Add ELK Security

[policy/engine.git] / packages / base / src / files / install / elk / config / elasticsearch.yml

diff --git a/packages/base/src/files/install/elk/config/elasticsearch.yml b/packages/base/src/files/install/elk/config/elasticsearch.yml
index b890bb1..ec6def0 100644 (file)
--- a/packages/base/src/files/install/elk/config/elasticsearch.yml
+++ b/packages/base/src/files/install/elk/config/elasticsearch.yml
@@ -54,8 +54,8 @@ path.logs: ${{POLICY_HOME}}/logs
 #
 # Set the bind address to a specific IP (IPv4 or IPv6):
 #
-#network.host: 192.168.0.1
-network.host: ["${{ELK_NETWORK_HOST}}", "127.0.0.1"]
+# Only allow to run on localhost so it can't be queried from outside
+network.bind_host: ["_local_"]
 #
 # Set a custom port for HTTP:
 #
@@ -88,4 +88,4 @@ network.host: ["${{ELK_NETWORK_HOST}}", "127.0.0.1"]
 #
 # Require explicit names when deleting indices:
 #
-#action.destructive_requires_name: true
\ No newline at end of file
+#action.destructive_requires_name: true