Logstash “Elasticsearch” output plugin does not support SSL client certificates #672
Description
Plugin version: v7.4.0
Released on: 2017-08-21
Hello team,
This is more of a feature request and not an issue..
I've noticed the Elasticsearch output plugin does not offer configuration for client certificate so that the Logstash pipeline can also authenticate with a client certificate.
Here's my case: I am evaluating X-Pack and PKI realms for a centralized logging POC solution for our company. My intention was to implement mutual authentication between beats and Logstash and between Logstash and Elasticsearch .
I would like to have separate Beats and Logstash instance per each application server so that I can later configure role based access for each Logstash pipeline and isolate the data from different applications(projects)
I was surprised to learn that the elasticsearch output configuration doesn't offer client certificate options but only options to configure certification authority (either cacert path or in java truststore) to verify the Elasticsearch server cert.
Is this something that I can possibly implement by editing \vendor\bundle\jruby\1.9\gems\logstash-output-elasticsearch-7.3.8-java\lib\logstash\outputs\elasticsearch*http_client_builder.rb* or any other file?