- X-Pack Reference for 6.0-6.2 and 5.x:
- Introduction
- Installing X-Pack
- Migrating to X-Pack
- Breaking Changes
- Securing Elasticsearch and Kibana
- Monitoring the Elastic Stack
- Alerting on Cluster and Index Events
- Reporting from Kibana
- Graphing Connections in Your Data
- Profiling your Queries and Aggregations
- Machine Learning in the Elastic Stack
- X-Pack Settings
- X-Pack APIs
- Info API
- Security APIs
- Watcher APIs
- Graph APIs
- Machine Learning APIs
- Close Jobs
- Create Datafeeds
- Create Jobs
- Delete Datafeeds
- Delete Jobs
- Delete Model Snapshots
- Flush Jobs
- Get Buckets
- Get Categories
- Get Datafeeds
- Get Datafeed Statistics
- Get Influencers
- Get Jobs
- Get Job Statistics
- Get Model Snapshots
- Get Records
- Open Jobs
- Post Data to Jobs
- Preview Datafeeds
- Revert Model Snapshots
- Start Datafeeds
- Stop Datafeeds
- Update Datafeeds
- Update Jobs
- Update Model Snapshots
- Validate Detectors
- Validate Jobs
- Definitions
- Troubleshooting
- Limitations
- License Management
- Release Notes
WARNING: Version 5.4 of the Elastic Stack has passed its EOL date.
This documentation is no longer being maintained and may be removed. If you are running this version, we strongly advise you to upgrade. For the latest information, see the current release documentation.
Security Files
editSecurity Files
editThe X-Pack security uses the following files:
-
CONFIG_DIR/x-pack/roles.ymldefines the roles in use on the cluster (read more here). -
CONFIG_DIR/x-pack/usersdefines the users and their hashed passwords for thefilerealm. -
CONFIG_DIR/x-pack/users_rolesdefines the user roles assignment for the thefilerealm. -
CONFIG_DIR/x-pack/role_mapping.ymldefines the role assignments for a Distinguished Name (DN) to a role. This allows for LDAP and Active Directory groups and users and PKI users to be mapped to roles (read more here). -
CONFIG_DIR/x-pack/log4j2.propertiescontains audit information (read more here). -
CONFIG_DIR/x-pack/system_keyholds a cluster secret key that’s used to authenticate messages during node to node communication. For more information, see Enabling Message Authentication.
Several of these files are in the YAML format. When you edit these files, be aware that YAML is indentation-level sensitive and indentation errors can lead to configuration errors. Avoid the tab character to set indentation levels, or use an editor that automatically expands tabs to spaces.
Be careful to properly escape YAML constructs such as : or leading exclamation
points within quoted strings. Using the | or > characters to define block
literals instead of escaping the problematic characters can help avoid problems.