Securing Filebeat¶

Hint - TLS encryption

For security reasons, we strongly recommend configuring the TLS encryption.

Configuring the TLS Encryption¶

The SEAL Elastic Stack installation includes a self-signed TLS certificate. Replace this certificate by your own certificate to secure the connection to Filebeat.

Get your own TLS certificate.
- cert.pem
- key.pem
Copy your TLS certificate to the following directory:
```
C:\ProgramData\SEAL Systems\config\tls
```
Hint - changing the TLS directory

We recommend you use a directory different from tls for your customer certificates, e. g. tls-external.

This allows you to easily switch back to the included certificates for test purposes.

Also it prevents your certificates from being overwritten during an update.

Make sure you use the new directory in all SEAL products that use TLS encryption.

Configuring the TLS Encryption in a Cluster¶

If you run PLOSSYS 5 in a cluster, replace the TLS certificate as described above on each PLOSSYS 5 server separately.

Specifying a CA Certificate¶

If a CA certificate has been specified, Filebeat requires a client certificate from each client. This requires corresponding properties of the certificate.

Configure a CA certificate as follows:

On the PLOSSYS 5 server, open the Filebeat configuration file:
```
C:\ProgramData\SEAL Systems\config\filebeat.yml
```

Replace the line:

insecure: true

by the follwing line:

certificate_authorities: ["C:\ProgramData\SEAL Systems\config\tls\ca.pem"]

Save the configuration file.
Restart Filebeat:
```
start-service seal-filebeat
```