Secure Auditbeat

The following topics provide information about securing the Auditbeat process and connecting to a cluster that has security features enabled.

You can use role-based access control and optionally, API keys to grant Auditbeat users access to secured resources.

After privileged users have been created, use authentication to connect to a secured Elastic cluster.

On Linux, Auditbeat can take advantage of secure computing mode to restrict the system calls that a process can issue.