Securing Elastic search Instance with Shield

Reading Time : ~ .

Shield allows you to protect elasticsearch data with a username and password. It provides additional functionalities like like encryption, role-based access control, IP filtering. It is Official Plugin of Elasticsearch which embeds well with other elasticsearch products like kibana and logstash. Initially Shield is available for 30days try after which you can renew the license

Installing ElasticSearch

sudo add-apt-repository ppa:webupd8team/java
sudo apt-get update
sudo apt-get -y install oracle-java8-installer
wget https://download.elastic.co/elasticsearch/elasticsearch/elasticsearch-2.3.2.deb
sudo dpkg -i elasticsearch-2.3.2.deb
sudo update-rc.d elasticsearch defaults 95 10

Setting up Shield

cd /usr/share/elasticsearch (ES_HOME Directory)
bin/plugin -i elasticsearch/license/latest
bin/plugin -i elasticsearch/shield/latest
service elasticsearch restart
bin/shield/esusers useradd <user-name> -p <password> -r <role-name>


Verifying shield:

curl -u <user-name>:<password>  localhost:9200
    By Posted On
SENIOR DEVELOPER at MICROPYRAMID

Need any Help in your Project?Let's Talk

Latest Comments
Related Articles
How to Do Page Redirections with Nginx. Ashwin Kumar

Here we learn how to redirect a www to non-www or vice-versa also we see how to redirect pages. We will see differences between 301 ...

Continue Reading...
ELK Stack for Parsing your Logs Jagadeesh V

In This Tutorial we will look onto parsing your syslog files and store and display it in interactable website. We will be using ELK Stack ...

Continue Reading...
HTTP2 and SPDY Protocols - Make HTTP Faster and Safer Dinesh Deshmukh

HTTP/2, next version of HTTP/1, http/1 can not handle the present web which has become more resource intensive, it cannot processes multiple requests in an ...

Continue Reading...

Subscribe To our news letter

Subscribe to our news letter to receive latest blog posts into your inbox. Please fill your email address in the below form.
*We don't provide your email contact details to any third parties