- Winlogbeat Reference: other versions:
- Overview
- Getting Started With Winlogbeat
- Setting up and running Winlogbeat
- Upgrading Winlogbeat
- Configuring Winlogbeat
- Set up Winlogbeat
- Specify general settings
- Configure the internal queue
- Configure the output
- Configure index lifecycle management
- Specify SSL settings
- Filter and Enhance the exported data
- Define processors
- Add cloud metadata
- Add fields
- Add labels
- Add the local time zone
- Add tags
- Decode JSON fields
- Drop events
- Drop fields from events
- Keep fields from events
- Rename fields from events
- Add Kubernetes metadata
- Add Docker metadata
- Add Host metadata
- Dissect strings
- DNS Reverse Lookup
- Add process metadata
- Parse data by using ingest node
- Enrich events with geoIP information
- Configure project paths
- Configure the Kibana endpoint
- Load the Kibana dashboards
- Load the Elasticsearch index template
- Configure logging
- Use environment variables in the configuration
- YAML tips and gotchas
- HTTP Endpoint
- winlogbeat.reference.yml
- Exported fields
- Monitoring Winlogbeat
- Securing Winlogbeat
- Troubleshooting
- Contributing to Beats
IMPORTANT: No additional bug fixes or documentation updates
will be released for this version. For the latest information, see the
current release documentation.
Set the password for the built-in monitoring user
editSet the password for the built-in monitoring user
editX-Pack security provides built-in user credentials in Elasticsearch that have a fixed set of
privileges. In 6.3.0 and later releases, there is a
beats_system
built-in user, which Winlogbeat uses to store
monitoring information in Elasticsearch.
The initial passwords for all of the built-in users are set by using the
setup-passwords
tool in Elasticsearch. Thereafter, you can change the passwords by
using the Management > Users page in Kibana or the
Change Password API.
If you upgraded from Elasticsearch version 6.2 or earlier, you will not
have set a password for the beats_system
user. A user with the
manage_security
privilege must change the password for this built-in user.
For more information, see:
Was this helpful?
Thank you for your feedback.