Elasticsearch Replication

Sandfly supports the replication of results data to an external Elasticsearch database for independent long-term storage and analysis.

ℹ️

INFO: Upgrade Feature - Elastic Replication

The ability to configure and use Elastic Replication requires an upgraded plan. Please see https://www.sandflysecurity.com/get-sandfly/ for details.

This server configuration tab contains the following settings that can be edited:

• Elastic Replication Enabled - Set it to true to enable access to the Elasticsearch Replication settings.
• Elastic Replication URL - The replication URL of the external Elasticsearch server, which must be in a standard URL format of ://: like in the reference image.
• Server CA Certificate (optional) - If the external Elasticsearch server uses a certificate from a private CA or is self-signed, provide the trusted certificate in PEM format in this field.
• Username (optional) - If authentication is used, the external Elasticsearch username to connect as.
• Password (optional) - If authentication is used, the external Elasticsearch password associated with the specified username.