Skip to content

Enable and use ElasticSearch basic authentication #14

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 8 commits into from
Apr 25, 2025
Merged

Enable and use ElasticSearch basic authentication #14

merged 8 commits into from
Apr 25, 2025

Conversation

@undebutant
Copy link
Collaborator

Changes summary:

  • Set xpack.security.enabled env variable to true in ElasticSearch container
  • Provide elastic password using ELASTIC_PASSWORD env variable and Docker Compose .env
  • Create a index.conf.template file for both TheHive and Cortex, filled with ElasticSearch password using the init.sh script
  • Update ElasticSearch container health check to use basic auth

@undebutant undebutant force-pushed the enable-elasticsearch-authentication branch from 3bb23af to e37fdf7 Compare March 20, 2025 14:14
@jeromeleonard
Copy link
Collaborator

What about updating the following part in the conf files:

include "/etc/thehive/index.conf"
include "/etc/thehive/secret.conf"

# DATABASE CONFIGURATION
db.janusgraph.storage {
  backend = cql
  hostname = ["cassandra"]
  cql {
    cluster-name = thp
    keyspace = thehive
  }
}

with:

# SECRET CONFIGURATION
include "/etc/thehive/secret.conf"

# DATABASE CONFIGURATION
db.janusgraph.storage {
  backend = cql
  hostname = ["cassandra"]
  cql {
    cluster-name = thp
    keyspace = thehive
  }
}

# INDEX DATABASE CONFIGURATION
include "/etc/thehive/index.conf"

?

@undebutant
Copy link
Collaborator Author

I've updated the application.conf files following your suggestion @jeromeleonard :)

@undebutant undebutant force-pushed the enable-elasticsearch-authentication branch from 39a5e72 to a0f79f3 Compare April 16, 2025 12:41
@jeromeleonard jeromeleonard merged commit a35a828 into main Apr 25, 2025
@undebutant undebutant deleted the enable-elasticsearch-authentication branch May 16, 2025 11:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jeromeleonard jeromeleonard Awaiting requested review from jeromeleonard

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@undebutant @jeromeleonard