CODEWITHSUNDEEP
.netloggingelasticsearchserilog
Phil
Phil

Reputation: 815

Serilog + serilog-sinks-elasticsearch +ElasticSearch Auth

I am far from being a Dev with any .net experience, but the dev team at work would like to use Serilog along with serilog-sinks-elasticsearch to push logs into my ELK stack.

Looking at the config for serilog-sinks-elasticsearch, there doesn't seem to be any way to send the creds require to write to the ElasticSearch Cluster.

Is this just a dumb ops person question or have I just missed the config somewhere?

Thanks

Upvotes: 21

Views: 17413

Answers (4)

mahdignb
mahdignb

Reputation: 1

If Serilog doesn't sends data to your log server make sure that the version of elastic is compatible with the sink, It took me hours to figure that out :)

Upvotes: 0

Marimout
Marimout

Reputation: 235

If you want to stick with your configuration file (appsettings.json), knowing that you can use the argument connectionGlobalHeaders to specify the login/password, because Elasticsearch use Basic Authentication to authenticate the user.

Something like this:

"Serilog": {
    "WriteTo": [
      {
        "Name": "Elasticsearch",
        "Args": {
          "nodeUris": "https://your-uri",
          "connectionGlobalHeaders": "Authorization=Basic dXNlcm5hbWU6cGFzc3dvcmQ=",
          "indexFormat": "application-log-{0:yyyy.MM}",
          "autoRegisterTemplate": true,
          "autoRegisterTemplateVersion": "ESv7"
        }
      }
    ]
  }

where the part after "Authorization=Basic" is the Base64 string of your "login:password".

Upvotes: 10

Yashvit
Yashvit

Reputation: 2416

I struggled to find a good solution for this too. Adding the username/password to the url definitely does work but somehow doesnt feel right.

This worked for me:

.WriteTo.Elasticsearch(new ElasticsearchSinkOptions(new Uri("https://your-deployment.westeurope.azure.elastic-cloud.com:9243"))
{
  ...,
  ModifyConnectionSettings = x => x.BasicAuthentication("elastic", "your-password"),
})

Upvotes: 43

programmerj
programmerj

Reputation: 1684

Good question....

You might try supplying them as part of the Elasticsearch server/stack URL.

Example:

.WriteTo.Sink(new ElasticsearchSink(new ElasticsearchSinkOptions(new Uri(url))
{
    AutoRegisterTemplate = true
}

where 

url = "https://user:password@stack-server:port"

Upvotes: 10

Related Questions