Elasticsearch credentials are printed in startup log #4804
When starting Graylog, the full URI to all Elasticsearch servers in the pool is printed and it includes the authentication credentials.
Authentication credentials should never be printed anywhere.
The text was updated successfully, but these errors were encountered:
As a best practice, access credentials such as the user info in the URI of Elasticsearch node URIs should never be logged in plaintext. Refs Graylog2/graylog2-server#4804