diff --git a/config/elasticsearch/elasticsearch.yml b/config/elasticsearch/elasticsearch.yml index 6cab4f7..1bcbc50 100644 --- a/config/elasticsearch/elasticsearch.yml +++ b/config/elasticsearch/elasticsearch.yml @@ -6,6 +6,13 @@ transport.host: 0.0.0.0 # set to 1 to allow single node clusters # Details: https://github.com/elastic/elasticsearch/pull/17288 discovery.zen.minimum_master_nodes: 1 + +# the discovery.type setting below eliminated this error +# ERROR: [1] bootstrap checks failed +# [1]: the default discovery settings are unsuitable for production use; at least one of +# [discovery.seed_hosts, discovery.seed_providers, cluster.initial_master_nodes] must be configured +discovery.type: single-node + xpack.license.self_generated.type: trial xpack.security.enabled: true xpack.security.http.ssl.enabled: true diff --git a/config/filebeat/filebeat.yml b/config/filebeat/filebeat.yml index f6755b4..44a6f47 100644 --- a/config/filebeat/filebeat.yml +++ b/config/filebeat/filebeat.yml @@ -1,9 +1,6 @@ keystore.path: "/usr/share/filebeat/config/filebeat.keystore" filebeat.config: - prospectors: - path: ${path.config}/prospectors.d/*.yml - reload.enabled: false modules: path: ${path.config}/modules.d/*.yml reload.enabled: false diff --git a/config/kibana/kibana.yml b/config/kibana/kibana.yml index 9409391..e505aba 100644 --- a/config/kibana/kibana.yml +++ b/config/kibana/kibana.yml @@ -2,7 +2,7 @@ server.name: kibana server.host: "0" -elasticsearch.url: https://elasticsearch:9200 +elasticsearch.hosts: https://elasticsearch:9200 # elasticsearch.password is stored in `kibana.keystore` elasticsearch.username: kibana elasticsearch.ssl.certificateAuthorities: ["/certs/ssl/ca/ca.crt"] diff --git a/config/logstash/logstash.yml b/config/logstash/logstash.yml index 3856890..b956682 100644 --- a/config/logstash/logstash.yml +++ b/config/logstash/logstash.yml @@ -1,6 +1,6 @@ http.host: 0.0.0.0 # read password from logstash.keystore xpack.monitoring.elasticsearch.password: ${ELASTIC_PASSWORD} -xpack.monitoring.elasticsearch.url: https://elasticsearch:9200 +xpack.monitoring.elasticsearch.hosts: https://elasticsearch:9200 xpack.monitoring.elasticsearch.username: logstash_system -xpack.monitoring.elasticsearch.ssl.ca: /certs/ssl/ca/ca.crt +xpack.monitoring.elasticsearch.ssl.certificate_authority: /certs/ssl/ca/ca.crt diff --git a/docker-compose.yml b/docker-compose.yml index e85dcba..f1fafd8 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -99,7 +99,7 @@ services: image: docker.elastic.co/beats/filebeat:${TAG} container_name: filebeat hostname: filebeat - command: -e -c=config/filebeat.yml # -e flag to log to stderr and disable syslog/file output + command: --strict.perms=false -e -c=config/filebeat.yml # -e flag to log to stderr and disable syslog/file output # If the host system has logs at "/var/log", mount them at "/mnt/log" # inside the container, where Filebeat can find them. # volumes: ['/var/log:/mnt/log:ro'] @@ -120,7 +120,7 @@ services: image: docker.elastic.co/beats/heartbeat:${TAG} container_name: heartbeat hostname: heartbeat - command: -e -c=config/heartbeat.yml # -e flag to log to stderr and disable syslog/file output + command: --strict.perms=false -e -c=config/heartbeat.yml # -e flag to log to stderr and disable syslog/file output volumes: - 'hb_config:/usr/share/heartbeat/config' - 'certs:/certs' @@ -146,7 +146,7 @@ services: # - /proc:/hostfs/proc:ro # - /sys/fs/cgroup:/hostfs/sys/fs/cgroup:ro # - /:/hostfs:ro - command: -e -c=config/metricbeat.yml # -e flag to log to stderr and disable syslog/file output + command: --strict.perms=false -e -c=config/metricbeat.yml # -e flag to log to stderr and disable syslog/file output volumes: - 'mb_config:/usr/share/metricbeat/config' - 'certs:/certs' diff --git a/scripts/setup-elasticsearch.sh b/scripts/setup-elasticsearch.sh index 585b17b..b7c606e 100755 --- a/scripts/setup-elasticsearch.sh +++ b/scripts/setup-elasticsearch.sh @@ -2,7 +2,7 @@ configdir=/usr/share/elasticsearch/config # Determine if x-pack is enabled echo "Determining if x-pack is installed..." -if [[ -d /usr/share/elasticsearch/bin/x-pack ]]; then +if [[ -f bin/elasticsearch-users ]]; then if [[ -n "$ELASTIC_PASSWORD" ]]; then echo "=== CREATE Keystore ==="