Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Document how to use TLS/SSL settings with modules #9290

Open
karenzone opened this issue Mar 26, 2018 · 2 comments
Open

Document how to use TLS/SSL settings with modules #9290

karenzone opened this issue Mar 26, 2018 · 2 comments
Assignees
@karenzone
Labels
discuss docs

Comments

@karenzone
Copy link
Contributor

From @andrewvc: "I've seen some credible user reports that HTTPS just isn't working with ES/Kibana + modules. We should try to replicate and patch if needed." (Issue: #9269 )

From @tsg: "While I think everything works as expected, it does seem like this is more complex to get right than it should be. @guyboertje @karenzone Perhaps it would make sense to have a documentation setting on using modules with a TLS enabled ES/KB setup?"

Possible location for info: https://www.elastic.co/guide/en/logstash/current/logstash-modules.html
@karenzone karenzone self-assigned this Mar 26, 2018
@dedemorton dedemorton mentioned this issue Mar 26, 2018
Closed
49 tasks
@karenzone
Copy link
Contributor Author

Current TLS/SSL info in Elastic doc:

Q: Are we providing adequate information that people aren't finding?
Q: What information are we not providing?
Q: Are there issues specific to TLS/SSL and Logstash modules that we haven't documented?

As we open X-Pack, we're looking to provide a more comprehensive (rather than piecemeal) approach to security. Let's keep that goal in mind while we resolve this issue .

@tsg
Copy link
Contributor

tsg commented Mar 29, 2018

Sorry for the delay, from what I see the two docs pages refer to instructions on how to use the Elasticsearch output in Logstash with TLS enabled. That part is pretty good documented.

What I didn't find in the docs is the SSL/TLS options that exposed by the modules. These are, at least:

 var.elasticsearch.ssl.enabled 
 var.elasticsearch.ssl.certificate_authority
 var.kibana.ssl.enabled
 var.kibana.ssl.certificate_authority

We should document these, reference style, probably in https://www.elastic.co/guide/en/logstash/current/logstash-modules.html#setting-logstash-module-config. Providing the example from #9269 (comment) is also going to be of great help.

@guyboertje It would be great if you could add a first draft reference docs for the above, and for other SSL options that are supported. I'd also like to discuss if we could make the ssl.enabled flags implicit if any other ssl.* options are set (this is what we do in Beats).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@karenzone karenzone

Labels
discuss docs
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@tsg @karenzone