The elasticsearch-syskeygen
command creates a system key file in the
elasticsearch config directory.
bin/elasticsearch-syskeygen [-E <KeyValuePair>] [-h, --help] ([-s, --silent] | [-v, --verbose])
The command generates a system_key
file, which you can use to symmetrically
encrypt sensitive data. For example, you can use this key to prevent Watcher
from returning and storing information that contains clear text credentials. See Encrypting sensitive data in Watcher.
The system key is a symmetric key, so the same key must be used on every node in the cluster.
-E <KeyValuePair>
ES_PATH_CONF
environment variable.
-h, --help
-s, --silent
-v, --verbose
The following command generates a system_key
file in the
default $ES_HOME/config
directory:
bin/elasticsearch-syskeygen