Elastic Cloud Credentials

Description

General

• Documentation: https://www.elastic.co/guide/en/cloud/current/index.html
• Summary: Elastic Cloud is an Elastic hosting service. The URI found by the detector enables to access a cluster.
• IPs allowlist: IPs can be restricted with Traffic Filters rules.
• Scopes: Yes. Users with different roles can be managed through Kibana.

Revoke the secret

To reset the password, go to the Security tab on the console and click on Reset Password.

Check for suspicious activity

Logs can be accessed through the Logs and metrics tab in the console.

Details for Elastic cloud uri

• Family: Database

• Category: Data storage

• Company: Elastic

• High recall: True

• Validity check available: True

• On-premise instances exist: False

• Only valid secrets raise an alert: False

• Minimum number of matches: 8

• Occurrences found for one million commits: 1.27

• Prefixed: True

• PreValidators:

- type: FilenameBanlistPreValidator  banlist_extensions: []  banlist_filenames: []  check_binaries: false  include_default_banlist_extensions: true  ban_markup: false- type: ContentWhitelistPreValidator  patterns:  - \.(gcp|aws)\.(found\.io|cloud\.es\.io)- type: ContentWhitelistPreValidator  patterns:  - https?://

Examples

- text: |    "elasticsearch": {    -    "url": "http://localhost:9200/",    +    "url": "https://elastic:p92iamsUdFsNDn4JMooOlHHH@802bb6d77d8244c482aa8ee1f1f4d555.eu-central-1.aws.cloud.es.io:9243/",      "index": "polyglot-test"}
  connection_uri: https://elastic:p92iamsUdFsNDn4JMooOlHHH@802bb6d77d8244c482aa8ee1f1f4d555.eu-central-1.aws.cloud.es.io:9243  scheme: https  username: elastic  password: p92iamsUdFsNDn4JMooOlHHH  host: 802bb6d77d8244c482aa8ee1f1f4d555.eu-central-1.aws.cloud.es.io  port: "9243"
# Test special characters in password- text: |    "elasticsearch": {    -    "url": "http://localhost:9200/",    +    "url": "https://elastic:p92!@msUdFsNDn4JMooOlHHH@802bb6d77d8244c482aa8ee1f1f4d555.eu-central-1.aws.cloud.es.io:9243/",      "index": "polyglot-test"}
  connection_uri: https://elastic:p92!@msUdFsNDn4JMooOlHHH@802bb6d77d8244c482aa8ee1f1f4d555.eu-central-1.aws.cloud.es.io:9243  scheme: https  username: elastic  password: p92!@msUdFsNDn4JMooOlHHH  host: 802bb6d77d8244c482aa8ee1f1f4d555.eu-central-1.aws.cloud.es.io  port: "9243"
# Test detection in md files- text: |    "elasticsearch": {    -    "url": "http://localhost:9200/",    +    "url": "https://elastic:p92!@msUdFsNDn4JMooOlHHH@802bb6d77d8244c482aa8ee1f1f4d555.eu-central-1.aws.cloud.es.io:9243/",      "index": "polyglot-test"}
  connection_uri: https://elastic:p92!@msUdFsNDn4JMooOlHHH@802bb6d77d8244c482aa8ee1f1f4d555.eu-central-1.aws.cloud.es.io:9243  scheme: https  username: elastic  password: p92!@msUdFsNDn4JMooOlHHH  host: 802bb6d77d8244c482aa8ee1f1f4d555.eu-central-1.aws.cloud.es.io  port: "9243"  filename: some_file.md