From be506ddcb3960705c7348ed13702ebf1b982851c Mon Sep 17 00:00:00 2001 From: michel-laterman Date: Wed, 10 Nov 2021 09:56:38 -0800 Subject: [PATCH] add security note --- auditbeat/auditbeat.reference.yml | 1 + filebeat/filebeat.reference.yml | 1 + heartbeat/heartbeat.reference.yml | 1 + journalbeat/journalbeat.reference.yml | 1 + libbeat/_meta/config/http.reference.yml.tmpl | 1 + metricbeat/metricbeat.reference.yml | 1 + packetbeat/packetbeat.reference.yml | 1 + winlogbeat/winlogbeat.reference.yml | 1 + x-pack/auditbeat/auditbeat.reference.yml | 1 + x-pack/filebeat/filebeat.reference.yml | 1 + x-pack/functionbeat/functionbeat.reference.yml | 1 + x-pack/heartbeat/heartbeat.reference.yml | 1 + x-pack/metricbeat/metricbeat.reference.yml | 1 + x-pack/osquerybeat/osquerybeat.reference.yml | 1 + x-pack/packetbeat/packetbeat.reference.yml | 1 + x-pack/winlogbeat/winlogbeat.reference.yml | 1 + 16 files changed, 16 insertions(+) diff --git a/auditbeat/auditbeat.reference.yml b/auditbeat/auditbeat.reference.yml index 827a2519c0e..3d1435314b4 100644 --- a/auditbeat/auditbeat.reference.yml +++ b/auditbeat/auditbeat.reference.yml @@ -1633,6 +1633,7 @@ logging.files: #http.named_pipe.security_descriptor: # Defines if the HTTP pprof endpoints are enabled. +# It is recommended that this is only enabled on localhost as these endpoints may leak data. #http.pprof.enabled: false # ============================== Process Security ============================== diff --git a/filebeat/filebeat.reference.yml b/filebeat/filebeat.reference.yml index abb056c654e..dc7250e402c 100644 --- a/filebeat/filebeat.reference.yml +++ b/filebeat/filebeat.reference.yml @@ -2545,6 +2545,7 @@ logging.files: #http.named_pipe.security_descriptor: # Defines if the HTTP pprof endpoints are enabled. +# It is recommended that this is only enabled on localhost as these endpoints may leak data. #http.pprof.enabled: false # ============================== Process Security ============================== diff --git a/heartbeat/heartbeat.reference.yml b/heartbeat/heartbeat.reference.yml index 5ea028e3be0..1eb37188303 100644 --- a/heartbeat/heartbeat.reference.yml +++ b/heartbeat/heartbeat.reference.yml @@ -1779,6 +1779,7 @@ logging.files: #http.named_pipe.security_descriptor: # Defines if the HTTP pprof endpoints are enabled. +# It is recommended that this is only enabled on localhost as these endpoints may leak data. #http.pprof.enabled: false # ============================== Process Security ============================== diff --git a/journalbeat/journalbeat.reference.yml b/journalbeat/journalbeat.reference.yml index ed6c7582b65..5058ed19cce 100644 --- a/journalbeat/journalbeat.reference.yml +++ b/journalbeat/journalbeat.reference.yml @@ -1576,6 +1576,7 @@ logging.files: #http.named_pipe.security_descriptor: # Defines if the HTTP pprof endpoints are enabled. +# It is recommended that this is only enabled on localhost as these endpoints may leak data. #http.pprof.enabled: false # ============================== Process Security ============================== diff --git a/libbeat/_meta/config/http.reference.yml.tmpl b/libbeat/_meta/config/http.reference.yml.tmpl index 93afc56bb03..ccf85bb6189 100644 --- a/libbeat/_meta/config/http.reference.yml.tmpl +++ b/libbeat/_meta/config/http.reference.yml.tmpl @@ -24,4 +24,5 @@ #http.named_pipe.security_descriptor: # Defines if the HTTP pprof endpoints are enabled. +# It is recommended that this is only enabled on localhost as these endpoints may leak data. #http.pprof.enabled: false diff --git a/metricbeat/metricbeat.reference.yml b/metricbeat/metricbeat.reference.yml index 3799b8d5c39..d78e42dcf8c 100644 --- a/metricbeat/metricbeat.reference.yml +++ b/metricbeat/metricbeat.reference.yml @@ -2456,6 +2456,7 @@ logging.files: #http.named_pipe.security_descriptor: # Defines if the HTTP pprof endpoints are enabled. +# It is recommended that this is only enabled on localhost as these endpoints may leak data. #http.pprof.enabled: false # ============================== Process Security ============================== diff --git a/packetbeat/packetbeat.reference.yml b/packetbeat/packetbeat.reference.yml index 016b96fc1d6..3377abc029a 100644 --- a/packetbeat/packetbeat.reference.yml +++ b/packetbeat/packetbeat.reference.yml @@ -2128,6 +2128,7 @@ logging.files: #http.named_pipe.security_descriptor: # Defines if the HTTP pprof endpoints are enabled. +# It is recommended that this is only enabled on localhost as these endpoints may leak data. #http.pprof.enabled: false # ============================== Process Security ============================== diff --git a/winlogbeat/winlogbeat.reference.yml b/winlogbeat/winlogbeat.reference.yml index d965dd07b7d..77886958368 100644 --- a/winlogbeat/winlogbeat.reference.yml +++ b/winlogbeat/winlogbeat.reference.yml @@ -1556,6 +1556,7 @@ logging.files: #http.named_pipe.security_descriptor: # Defines if the HTTP pprof endpoints are enabled. +# It is recommended that this is only enabled on localhost as these endpoints may leak data. #http.pprof.enabled: false # ============================== Process Security ============================== diff --git a/x-pack/auditbeat/auditbeat.reference.yml b/x-pack/auditbeat/auditbeat.reference.yml index 76450fdb847..bab59c339c1 100644 --- a/x-pack/auditbeat/auditbeat.reference.yml +++ b/x-pack/auditbeat/auditbeat.reference.yml @@ -1689,6 +1689,7 @@ logging.files: #http.named_pipe.security_descriptor: # Defines if the HTTP pprof endpoints are enabled. +# It is recommended that this is only enabled on localhost as these endpoints may leak data. #http.pprof.enabled: false # ============================== Process Security ============================== diff --git a/x-pack/filebeat/filebeat.reference.yml b/x-pack/filebeat/filebeat.reference.yml index bc1b51fac38..428230017f7 100644 --- a/x-pack/filebeat/filebeat.reference.yml +++ b/x-pack/filebeat/filebeat.reference.yml @@ -4698,6 +4698,7 @@ logging.files: #http.named_pipe.security_descriptor: # Defines if the HTTP pprof endpoints are enabled. +# It is recommended that this is only enabled on localhost as these endpoints may leak data. #http.pprof.enabled: false # ============================== Process Security ============================== diff --git a/x-pack/functionbeat/functionbeat.reference.yml b/x-pack/functionbeat/functionbeat.reference.yml index 012ea8b5db2..4b6dab7943f 100644 --- a/x-pack/functionbeat/functionbeat.reference.yml +++ b/x-pack/functionbeat/functionbeat.reference.yml @@ -1427,6 +1427,7 @@ logging.files: #http.named_pipe.security_descriptor: # Defines if the HTTP pprof endpoints are enabled. +# It is recommended that this is only enabled on localhost as these endpoints may leak data. #http.pprof.enabled: false # ============================== Process Security ============================== diff --git a/x-pack/heartbeat/heartbeat.reference.yml b/x-pack/heartbeat/heartbeat.reference.yml index 5ea028e3be0..1eb37188303 100644 --- a/x-pack/heartbeat/heartbeat.reference.yml +++ b/x-pack/heartbeat/heartbeat.reference.yml @@ -1779,6 +1779,7 @@ logging.files: #http.named_pipe.security_descriptor: # Defines if the HTTP pprof endpoints are enabled. +# It is recommended that this is only enabled on localhost as these endpoints may leak data. #http.pprof.enabled: false # ============================== Process Security ============================== diff --git a/x-pack/metricbeat/metricbeat.reference.yml b/x-pack/metricbeat/metricbeat.reference.yml index ec7bb97eb62..bcece50b832 100644 --- a/x-pack/metricbeat/metricbeat.reference.yml +++ b/x-pack/metricbeat/metricbeat.reference.yml @@ -2977,6 +2977,7 @@ logging.files: #http.named_pipe.security_descriptor: # Defines if the HTTP pprof endpoints are enabled. +# It is recommended that this is only enabled on localhost as these endpoints may leak data. #http.pprof.enabled: false # ============================== Process Security ============================== diff --git a/x-pack/osquerybeat/osquerybeat.reference.yml b/x-pack/osquerybeat/osquerybeat.reference.yml index 901517007ca..13dfcc2089e 100644 --- a/x-pack/osquerybeat/osquerybeat.reference.yml +++ b/x-pack/osquerybeat/osquerybeat.reference.yml @@ -1146,6 +1146,7 @@ logging.files: #http.named_pipe.security_descriptor: # Defines if the HTTP pprof endpoints are enabled. +# It is recommended that this is only enabled on localhost as these endpoints may leak data. #http.pprof.enabled: false # ============================== Process Security ============================== diff --git a/x-pack/packetbeat/packetbeat.reference.yml b/x-pack/packetbeat/packetbeat.reference.yml index 016b96fc1d6..3377abc029a 100644 --- a/x-pack/packetbeat/packetbeat.reference.yml +++ b/x-pack/packetbeat/packetbeat.reference.yml @@ -2128,6 +2128,7 @@ logging.files: #http.named_pipe.security_descriptor: # Defines if the HTTP pprof endpoints are enabled. +# It is recommended that this is only enabled on localhost as these endpoints may leak data. #http.pprof.enabled: false # ============================== Process Security ============================== diff --git a/x-pack/winlogbeat/winlogbeat.reference.yml b/x-pack/winlogbeat/winlogbeat.reference.yml index 45bb2165032..09afd2e6208 100644 --- a/x-pack/winlogbeat/winlogbeat.reference.yml +++ b/x-pack/winlogbeat/winlogbeat.reference.yml @@ -1599,6 +1599,7 @@ logging.files: #http.named_pipe.security_descriptor: # Defines if the HTTP pprof endpoints are enabled. +# It is recommended that this is only enabled on localhost as these endpoints may leak data. #http.pprof.enabled: false # ============================== Process Security ==============================