当前位置:网站首页>SearchGuard配置
SearchGuard配置
2022-08-11 05:25:00 【cjx__】
elk安全插件searchguard安装
在es下安装 (es版本6.5.4)
下载插件
<ES directory>
/bin/elasticsearch-plugin install -b com.floragunn:search-guard-6:<guard version>
进入到searchguard安装目录
cd<ES directory>
/plugins/search-guard-/tools运行安装
<ES directory>
/install_demo_configuration.sh
生成的文件<ES directory>
/config/elasticsearch.yml
Install demo certificates? [y/N] y
Initialize Search Guard? [y/N] y
# 集群配置选y
Enable cluster mode? [y/N] n
验证安装
https://<es ip>
:9200 输入admin\admin账号密码访问测试安装
https://<es ip>
:9200/_searchguard/authinfo 通过访问显示有关当前登录用户的信息修改默认账号密码
生成hash新密码
sh hash.sh -p chenfh5
修改<ES directory>
/plugins/search-guard-6/sgconfig/sg_internal_users.yml分发新配置到es集群
cd<ES directory>
/plugins/search-guard-6/tools
./sgadmin.sh -cd ../sgconfig/ -icl -nhnv \
-cacert ../../../config/root-ca.pem \
-cert ../../../config/kirk.pem \
-key ../../../config/kirk-key.pem
kibana 安装SearchGuard (kibana版本6.5.4)
运行安装
<kibana directory>
/bin/kibana-plugin install https://search.maven.org/remotecontent?filepath=com/floragunn/search-guard-kibana-plugin/6.5.4-17/search-guard-kibana-plugin-6.5.4-17.zip修改kibana配置
vim<kibana directory>
/config/kibana.yml
# 关闭xpack安全认证
xpack.security.enabled: false
#xpack.monitoring.enabled: false
network.host: 0.0.0.0
<kibana directory>/bin/kibana
启动报错
Browserslist: caniuse-lite is outdated. Please run next command `npm update caniuse-lite browserslist`
原因是没有node的browserslist没更新,如果直接更新会报错,只能手动下载包再盖到原安装目录
# 安装npm工具,如果有就不用安装
yum install npm
# 新建目录下载新文件
mkdir <npmdown>
cd <npmdown>
npm intall caniuse-lite browserslist
cd <kibana directory>/node_modules
# 新建目录保存原副本
mv <kibana directory>/node_modules/browserslist <backlib>
mv <kibana directory>/node_modules/caniuse-lite <backlib>
mv <kibana directory>/node_modules/electron-to-chromium <backlib>
mv <kibana directory>/node_modules/node-releases <backlib>
mv <kibana directory>/node_modules/semver <backlib>
cd <npmdown>
mv <npmdown>/* <kibana directory>/kibana-6.5.4-linux-x86_64/node_modules
重新启动/bin/kibana 等待node编译完成
- [error][admin][elasticsearch] Request error, retrying 报错
编辑 kibana.yml
# 关闭xpack安全认证
xpack.security.enabled: false
#xpack.spaces.enabled: false
# 连接
elasticsearch.url: "https://xxx.xxx.xxx.xxx:9200"
- 浏览器打开 https://: 输入admin帐号密码打开管理页面
logstash 配置searchguard
- xxx.conf 加入以下配置
output {
elasticsearch {
user => logstash
password => logstash
ssl => true
ssl_certificate_verification => false
cacert => "<elasticsearch home>/config/spock.pem"
...
}
}
边栏推荐
- Maykel Studio - Django Web Application Framework + MySQL Database Third Training
- Node-2.垃圾回收机制
- CVPR2022——A VERSATILE MULTI-VIEW FRAMEWORK
- 目标检测——LeNet
- 梅科尔工作室-HarmonyOS应用开发第一次培训
- CMT2380F32模块开发8-Base Timer例程
- STM32学习笔记(白话文理解版)—USART通信接口
- CMT2380F32模块开发11-RTC例程
- Wisdom construction site safety helmet identification system
- umi约定式路由规则修改
猜你喜欢
vscode插件开发——懒人专用markdown插件开发
The latest safety helmet wearing recognition system in 2022
CKEditor富文本编辑器工具栏自定义笔记
关于接口响应内容的解码
SCNet: Semantic Consistency Networks for 3D Object Detection
typescript学习日记,从基础到进阶(第二章)
梅科尔工作室-HarmonyOS应用开发第四次培训
Maykle Studio - HarmonyOS Application Development First Training
Joint 3D Instance Segmentation and Object Detection for Autonomous Driving
微文案也能提升用户体验
随机推荐
Mei cole studios - deep learning second BP neural network
CMT2380F32模块开发5-CLK例程
Maykle Studio - HarmonyOS Application Development Third Training
Severe Weather 3D Object Detection Dataset Collection
CVPR2022——Not All Points Are Equal : IA-SSD
C语言的编译
OpenPCDet installs the latest version: spconv in one step
弱监督语义分割CLIMS(CVPR2022)
Joint 3D Instance Segmentation and Object Detection for Autonomous Driving
防盗链——防止其他页面通过url直接访问本站资源
STM32-中断优先级管理NVIC
小程序技术原理分析
梅科尔工作室-DjangoWeb 应用框架+MySQL数据库第三次培训
Wisdom construction site safety helmet identification system
实时姿态估计--基于空洞卷积的人体姿态估计网络
从概念认识AI
STM32 基于固件库的工程模板的建立
Hard hat identification
CMT2380F32模块开发3-GPIO例程
跨应用间调用: URL Scheme