opensearch-docs-cn/_security-plugin/configuration/system-indices.md

---
layout: default
title: System indices
parent: Configuration
nav_order: 15
---

# System indices

By default, OpenSearch has a protected system index, `.opendistro_security`, which you create using [securityadmin.sh]({{site.url}}{{site.baseurl}}/security-plugin/configuration/security-admin/). Even if your user account has read permissions for all indices, you can't directly access the data in this system index.

You can add additional system indices in in `opensearch.yml`. In addition to automatically creating `.opendistro_security`, the demo configuration adds several indices for the various OpenSearch plugins that integrate with the security plugin:

```yml
plugins.security.system_indices.enabled: true
plugins.security.system_indices.indices: [".opendistro-alerting-config", ".opendistro-alerting-alert*", ".opendistro-anomaly-results*", ".opendistro-anomaly-detector*", ".opendistro-anomaly-checkpoints", ".opendistro-anomaly-detection-state", ".opendistro-reports-*", ".opendistro-notifications-*", ".opendistro-notebooks", ".opendistro-asynchronous-search-response*"]
```

To access these indices, you must authenticate with an [admin certificate]({{site.url}}{{site.baseurl}}/security-plugin/configuration/tls#configure-admin-certificates):

```bash
curl -k --cert ./kirk.pem --key ./kirk-key.pem -XGET 'https://localhost:9200/.opendistro_security/_search'
```

The alternative is to remove indices from the `plugins.security.system_indices.indices` list on each node and restart OpenSearch.
Breaks site 2021-05-28 10:48:19 -07:00			`---`
			`layout: default`
Improve self-signed certificate script 2021-08-17 12:46:50 -07:00			`title: System indices`
Breaks site 2021-05-28 10:48:19 -07:00			`parent: Configuration`
			`nav_order: 15`
			`---`

			`# System indices`

changeit 2021-06-18 08:57:53 -07:00			By default, OpenSearch has a protected system index, `.opendistro_security`, which you create using [securityadmin.sh]({{site.url}}{{site.baseurl}}/security-plugin/configuration/security-admin/). Even if your user account has read permissions for all indices, you can't directly access the data in this system index.
Breaks site 2021-05-28 10:48:19 -07:00
changeit 2021-06-18 08:57:53 -07:00			You can add additional system indices in in `opensearch.yml`. In addition to automatically creating `.opendistro_security`, the demo configuration adds several indices for the various OpenSearch plugins that integrate with the security plugin:
Breaks site 2021-05-28 10:48:19 -07:00
			```yml
Updates security settings 2021-06-08 15:35:12 -07:00			`plugins.security.system_indices.enabled: true`
			`plugins.security.system_indices.indices: [".opendistro-alerting-config", ".opendistro-alerting-alert", ".opendistro-anomaly-results", ".opendistro-anomaly-detector", ".opendistro-anomaly-checkpoints", ".opendistro-anomaly-detection-state", ".opendistro-reports-", ".opendistro-notifications-", ".opendistro-notebooks", ".opendistro-asynchronous-search-response"]`
Breaks site 2021-05-28 10:48:19 -07:00			```

Fix anchor links 2021-06-10 12:26:41 -07:00			`To access these indices, you must authenticate with an [admin certificate]({{site.url}}{{site.baseurl}}/security-plugin/configuration/tls#configure-admin-certificates):`
Breaks site 2021-05-28 10:48:19 -07:00
			```bash
changeit 2021-06-18 08:57:53 -07:00			`curl -k --cert ./kirk.pem --key ./kirk-key.pem -XGET 'https://localhost:9200/.opendistro_security/_search'`
Breaks site 2021-05-28 10:48:19 -07:00			```

Updates security settings 2021-06-08 15:35:12 -07:00			The alternative is to remove indices from the `plugins.security.system_indices.indices` list on each node and restart OpenSearch.