Enable security in Elasticsearch

edit

When you use the trial license, X-Pack security is disabled by default. To enable it:

  1. Stop Kibana. The method for starting and stopping Kibana varies depending on how you installed it. For example, if you installed Kibana from an archive distribution (.tar.gz or .zip), stop it by entering Ctrl-C on the command line. See Starting and stopping Kibana.
  2. Stop Elasticsearch. For example, if you installed Elasticsearch from an archive distribution, enter Ctrl-C on the command line. See Stopping Elasticsearch.
  3. Add the xpack.security.enabled setting to the ES_PATH_CONF/elasticsearch.yml file.

    The ES_PATH_CONF environment variable contains the path for the Elasticsearch configuration files. If you installed Elasticsearch using archive distributions (zip or tar.gz), it defaults to ES_HOME/config. If you used package distributions (Debian or RPM), it defaults to /etc/elasticsearch. For more information, see Configuring Elasticsearch.

    For example, add the following setting:

    xpack.security.enabled: true

    If you have a basic or trial license, the default value for this setting is false. If you have a gold or higher license, the default value is true. Therefore, it is a good idea to explicitly add this setting to avoid confusion about whether X-Pack security is enabled.

When you enable X-Pack security, basic authentication is enabled by default. To communicate with the cluster, you must specify a username and password. Unless you enable anonymous access, all requests that don’t include a user name and password are rejected.

This tutorial involves a single node cluster, but if you had multiple nodes, you would enable X-Pack security on every node in the cluster and configure Transport Layer Security (TLS) for internode-communication, which is beyond the scope of this tutorial.