# /usr/share/elasticsearch/bin/elasticsearch-setup-passwords interactive
Initiating the setup of passwords for reserved users elastic,apm_system,kibana,logstash_system,beats_system,remote_monitoring_user.
You will be prompted to enter passwords as the process progresses.
Please confirm that you would like to continue [y/N]y
Enter password for [elastic]:
Reenter password for [elastic]:
Enter password for [apm_system]:
Reenter password for [apm_system]:
Enter password for [kibana]:
Reenter password for [kibana]:
Enter password for [logstash_system]:
Reenter password for [logstash_system]:
Enter password for [beats_system]:
Reenter password for [beats_system]:
Enter password for [remote_monitoring_user]:
Reenter password for [remote_monitoring_user]:
Changed password for user [apm_system]
Changed password for user [kibana]
Changed password for user [logstash_system]
Changed password for user [beats_system]
Changed password for user [remote_monitoring_user]
Changed password for user [elastic]
# ======================== Elasticsearch Configuration =========================
#
# NOTE: Elasticsearch comes with reasonable defaults for most settings.
# Before you set out to tweak and tune the configuration, make sure you
# understand what are you trying to accomplish and the consequences.
#
# The primary way of configuring a node is via this file. This template lists
# the most important settings you may want to configure for a production cluster.
#
# Please consult the documentation for further information on configuration options:
# https://www.elastic.co/guide/en/elasticsearch/reference/index.html
# Cluster / Node Basics
cluster.name: welog
# Node can have abritrary attributes we can use for routing
node.name: es-welog02cn-dw03-p014
node.max_local_storage_nodes: 1
node.master: False
node.data: True
node.ingest: True
node.attr.rack: warm
# networking Settings
network.host: 10.40.9.154,127.0.0.1
http.enabled: false
transport.tcp.port: 9300
# dirs
path.data:
- /data/elasticsearch/data-vdc
- /data/elasticsearch/data-vde
- /data/elasticsearch/data-vdd
path.logs: /data/elasticsearch/logs
# Minimum nodes alive to constitute an operational cluster
discovery.zen.minimum_master_nodes: 2
# Unicast Discovery (disable multicast)
discovery.zen.ping.unicast.hosts:
- es-welog02cn-p001.pek3.example.net
- es-welog02cn-p002.pek4.example.net
- es-welog02cn-p003.pek3.example.net
# X-Pack
xpack.security.enabled: True
xpack.security.audit.enabled: true
xpack.security.audit.outputs: [ logfile ]
xpack.security.audit.logfile.events.emit_request_body: true
xpack.security.audit.logfile.events.ignore_filters:
exclude_logstash_write:
users: ["logstash_internal"]
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /etc/elasticsearch/certs/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: /etc/elasticsearch/certs/elastic-certificates.p12
xpack.watcher.enabled: True
xpack.monitoring.enabled: True
xpack.ml.enabled: False
xpack.notification.email.account:
exmail:
profile: standard
email_defaults:
from: log-monitor@exmail.qq.com
smtp:
auth: true
starttls.enable: true
host: smtp.exmail.qq.com
port: 587
user:
password:
# X-Pack watcher email notification
xpack.notification.email.default_account: exmail
xpack.notification.email.account.alerting.smtp.host: "smtp.exmail.qq.com"
