` user inside the Logstash *pipeline* file, it does not have
> sufficient permissions to create indices. Follow the instructions from the [Built-in roles][builtin-roles] page to > sufficient permissions to create indices. Follow the instructions at [Configuring Security in Logstash][ls-security]
> create a user with suitable roles. > to create a user with suitable roles.
Restart Kibana and Logstash to apply the passwords you just wrote to the configuration files. Restart Kibana and Logstash to apply the passwords you just wrote to the configuration files.
@ -139,6 +139,11 @@ Restart Kibana and Logstash to apply the passwords you just wrote to the configu
$ docker-compose restart kibana logstash $ docker-compose restart kibana logstash
``` ```
> :information_source: Learn more about the security of the Elastic stack at [Tutorial: Getting started with
> security][sec-tutorial].
### Injecting data
Give Kibana about a minute to initialize, then access the Kibana web UI by hitting Give Kibana about a minute to initialize, then access the Kibana web UI by hitting
[http://localhost:5601](http://localhost:5601) with a web browser and use the following default credentials to log in: [http://localhost:5601](http://localhost:5601) with a web browser and use the following default credentials to log in:
@ -152,6 +157,8 @@ you to send content via TCP:
$ nc localhost 5000 < /path/to/logfile.log $ nc localhost 5000 < /path/to/logfile.log
``` ```
You can also load the sample data provided by your Kibana installation.
### Default Kibana index pattern creation ### Default Kibana index pattern creation
When Kibana launches for the first time, it is not configured with any index pattern. When Kibana launches for the first time, it is not configured with any index pattern.
@ -363,7 +370,8 @@ instead of `elasticsearch`.
[mac-mounts]: https://docs.docker.com/docker-for-mac/osxfs/ [mac-mounts]: https://docs.docker.com/docker-for-mac/osxfs/
[builtin-users]: https://www.elastic.co/guide/en/x-pack/current/setting-up-authentication.html#built-in-users [builtin-users]: https://www.elastic.co/guide/en/x-pack/current/setting-up-authentication.html#built-in-users
[builtin-roles]: https://www.elastic.co/guide/en/elastic-stack-overview/current/built-in-roles.html [ls-security]: https://www.elastic.co/guide/en/logstash/current/ls-security.html
[sec-tutorial]: https://www.elastic.co/guide/en/elastic-stack-overview/current/security-getting-started.html
[connect-kibana]: https://www.elastic.co/guide/en/kibana/current/connect-to-elasticsearch.html [connect-kibana]: https://www.elastic.co/guide/en/kibana/current/connect-to-elasticsearch.html