[ https://issues.apache.org/jira/browse/SENSSOFT-325?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Joshua Poore updated SENSSOFT-325: ---------------------------------- Attachment: Screen Shot 2019-01-15 at 9.39.28 PM.png Screen Shot 2019-01-15 at 9.38.36 PM.png > ELK + beats stack <6.5 has known security issues > ------------------------------------------------- > > Key: SENSSOFT-325 > URL: https://issues.apache.org/jira/browse/SENSSOFT-325 > Project: SensSoft > Issue Type: Bug > Components: builds > Affects Versions: SensSoft 1.0 > Reporter: Joshua Poore > Assignee: Joshua Poore > Priority: Major > Fix For: SensSoft 1.0 > > Attachments: ELK_6.5.4_update_POL, Screen Shot 2019-01-15 at 9.38.36 > PM.png, Screen Shot 2019-01-15 at 9.39.28 PM.png > > > Kibana and Elasticsearch both have known security issues related to code > injection and user impersonation. > [https://www.elastic.co/community/security] > Resolution is to upgrade from 6.2.2–>6.5.4. According to documentation, there > are no breaking changes across the same major version. However, X-Pack plugin > must be removed. > Will complete upgrade to E-L-K + B in /docker and test on new branch. > ElasticSearch 6.5.4 Docs: > [https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html] > [https://www.elastic.co/guide/en/elasticsearch/reference/current/breaking-changes-6.5.html] > [https://www.elastic.co/guide/en/kibana/current/docker.html] > [https://www.elastic.co/guide/en/kibana/current/breaking-changes.html] > [https://www.elastic.co/guide/en/logstash/current/docker.html] > [https://www.elastic.co/guide/en/logstash/current/breaking-changes.html] > [https://www.elastic.co/guide/en/logstash/current/upgrading-logstash-pqs.html] > [https://www.elastic.co/guide/en/logstash/current/config-examples.html] > > NOTE: I am NOT touching Kubs configs (will add a test ticket following). > > > > > -- This message was sent by Atlassian JIRA (v7.6.3#76005)