I can't see the certificates from elasticSearch
305 views
Skip to first unread message
TheLotus 24
Apr 12, 2024, 5:40:43 PM4/12/24
to Wazuh | Mailing List
Hello, could you help me by indicating where my certificates are so I can integrate elasticsearch with wazuh? Whenever I try to integrate it I have been stuck at this point because I can't find the path or the files are not there. Could you give me a little more detail on where to find them? Because the document does not specify me.
Olusegun Adenrele Oyebo
Apr 13, 2024, 5:03:22 AM4/13/24
to Wazuh | Mailing List
Hello,
Thanks for reaching out.
It seems you're asking of the elasticsearch certificates. You can get the certificates in the path /etc/elasticsearch/certs, while the Wazuh indexer certificates can be found in the path /etc/wazuh-indexer/certs, then you can use the below documentation as guide to perform the integration:
Thanks for reaching out.
It seems you're asking of the elasticsearch certificates. You can get the certificates in the path /etc/elasticsearch/certs, while the Wazuh indexer certificates can be found in the path /etc/wazuh-indexer/certs, then you can use the below documentation as guide to perform the integration:
I'd also like to point out that the above issue you encountered is because you were supposed to copy the root certificate of elasticsearch to the path /etc/logstash/elasticsearch-certs,
but it seems you have not done so.
I hope this helps. If you have further inqueries, do not hesitate to ask.
Best regards.
Olusegun Adenrele Oyebo
Apr 18, 2024, 9:29:30 AM4/18/24
to Wazuh | Mailing List
Hello,
Checking on this query to know if the issue has been resolved or you'll still need further assistance.
TheLotus 24
Apr 18, 2024, 9:33:06 AM4/18/24
to Wazuh | Mailing List
In a moment I will continue with the elastic stack integration, now I am presenting an error in the integration with Sophos, I published a forum about that, I don't know if you can help me?
Olusegun Adenrele Oyebo
Apr 18, 2024, 9:39:02 AM4/18/24
to Wazuh | Mailing List
Hello,
With regards to your issue on integration with Sophos, I'll suggest you create a new query on it as this one was with regards to elasticsearch. This helps us to better manage user queries.
I hope you understand and we apologize for any inconvenience this might cause.
Best regards.
TheLotus 24
Apr 18, 2024, 9:43:54 AM4/18/24
to Wazuh | Mailing List
Yes, of course, I already believe it about this query, give me a few days to try it and I will let you know if there is any inconvenience so you can help me, thank you very much.
TheLotus 24
Apr 26, 2024, 10:46:59 AM4/26/24
to Wazuh | Mailing List
I just did the Logstash installation and also used the command -> sudo /usr/share/logstash/bin/logstash-plugin install logstash-output-elasticsearch
to install the plugin, when I continue with the following steps and try to copy the logstash certificates, no certificate has been created or generated, what step am I missing?
to install the plugin, when I continue with the following steps and try to copy the logstash certificates, no certificate has been created or generated, what step am I missing?
Reply all
Reply to author
Forward
0 new messages