07. Elastic Stack || Authentication, Users and User Roles

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

in this video I'm going to talk to you about authentication for elastic stack and how you can perform it there is a pack or package from elastic x-pac so this expect is an extension from elastic stack which provides some security alerting monitoring reporting and so on machine learning and more and by default it's installed with elastic search but it's not enabled by default and for example some of these features are free and for some of them you actually need to have license for the few ones you have a basic license or if you want the enterprise version you can go for the trial at first to test it out test the functionality and so on and then you will actually have to request for a license so in the basic license you also have the security features regarding the authentication let me show you first my Cabana to see how it looks like and right now I'm logged into my cabana and as you can see there is no authentication nobody's asking me for any kind of username or password or anything nothing yeah so everything is just opened first we need to enable the expect security to do this we need to go to the CLI on our server here so I'm going to just gonna go to nano Etsy elastic search elastic so gmoe hit enter and I will put it down below here I let's just call it expect and by the way if we are going to the to the documentation over here we can see that we will need to put this one to true so expect security enabled so let me copy this and I will put it into the configuration file for elasticsearch so I'm just gonna drop this one in here save it and then restart the elasticsearch service okay let's just give you the point let's check the status of elastic search okay everything is fine the next step would actually be to create passwords for the built-in users because there are some built-in users and we will just have to setup the passwords for them if I'm gonna go here to this step there is a little bit of documentation on this web page about the built-in users you have an elastic user which is like a super user as you can see here and there is a there is one for cabana and you're gonna use this user and password when you want your Cabana to communicate with elasticsearch and there are few more like log stash system bit systems and AM pcs the ATM systems remote monitoring user this ones who you don't actually really need to come fear them into log stash or somewhere else unless you have the monitoring enabled for those tools so you can actually send some kind of information to elasticsearch so unless you don't have unless you don't have those monitoring features enabled there is no need for you to struggle with them in this veto because I would like to keep it simple I'm just gonna focus on these two and right now way we need to create the users one more word before we are going there these built-in users they are stored in a index elastic they are telling you that it's some kind of security index but for example if you will gonna delete your security index and then restore it from an understaffed shot or something like that you're gonna lose your changes of you'll have to create the passwords again or recreate and for example there are two options you can set up this passwords interactively with your input regarding the passwords or for example you can do it automatically and in our case because it's a demo environment we were gonna do everything automatically so we will not gonna lose too much time yeah so let me go to the CLI now we were gonna go to user share elasticsearch and we will go to bin folder okay here we have a bunch of scripts and we will gonna focus on this one right here elasticsearch set up passwords we will do it in the following way elasticsearch set up passwords and then we can do auto so you have two options you can go automatically or interactive so I'm just gonna go for automatic ones right now the passwords for the built-in users will gonna be automatically created and right now we will gonna ask us to agree with the fact that this passwords will be randomly generated and they were not gonna be chosen by one by us so we were gonna go with Y here and these passwords are presented was in form I'm just gonna take these passwords and put them in notepad file yeah we're gonna have it right here and right now what we were gonna do we will have to actually configure the Cabana yeah mol file 908 C and then keep on our Cabana not yeah Moe and we will look for what we are we gonna look for elastic username and password so it's just slow for the user and this is the user Cabana I'm gonna search into the text okay maybe so it'll be down below okay so it's right here elastic search dot username and elastic search dot password the user we already have it and we will just copy this password and we will paste in it this text file right now we will save it and exit the file then we will have to restart Kabana okay let's check for the status and everything is running fine right now we will have to go for the web interface and in our case we will simply refresh it and we should get prompted for a username and password now because we haven't actually created a username or password for this panda is a built-in one if you remember when we talked a little bit earlier about the elastic superuser so in this notepad file we also have the password for the elastic user which is like the super user one so we're going to put here elastic and here we will put the password and we should automatically log in without too much trouble right now because there is no other user except the elastic one that can acces keep on a via the web interface we can actually create one so you will need to go to management and over here there is a new section which appeared after we enable to expect monitoring sorry the expect feature from elastic and we have rolls and these are the default roles and we also have users so let's just go to users we already have the built-in users that we talked about it and we were going to create another one let's just call this one let's call it admin password put something for the password in here right now we will have to confirm the password again put some full name I don't know just admin and then mail address and me at bits white hard dot local anything you'd like let's just give it some roles lists let's give some admin roles like qivana and mean and then for example events and mean [Music] roll up and mean one what else we can give here let's look for something else I stopped by a user let's do keep on a system ma'am and right now we will just hit on create this is actually the new version on how you can create a user there was worth there is actually another method that you can do it via the REST API but it makes no sense to show you the REST API user creation since this one is so easily to be handled we will just open a new window in a new browser let's go for edge why not and here we will just simply paste the IP address and the port and we should get prompted for authentication and we will use admin and then the password for this user and try to login thanks for watching if you liked the video hit the like button don't forget to subscribe and talk to you guys in the next one

Info

Channel: Bits Byte Hard

Views: 13,197

Rating: undefined out of 5

Keywords: mongo, mongodb, elasticsearch, graylog, logstash, kibana, centos, debian, fedora, ubuntu, redhat, suse, ELK, java, monitoring, splunk, arksight, qradar, logs, log, processing, linux, vmware, virtualbox, VIP, virtual IP, firewall, Linux, server, nxlog, syslog, UDP, patterns, graylog 3.0, table, active directory, mail, exchange, notification, condition, bash, shell, scripting, monitor, graylog3.1, graylog 3.1, backup, elasticsearch backup, elasticsearch snapshot, elasticsearch restore, elastichq, cerebro, beats, x-pack, xpack

Id: 9kXNPGqK4ZY

Channel Id: undefined

Length: 12min 35sec (755 seconds)

Published: Mon Jun 22 2020