2017-11-16 18:40:51 -05:00
[role="xpack"]
2018-06-06 10:49:15 -04:00
[testenv="gold+"]
2017-11-16 18:40:51 -05:00
[[syskeygen]]
2018-04-11 11:41:22 -04:00
== elasticsearch-syskeygen
2017-11-16 18:40:51 -05:00
2018-04-11 11:41:22 -04:00
The `elasticsearch-syskeygen` command creates a system key file in the
elasticsearch config directory.
2017-11-16 18:40:51 -05:00
[float]
=== Synopsis
[source,shell]
--------------------------------------------------
2018-04-11 11:41:22 -04:00
bin/elasticsearch-syskeygen
2017-11-16 18:40:51 -05:00
[-E <KeyValuePair>] [-h, --help]
([-s, --silent] | [-v, --verbose])
--------------------------------------------------
[float]
=== Description
2017-11-20 11:44:43 -05:00
The command generates a `system_key` file, which you can use to symmetrically
encrypt sensitive data. For example, you can use this key to prevent {watcher}
from returning and storing information that contains clear text credentials. See {xpack-ref}/encrypting-data.html[Encrypting sensitive data in {watcher}].
2017-11-16 18:40:51 -05:00
2017-11-20 11:44:43 -05:00
IMPORTANT: The system key is a symmetric key, so the same key must be used on
every node in the cluster.
2017-11-16 18:40:51 -05:00
[float]
=== Parameters
2017-11-20 11:44:43 -05:00
`-E <KeyValuePair>`:: Configures a setting. For example, if you have a custom
installation of {es}, you can use this parameter to specify the `ES_PATH_CONF`
environment variable.
2017-11-16 18:40:51 -05:00
`-h, --help`:: Returns all of the command parameters.
`-s, --silent`:: Shows minimal output.
`-v, --verbose`:: Shows verbose output.
2017-11-20 11:44:43 -05:00
2017-11-16 18:40:51 -05:00
[float]
=== Examples
2017-11-20 11:44:43 -05:00
The following command generates a `system_key` file in the
2018-05-14 16:07:27 -04:00
default `$ES_HOME/config` directory:
2017-11-16 18:40:51 -05:00
[source, sh]
--------------------------------------------------
2018-04-11 11:41:22 -04:00
bin/elasticsearch-syskeygen
2017-11-16 18:40:51 -05:00
--------------------------------------------------
