0

We are using elasticsearch as back-end for our in-house logging and monitoring system. We have multiple sites pouring in data to one ES cluster but in different index. e.g. abc-us has data from US site, abc-india has it from India site.

Now concerns are we need some security checks before pushing in data to cluster.

  1. data coming to index is coming from right IP address
  2. incoming json request is of inserting new data and not delete/update
  3. while reading we want certain IP should not be able to read data of other index.

Kindly let me know if its possible to achieve using elasticsearch.

4

1 回答 1

1

elasticsearch-jetty插件带来了 Jetty 的全部功能,并为 elasticsearch 添加了几个新功能。有了这个插件,elasticsearch 现在可以处理 SSL 连接,支持基本身份验证,并以纯文本或 json 格式记录所有或部分传入请求。

这个想法是将 Jetty 包装器作为插件添加到 ElasticSearch。

剩下的只是对某些用户限制某些 URL 和某些方法(例如 DELETE)。

你可以在 github 上找到 elasticsearch-jetty,当然还有关于它的使用、配置和限制的详细说明。

于 2014-09-13T07:35:45.130 回答