Add ELK Security

Add security to ELk such that only localhost is able to access ELK. All other hosts will be denied service. This fixes the open elastic serach security vulnerability. Issue-ID: POLICY-495 Change-Id: I7f5d6fef5963f984c2bce6933c8b214c0bd3be2b Signed-off-by: Temoc Rodriguez <cr056n@att.com>
author: Temoc Rodriguez <cr056n@att.com> 2017-12-11 15:24:23 -0800
committer: Temoc Rodriguez <cr056n@att.com> 2017-12-12 15:28:06 -0800
commit: 436d3e2c78a8bff54f65ca1b07e71f5cc50e355a (patch)
tree: 14f4f7361c3a0e8b09ec996ebc13461bd34356c9 /packages/base/src/files/install/elk/config
parent: 428150834ee60899b9a8da019bae3c8bf009adf1 (diff)
1 files changed, 3 insertions, 3 deletions
diff --git a/packages/base/src/files/install/elk/config/elasticsearch.yml b/packages/base/src/files/install/elk/config/elasticsearch.yml
index b890bb13b..ec6def080 100644
--- a/packages/base/src/files/install/elk/config/elasticsearch.yml
+++ b/packages/base/src/files/install/elk/config/elasticsearch.yml
@@ -54,8 +54,8 @@ path.logs: ${{POLICY_HOME}}/logs
 #
 # Set the bind address to a specific IP (IPv4 or IPv6):
 #
-#network.host: 192.168.0.1
-network.host: ["${{ELK_NETWORK_HOST}}", "127.0.0.1"]
+# Only allow to run on localhost so it can't be queried from outside
+network.bind_host: ["_local_"]
 #
 # Set a custom port for HTTP:
 #
@@ -88,4 +88,4 @@ network.host: ["${{ELK_NETWORK_HOST}}", "127.0.0.1"]
 #
 # Require explicit names when deleting indices:
 #
-#action.destructive_requires_name: true
-\ No newline at end of file
+#action.destructive_requires_name: true
author	Temoc Rodriguez <cr056n@att.com>	2017-12-11 15:24:23 -0800
committer	Temoc Rodriguez <cr056n@att.com>	2017-12-12 15:28:06 -0800
commit	436d3e2c78a8bff54f65ca1b07e71f5cc50e355a (patch)
tree	14f4f7361c3a0e8b09ec996ebc13461bd34356c9 /packages/base/src/files/install/elk/config
parent	428150834ee60899b9a8da019bae3c8bf009adf1 (diff)