API Key Authentication Setup
Create an API key for OpenSearch authentication- Log in to your OpenSearch cluster
- Navigate to Security > API Keys
- Click ‘Create API Key’
- Select permissions: indices:data/read/*
- Copy the generated API key immediately
- Enter your OpenSearch endpoint (e.g., https://search-logs-prod.us-west-2.es.amazonaws.com)
- Enter your index pattern (e.g., logs-, app-logs-)
IAM Role Authentication Setup
Configure IAM role for AWS OpenSearch Service- Log in to AWS Console
- Navigate to IAM > Roles
- Create or select an IAM role with OpenSearch permissions (es:ESHttpGet, es:ESHttpPost)
- Configure the role’s trust relationship to trust Deductive’s AWS account
- Note the Role ARN (format: arn:aws:iam::[0-9]:role/YourRoleName)
- Enter your OpenSearch endpoint (e.g., https://search-prod-logs.us-east-1.es.amazonaws.com)
- Enter your index pattern (e.g., logs-*)
Username/Password Authentication Setup
Use basic authentication with OpenSearch- Ensure your OpenSearch cluster has internal user database enabled
- Create a user in OpenSearch Security
- Assign appropriate roles to the user
- Note the username and password
- Enter your OpenSearch endpoint (e.g., https://opensearch.internal:9200)
- Enter your index pattern (e.g., logs-, app-logs-)
Field Reference
The following fields are used when configuring this integration:- API Key (
Api Key) - OpenSearch Endpoint (
Host) - Index or Index Pattern (
Index) - Password (
Password) - Role ARN (
Role arn) - Username (
Username)