117笔记问答在CentOS上,Filebeat可以通过配置SSL/TLS加密来实现安全传输。以下是具体的配置步骤:
- 生成证书:
- 生成根证书:
openssl genrsa -out ca.key openssl req -new -key ca.key -out ca.csr openssl x509 -req -days 3650 -in ca.csr -signkey ca.key -out ca.crt
- 生成服务器端证书:
openssl genrsa -out server.key openssl req -new -key server.key -subj "/CN=本机IP" -out server.csr openssl x509 -req -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -extfile extfile.cnf -out server.crt -days 5000
- 生成客户端证书:
openssl genrsa -des3 -out client.key 1024 openssl req -new -key client.key -out client.csr openssl ca -in client.csr -cert ca.crt -keyfile ca.key -out client.crt
- 配置Filebeat:
编辑filebeat.yml文件,添加或修改以下配置:
output.elasticsearch: hosts: ["https://your_elasticsearch_host:9200"] ssl.certificate_authorities: ["/path/to/ca.crt"] ssl.certificate: "/path/to/client.crt" ssl.key: "/path/to/client.key" protocol: "https" username: "elastic" password: "your_elasticsearch_password"
- 配置Elasticsearch:
确保Elasticsearch已启用安全特性并配置了相应的证书。编辑elasticsearch.yml文件,添加或修改以下配置:
xpack.security.enabled: true xpack.security.transport.ssl.enabled: true xpack.security.transport.ssl.verification_mode: certificate xpack.security.transport.ssl.key: "/path/to/server.key" xpack.security.transport.ssl.certificate: "/path/to/server.crt" xpack.security.transport.ssl.certificate_authorities: ["/path/to/ca.crt"] xpack.security.http.ssl.enabled: true xpack.security.http.ssl.key: "/path/to/server.key" xpack.security.http.ssl.certificate: "/path/to/server.crt" xpack.security.http.ssl.certificate_authorities: ["/path/to/ca.crt"]
通过以上步骤,Filebeat与Elasticsearch之间的通信将通过SSL/TLS加密,从而保证数据传输的安全性。