filebeat与logstash实现ssl加密传输

logstash 192.168.1.26

filebeat 192.168.1.10

在logstash 端生成证书

[root@redhat~]vi /etc/pki/tls/openssl.con 
#在[ v3_ca ]下面填写
subjectAltName = IP:192.168.1.26
[ v3_ca ] 
subjectKeyIdentifier=hash 
subjectAltName = IP:192.168.1.26   #若是elk端处于内网，建议ip写成公网出口ip

[root@redhat~]cd /etc/pki/tls/ 
openssl req -subj '/CN=192.168.1.26/' -x509 -days 3650 -batch -nodes -newkey rsa:2048 -keyout private/logstash.key -out certs/logstash.crt

log端生成证书

[root@redhat~]vi /etc/pki/tls/openssl.conf 
#在[ v3_ca ]下面填写subjectAltName = IP:192.168.1.40 

[ v3_ca ] 
subjectKeyIdentifier=hash
subjectAltName = IP:192.168.1.40 
#若是log端处于内网，建议ip写成公网出口ip

[root@redhat~]cd /etc/pki/tls/ 
openssl req -subj '/CN=192.168.1.40/' -x509 -days 3650 -batch -nodes -newkey rsa:2048 -keyout private/filebeat.key -out certs/filebeat.crt

复制各自证书到对应主机的响应目录下，修改配置，并重启生效#elk端

 

#重启filebeat 
systemctl restart filebeat