Configure Filebeat to use encrypted connections

edit

If encryption is enabled on the Elasticsearch cluster, you need to connect to Elasticsearch via HTTPS. If the certificate authority (CA) that signed your node certificates is not in the host system’s trusted certificate authorities list, you also need to add the path to the .pem file that contains your CA’s certificate to the Filebeat configuration.

To configure a Filebeat to connect to Elasticsearch via HTTPS, add the https protocol to all host URLs:

output.elasticsearch:
  hosts: ["https://localhost:9200"] 
  index: "filebeat"
  ssl.certificate_authorities: ["/etc/pki/root/ca.pem"] 

Specify the https protocol to connect the Elasticsearch cluster.

Specify the path to the local .pem file that contains your Certificate Authority’s certificate. This is generally only needed if you use your own CA to sign your node certificates.