Official introduction of the new version

Free encryption is more stable in versions 7.0 and earlier versions still recommend using Search Guard

Use Es built-in encryption

Quick encryption to remove part of the steps

1. ./bin/elasticsearch-certutil cert -out config/elastic-certificates.p12 -pass "" 2. Modify the config/elasticsearch yaml paste the following lines of code to the end of the file. Xpack. Security. Enabled: true xpack. Security. Transport.. SSL enabled: true xpack.security.transport.ssl.verification_mode: certificate xpack.security.transport.ssl.keystore.path: elastic-certificates.p12 xpack.security.transport.ssl.truststore.path: elastic-certificates.p12 3. . To start ES, run./bin/ elasticSearch-setup-passwords interactive 4. Username: "elastic" #elasticsearch.password: "******" 5. Start Kibana and enter your password to log in.Copy the code

Use the Search Guard

Search Guard official address

    1./bin/ elasticSearch -plugin install -b Search -guard2.  bash /plugins/search-guard7 -/tools/install_demo_configuration.sh
    
    3.Always type y(the last option is cluster mode, you can choose n)4.Start Es and open: HTTPS://localhost:9200/_searchguard/authinfo

    5.All agree, then enter account: admin password: admin6. bash /plugins/search-guard7 -/tools/hash.sh -p New password (returns an encrypted data)7.Open the/plugins/search - guard7 -/sgconfig/sg_internal_users.yml

    8.Find the value of the hash field for admin and replace the password produced in step 69. bash /plugins/search-guard7 -/tools/sgadmin_demo.sh

    10.Restart ES to test whether the password is correctCopy the code
  • Es plug-in version query
/bin/ Kibana -plugin install Kibana plugin Select * from kibana.yml; select * from kibana.yml; select * from kibana.yml; "https://localhost:9200" # Configure the Kibana internal server user elasticsearch.username: "kibanaserver" elasticsearch.password: "kibanaserver" # Disable SSL verification because we use self-signed demo certificates elasticsearch.ssl.verificationMode: none # Whitelist the Search Guard Multi Tenancy Header elasticsearch.requestHeadersWhitelist: [" Authorization ", "sgtenant"] # prohibited xpack xpack. Monitoring. Enabled: false xpack. Graph. Enabled: false xpack. Ml. Enabled: false xpack.watcher.enabled: false xpack.security.enabled: false 3. Start Kibana to check whether the account password needs to be entered (the account password of Es is ok)Copy the code
  • Query the version number of Kibana plug-in

508 studio