maxmustermann/kibana
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
kibana/docs/setup/secure-settings.asciidoc
Tyler Smalley 359ce96105
Fixes issue with Keystore's stdin option (#15221) 
Fixes issue preventing stdin option from being used
Using create to overwrite should reset keystore
2017-11-29 15:59:17 -08:00

65 lines
2 KiB
Plaintext
Raw Blame History

[[secure-settings]]
=== Secure Settings
Some settings are sensitive, and relying on filesystem permissions to protect
their values is not sufficient. For this use case, Kibana provides a
keystore, and the `kibana-keystore` tool to manage the settings in the keystore.
NOTE: All commands here should be run as the user which will run Kibana.
[float]
[[creating-keystore]]
=== Creating the keystore
To create the `kibana.keystore`, use the `create` command:
[source,sh]
----------------------------------------------------------------
bin/kibana-keystore create
----------------------------------------------------------------
The file `kibana.keystore` will be created in the directory defined by the
`path.data` configuration setting.
[float]
[[list-settings]]
=== Listing settings in the keystore
A list of the settings in the keystore is available with the `list` command:
[source,sh]
----------------------------------------------------------------
bin/kibana-keystore list
----------------------------------------------------------------
[float]
[[add-string-to-keystore]]
=== Adding string settings
Sensitive string settings, like authentication credentials for Elasticsearch
can be added using the `add` command:
[source,sh]
----------------------------------------------------------------
bin/kibana-keystore add the.setting.name.to.set
----------------------------------------------------------------
The tool will prompt for the value of the setting. To pass the value
through stdin, use the `--stdin` flag:
[source,sh]
----------------------------------------------------------------
cat /file/containing/setting/value | bin/kibana-keystore add the.setting.name.to.set --stdin
----------------------------------------------------------------
[float]
[[remove-settings]]
=== Removing settings
To remove a setting from the keystore, use the `remove` command:
[source,sh]
----------------------------------------------------------------
bin/kibana-keystore remove the.setting.name.to.remove
----------------------------------------------------------------
Reference in a new issue View git blame Copy permalink