This documentation contains work-in-progress information for future Elastic Stack and Cloud releases. Use the version selector to view supported release docs. It also contains some Elastic Cloud serverless information. Check out our serverless docs for more details.
Secure Auditbeat
editSecure Auditbeat
editThe following topics provide information about securing the Auditbeat process and connecting to a cluster that has security features enabled.
You can use role-based access control and optionally, API keys to grant Auditbeat users access to secured resources.
After privileged users have been created, use authentication to connect to a secured Elastic cluster.
On Linux, Auditbeat can take advantage of secure computing mode to restrict the system calls that a process can issue.