Version: 7.x-35.0.0
Community

Using Search Guard with X-Pack Monitoring

Search Guard is compatible with the free X-Pack monitoring component. This documentation assumes that you already installed and configured Kibana and the Search Guard Kibana plugin.

Elasticsearch: Enable Monitoring

In elasticsearch.yml, disable X-Pack Security and enable X-Pack Monitoring:

xpack.security.enabled: false
xpack.monitoring.enabled: true
...

Elasticsearch: Add the monitoring user

For using X-Pack Monitoring, the respective user must have the built-in SGS_XP_MONITORING and SGS_KIBANA_USER role assigned.

Elasticsearch: Configure a monitoring exporter

Configure your http exporter, and configure the user you have mapped to the SGS_XP_MONITORING and the SGS_KIBANA_USER role in the last step:

xpack.monitoring.exporters:
  id1:
    type: http
    host: ["https://127.0.0.1:9200"]
    auth.username: monitor
    auth.password: monitor
    ssl:
      truststore.path: truststore.jks
      truststore.password: changeit
Name Description
host The hostname of the cluster to monitor
auth.username The username of the user mapped to the monitor role
auth.password The password of the user mapped to the monitor role
truststore.path the truststore that contains the Root CA and intermediate certificates used to sign the certificates of the cluster to monitor
truststore.password the password for the truststore

Kibana: Enable X-Pack Monitoring

In kibana.yml, disable X-Pack Security and enable X-Pack Monitoring:

xpack.security.enabled: false
xpack.monitoring.enabled: true
...

Not what you were looking for? Try the search.