Programmatic access to Elasticsearch from MI Log Collector (Filebeat) on each MI node
is secured using an API key.
-
On your Elasticsearch server, open the Kibana web application in a browser
(
http://localhost:5601) and log in using the elastic
user credentials.
-
Open the main menu, scroll down and click Management,
then under the Security heading, click API
keys.
-
Click Create API key.
-
Specify a key name, for example,
fb_api.
-
Select Restrict Privileges then remove the sample JSON
and replace it with this:
{
"filebeat": {
"cluster": [
"manage_ilm",
"manage_index_templates",
"monitor"
],
"indices": [
{
"names": [
"mi-log*"
],
"privileges": [
"all"
]
}
]
}
}
-
Click Create API Key.
-
Copy the API key information in Beats format and paste
this into a text editor. This is the format required for adding the API key to
Filebeat on each MI node in the cluster.
