Skip to content

Secure Filebeat


For security reasons, we strongly recommend configuring the TLS encryption.


Configure the TLS Encryption

The connection to Filebeat is secured by the TLS certificate located in the /opt/seal/etc/tls directory. That means that after you have replaced the self-signed certificate enclosed in delivery by your own certificate in Secure the PLOSSYS 5 Services the connection to Filebeat has already been secured.


Specify the CA Certificate (If Available)

This step is only required if your certificate contains a CA certificate. If the certificate exists, it is checked for validity when the connection is established. The CA certificate is saved in /opt/seal/etc/tls/ca.pem.

  1. Open the Filebeat configuration file on the PLOSSYS 5 server:

    /opt/seal/etc/filebeat.yml
    
  2. Search for the following line:

    insecure: true
    
  3. Replace the line by:

    certificate_authorities: ["/opt/seal/etc/tls/ca.pem"]
    
  4. Save the configuration file.

  5. Restart the following service:

    • seal-filebeat

Configure the TLS Encryption in a Cluster

If you are running PLOSSYS 5 in a cluster, execute the configuration steps above on all PLOSSYS 5 servers.


Back to top