Add ELK Security

[policy/engine.git] / packages / base / src / files / install / elk / config / elasticsearch.yml

diff --git a/packages/base/src/files/install/elk/config/elasticsearch.yml b/packages/base/src/files/install/elk/config/elasticsearch.yml
index d9e8868..ec6def0 100644 (file)
--- a/packages/base/src/files/install/elk/config/elasticsearch.yml
+++ b/packages/base/src/files/install/elk/config/elasticsearch.yml
@@ -54,7 +54,8 @@ path.logs: ${{POLICY_HOME}}/logs
 #
 # Set the bind address to a specific IP (IPv4 or IPv6):
 #
-#network.host: 192.168.0.1
+# Only allow to run on localhost so it can't be queried from outside
+network.bind_host: ["_local_"]
 #
 # Set a custom port for HTTP:
 #