Activating the Mininum Security of SEAL Elastick Stack¶

If you whish to activate the minimum security level of SEAL Elastic Stack, follow the instructions below.

Stopping All Services of SEAL Elastic Stack¶

On the PLOSSYS 5 server, stop Filebeat:
```
stop-service seal-filebeat
```

On the PLOSSYS 4 server, stop Filebeat:

stop-service seal-p4-accounting-filebeat

On the management server, stop Elasticsearch and Kibana:

stop-service seal-elasticsearch

stop-service seal-kibana

Configuring Elasticsearch¶

In an editor, open the following configuration file:

C:\ProgramData\SEAL Systems\config\seal-elasticsearch\elasticsearch.yml

Add or adjust the following lines:

xpack.security.enabled: true
discovery.type: single-node

Restart Elasticsearch:
```
start-service seal-elasticsearch
```
Interactively set the passwords:
```
"C:\Program Files\SEAL Systems\seal-elasticsearch\bin\elasticsearch-setup-passwords.bat" interactive
```
Caution - identical passwords

Use identical password for the following systems: - apm_system - kibana_system - logstash_system - beats_system - remote_monitoring_user

You will need the kibana_system password in the next step.

Configuring Kibana¶

In an editor, open the following configuration file:
```
C:\ProgramData\SEAL Systems\config\kibana.yml
```

Add or adjust the following lines:

elasticsearch.username: "kibana_system"
elasticsearch.password: "Pa$$w0rt"

Pa$$w0rt is just an example.

Restart Kibana:
```
start-service seal-kibana
```

Hint - separate Kibana user

If you log on to the Kibana user interface, the elastic user is used by default.

You may define a separate user vor the Kibana user interface. For details on this, refer to the original documentation of the software producer:

Create Roles and Users

Configuring Filebeat¶

In an editor, open the following configuration file:
```
"C:\ProgramData\SEAL Systems\config\filebeat.yml"
```

Add or adjust the following lines:

output.elasticsearch.username: elastic
output.elasticsearch.password: Pa$$w0rt

Restart Filebeat:
```
start-service seal-filebeat
```

Hint - separate Filebeat user

In the Kibana user Interface, you may define a special filebeat_writer user, who needs a Setupand a Publishing roll. For details on this, refer to the original documentation of the software producer:

Create roles and users

Using Filebeat Keystore to Manage Passwords¶

In a PowerShell (Administrator), add the corresponding password, e.g. under the key ES_PWD, to the filebeat keystore:

cd "C:\Program Files\SEAL Systems\seal-filebeat"
.\filebeat.exe -c "C:\ProgramData\SEAL Systems\config\filebeat.yml" keystore add ES_PWD

Check the stored keys:

cd "C:\Program Files\SEAL Systems\seal-filebeat"
.\filebeat.exe -c "C:\ProgramData\SEAL Systems\config\filebeat.yml" keystore list

In an editor, open the following configuration file:
```
"C:\ProgramData\SEAL Systems\config\filebeat.yml"
```
Add or adjust the following lines and use the key instead of the password:
```
output.elasticsearch.password: "${ES_PWD}"
```
Restart Filebeat:
```
start-service seal-filebeat
```

Adjusting Environment Variables in Consul¶

Add user and password to the SEAL REST service URL:

ELASTICSEARCH_REST_URL = http://elastic:<password>@<management-server>:9200

Hint - PLOSSYS Administrator Configuration

Leave the KIBANA_LINK item unchanged. User and password are requested interactively in the browser. You can configure the validation period of the password in Kibana.