markmcdowell / NLog.Targets.ElasticSearch

NLog target for Elasticsearch
MIT License
176 stars 89 forks source link

Best practices with setting up authorization #150

Closed fairking closed 2 years ago

fairking commented 3 years ago

Can someone please give some advice regarding the authorization?

I have elasticsearch separate from all my instances (different server). I am thinking about setting up the user and the role to be able to write logs by all my instances. What is the best practice to do so?

I don't want to use elastic user. I tried to create a new user and set the logstash_system role, but the NLog says there are not enough of permissions. Which role or permissions do I need to set on that my_logger user?

var elasticSearchTarget = new AsyncTargetWrapper {
                        Name = "asyncElasticsearch",
                        QueueLimit = 5000,
                        BatchSize = 100,
                        TimeToSleepBetweenBatches = 5000,
                        WrappedTarget = new NLog.Targets.ElasticSearch.ElasticSearchTarget()
                        {
                            Name = "elasticsearch",
                            Uri = AppConfigService.ElasticSearchUrl,
                            Index = "logs-${var:instance_name}-${var:version_number}-${date:format=yyyy.MM.dd}",
                            RequireAuth = true,
                            Username = "my_logger",
                            Password = "MyP@$$W0rd",
                        },
                    };
cfg.AddRule(tdzMinLevel, LogLevel.Fatal, elasticSearchTarget);

Any thoughts guys?

stale[bot] commented 3 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.