[
https://issues.apache.org/jira/browse/SENSSOFT-325?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16743611#comment-16743611
]
Joshua Poore commented on SENSSOFT-325:
---------------------------------------
Changes pushed to incubator-senssoft/SENSSOFT-325 branch with updates to
README. Will merge tomorrow.
> ELK + beats stack <6.5 has known security issues
> -------------------------------------------------
>
> Key: SENSSOFT-325
> URL: https://issues.apache.org/jira/browse/SENSSOFT-325
> Project: SensSoft
> Issue Type: Bug
> Components: builds
> Affects Versions: SensSoft 1.0
> Reporter: Joshua Poore
> Assignee: Joshua Poore
> Priority: Major
> Fix For: SensSoft 1.0
>
> Attachments: ELK_6.5.4_update_POL, Screen Shot 2019-01-15 at 9.38.36
> PM.png, Screen Shot 2019-01-15 at 9.39.28 PM.png
>
>
> Kibana and Elasticsearch both have known security issues related to code
> injection and user impersonation.
> [https://www.elastic.co/community/security]
> Resolution is to upgrade from 6.2.2–>6.5.4. According to documentation, there
> are no breaking changes across the same major version. However, X-Pack plugin
> must be removed.
> Will complete upgrade to E-L-K + B in /docker and test on new branch.
> ElasticSearch 6.5.4 Docs:
> [https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html]
> [https://www.elastic.co/guide/en/elasticsearch/reference/current/breaking-changes-6.5.html]
> [https://www.elastic.co/guide/en/kibana/current/docker.html]
> [https://www.elastic.co/guide/en/kibana/current/breaking-changes.html]
> [https://www.elastic.co/guide/en/logstash/current/docker.html]
> [https://www.elastic.co/guide/en/logstash/current/breaking-changes.html]
> [https://www.elastic.co/guide/en/logstash/current/upgrading-logstash-pqs.html]
> [https://www.elastic.co/guide/en/logstash/current/config-examples.html]
>
> NOTE: I am NOT touching Kubs configs (will add a test ticket following).
>
>
>
>
>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
