Home > Mobile >  Redis input over TLS for Logstash
Redis input over TLS for Logstash

Time:11-06

I am trying to setup a securized ELK stack with redis as a buffer :

filebeat -> redis -> logstash -> elastic

I installed redis with TLS configuration, filebeat can communicate with redis over TLS without any issue.

But i don't understand how to configure logstash. There is a boolean option ssl, but where can i provide the redis certificate ?

filebeat.yml

output.redis:
  hosts: ["redishost:6379"]
  password: "password"
  key: "filebeat"
  db: 0
  timeout: 5
  ssl:
    enabled: true
    certificate_authorities: ["/etc/filebeat/cert/ca.crt"]
    insecure: true
    supported_protocols: [TLSv1.2]
    verification_mode: none

redis.conf in logstash

  redis {
    host => "redishost"
    password => "password"
    db => 0
    key => "filebeat"
    data_type => "list"
    ssl => true
  }

Thanks in advance

CodePudding user response:

You cannot configure logstash to trust the redis certificate, or the authority that signed it. The certificate has to be trusted by the JRE or JDK that runs logstash.

  • Related