When you deploy elasticsearch in k8s via ECK by default it takes care of the transport certificates/http certificates/CA creation if you don’t use your own custom ones. Lets say that your cluster is up and running and now you are trying to configure something like SAML/LDAP/OIDC or something else that requires content to be made available to the elasticsearch pod but its a bit sensitive so you need it to be stored as a secret such as CA, certificates, etc. How would you go about doing this? Following example will add a custom certificate authority to be used with your… Continue Reading
I think one of the biggest issue with fleet and elastic-agent was that it was limited on the outputs so if you had tons and tons of elastic-agents in the wild it would all connect back to your elasticsearch and can overwhelm the cluster. Starting 8.2 of elasticsearch logstash output type was introduced.. it is still in BETA at this time but I just tried it and it worked very nicely! The steps to setup the logstash output is listed on https://www.elastic.co/guide/en/fleet/8.2/secure-logstash-connections.html but I wanted to try it out and document it. Install & configure logstash Install yum install logstash-8.2.2… Continue Reading
How to create wildcard certificate the right way to use for home so that you wouldn’t get the not trusted thingy for your site. Use my script on https://github.com/jlim0930/scripts/blob/master/wildcard.sh to generate the CA,CA key, & the certificate. Use the certificate to encrypt your devices and sites like synology,esxi,others and import the CA into your computer so that it will verify the cert! enjoy!