Verifying Smart Beat Manager
Smart Beat Manager manages configurations for Smart Beat applications - specifically the running configurations of Elastic Beats (Filebeat, Metricbeat, Auditbeat, etc.) that collect logs, metrics, and security events, sending them to Logstash or OpenSearch.
Smart Beat Manager Configuration Verification
The configuration file is located at: ${SBM_HOME}/etc/config.yml (or ${SBM_HOME}/etc/smartBeatManager.yml for older versions)
Verify the authorization and SSL parameters are correctly configured:
authorization:
opensearch:
host: https://OS_HOST:9200
ca_cert: ca-cert.pem
ssl:
enabled: true
smartBeatTLSLevel: 4
certPath: cert.pem
keyPath: key.pem
When using an alternative CA, you must ensure that the client certificate chain was added during the configuration stage. If the chain was not added, it must be created, and the cert.pem and key.pem files must be generated.
Verify all Smart Beat Manager application configurations: Confirm correct certificate paths in the config file Ensure up-to-date CA certificates are being used.
Smart Beat Configuration Verification
Configuration file locations:
Unix: ${SB_HOME}/config/config.yml
Windows: C:/Program Files/smartBeat/config/config.yml
Example Unix configuration:
ssl:
cert_ca: ./cert/ca-cert.pem
enable: true
node_cert: ./cert/cert.pem
node_key: ./cert/key.pem
verify: true
Example Windows configuration:
ssl:
cert_ca: C:/Program Files/smartBeat/cert/ca-cert.pem
enable: true
node_cert: C:/Program Files/smartBeat/cert/node-cert.pem
node_key: C:/Program Files/smartBeat/cert/node-key.pem
verify: true
When using an alternative CA, you need to make sure that the client certificate chain was added at the configuration stage. If the chain has not been added, it must be formed and the files cert.pem and key.pem must be generated.
Check the Smart Beat application configurations, make sure that the correct certificate paths are specified in the configuration file, and that the current CA certificates are used.