Elasticsearch Scripts & Search Guard
These scripts were created over the first year we worked with Elasticsearch. During the last quarter of that year we implemented Search Guard, an enterprise grade security system that has a gratis option that provides a single tenant security model suitable for small teams, as one might find in an academic setting.
The configuration is simple - you'll need one of the following in your ~/.profile
Elasticsearch uses plain ol' http by default, Search Guard requires TLS. The $ELKHOST variable contains whatever hostname or IP address you use, a colon, and then the port Elasticsearch is using for API access. This is never going to be 9300 - that's the node to node communication port for clusters.
If you're running a basic Elasticsearch install, that's it. Don't forget to log out/log back in to make the $ELKHOST environment variable active.
If you implement Search Guard, you'll also need something in $ELKAUTH.
export ELKAUTH " --insecure -u admin:password "
This variable requires the leading and trailing spaces. Don't put goofy special chars in your password unless you understand how shell escapes work. The --insecure option tells the system to ignore any problems with self signed certiicates. That configuration is what you'll have if you install the Search Guard demo.
Much of what is in this repo could be deprecated if we got focused about including some checks and Elastic config stuff in the Python code base. Even so, creating these was an invaluable learning experience and we're probably going to leave them around for others who are climbing the Elasticsearch learning curve.
If you truly need to get some work done with this system, it is STRONGLY advised that you obtain Elasticsearch: The Definitive Guide, by Clinton Gormley and Zachary Tong. Everything we know about creating and scaling Elasticsearch clusters came from this book - it's 690 pages of dense, well organized, well written wisdom regarding a complex, powerful distributed application.