Setup Requirements
Data Collection Setup
External Network Access needs to be setup for the RESTful API Port. Depending on your deployment, this API maybe set for local access only. For Further information see:
https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-network.html
Enabling External Network Access
In the /etc/elasticsearch/elasticsearch.yml
set the network.host:
to _site_
network.host: _site_
Network Requirements
Port: 9200 (TCP) Default Port
This is configurable for 9200-9300
Least Privilege User
By default Elasticsearch does not have Authentication supported. When using X-Pack use the elastic
user security principle.
Supported Versions
Elasticsearch Versions: 5.x, 6.x, 7.x
Connection Parameters
Name | Required? | Description |
---|---|---|
Host | Required | The Elasticsearch Node to connect to. |
Port | The port for communication to Elasticsearch. | |
Username | The username for authenticating to the Elasticsearch Node. | |
Password | The password for the given user. | |
SSL Configuration | The SSL mode to use when connecting to the target. Can be configured to not use SSL (No SSL), use SSL but do not verify the target's certificate (No Verify), and use SSL and verify the target's certificate (Verify). | |
Connection Timeout | The timeout in seconds for an API call. |
Updated about 4 years ago