Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Serilog + serilog-sinks-elasticsearch +ElasticSearch Auth

I am far from being a Dev with any .net experience, but the dev team at work would like to use Serilog along with serilog-sinks-elasticsearch to push logs into my ELK stack.

Looking at the config for serilog-sinks-elasticsearch, there doesn't seem to be any way to send the creds require to write to the ElasticSearch Cluster.

Is this just a dumb ops person question or have I just missed the config somewhere?

Thanks

like image 927
Phil Avatar asked Sep 05 '16 21:09

Phil


3 Answers

I struggled to find a good solution for this too. Adding the username/password to the url definitely does work but somehow doesnt feel right.

This worked for me:

.WriteTo.Elasticsearch(new ElasticsearchSinkOptions(new Uri("https://your-deployment.westeurope.azure.elastic-cloud.com:9243"))
{
  ...,
  ModifyConnectionSettings = x => x.BasicAuthentication("elastic", "your-password"),
})
like image 136
Yashvit Avatar answered Nov 09 '22 04:11

Yashvit


If you want to stick with your configuration file (appsettings.json), knowing that you can use the argument connectionGlobalHeaders to specify the login/password, because Elasticsearch use Basic Authentication to authenticate the user.

Something like this:

"Serilog": {
    "WriteTo": [
      {
        "Name": "Elasticsearch",
        "Args": {
          "nodeUris": "https://your-uri",
          "connectionGlobalHeaders": "Authorization=Basic dXNlcm5hbWU6cGFzc3dvcmQ=",
          "indexFormat": "application-log-{0:yyyy.MM}",
          "autoRegisterTemplate": true,
          "autoRegisterTemplateVersion": "ESv7"
        }
      }
    ]
  }

where the part after "Authorization=Basic" is the Base64 string of your "login:password".

like image 44
Marimout Avatar answered Nov 09 '22 05:11

Marimout


Good question....

You might try supplying them as part of the Elasticsearch server/stack URL.

Example:

.WriteTo.Sink(new ElasticsearchSink(new ElasticsearchSinkOptions(new Uri(url))
{
    AutoRegisterTemplate = true
}

where

url = "https://user:password@stack-server:port"
like image 10
programmerj Avatar answered Nov 09 '22 05:11

programmerj