X-Pack security provides advanced security features for Elasticsearch, including authentication, authorization, encryption, and more. Follow these steps to configure it properly:
Install X-Pack
If using Elasticsearch from source, enable security during installation:./bin/elasticsearch-plugin install xpack🛡️ For cloud deployments, ensure the plugin is included in your service configuration.
Configure
elasticsearch.yml
Add these settings to your config file:xpack.security.enabled: true xpack.security.transport.ssl.verification_mode: certificate xpack.security.transport.ssl.key_path: /etc/elasticsearch/ssl/keystore.jks xpack.security.transport.ssl.certificate_path: /etc/elasticsearch/ssl/certfile.pem⚙️ Replace paths with your actual SSL certificate locations.
Set Up Users & Roles
Use theelasticsearch-setup-passwordstool to create default users:./bin/elasticsearch-setup-passwords auto_generate✅ This generates random passwords for
elastic,kibana, andlogstashusers.Verify Configuration
Restart Elasticsearch and check the status:curl -XGET "http://localhost:9200/_cluster/health?pretty"📊 A green status indicates security is active.
For deeper insights, visit our official X-Pack security documentation to explore advanced topics like role-based access control and TLS configurations.