github-mirrors/logstash
1
0
Fork 0
mirror of https://github.com/elastic/logstash.git synced 2025-04-25 07:07:54 -04:00
Code Issues Projects Releases Packages Wiki Activity

Doc: Keystore must be accessible to logstash user (#12864)

Browse source 
Backports  #12775
Updates docs to propagate change to other branches. The original was a direct commit to the 7.10 branch.
This commit is contained in:
Karen Metts 2021-04-30 18:04:39 -04:00 committed by GitHub
parent 44493835cf
commit 6c0f3c6020
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

6
docs/static/keystore.asciidoc vendored
View file

@ -36,6 +36,12 @@ is not currently supported.
NOTE: Referencing keystore data from {logstash-ref}/logstash-centralized-pipeline-management.html[centralized pipeline management] NOTE: Referencing keystore data from {logstash-ref}/logstash-centralized-pipeline-management.html[centralized pipeline management]
requires each Logstash deployment to have a local copy of the keystore. requires each Logstash deployment to have a local copy of the keystore.
NOTE: The {ls} keystore needs to be protected, but the {ls} user must
have access to the file. While most things in {ls} can be protected with
`chown -R root:root <foo>`, the keystore itself must be accessible from the
{ls} user. Use `chown logstash:root <keystore> && chmod 0600
<keystore>`.
When Logstash parses the settings (`logstash.yml`) or configuration When Logstash parses the settings (`logstash.yml`) or configuration
(`/etc/logstash/conf.d/*.conf`), it resolves keys from the keystore before (`/etc/logstash/conf.d/*.conf`), it resolves keys from the keystore before
resolving environment variables. resolving environment variables.