When you create or restart a tenant account, Cortex XSOAR checks
if the role and user for the tenant already exists (based on the
tenant name). If the role and user don't exist, they are created.
The user is created with a 32-character password that contains capital
letters, lower-case letters, numbers, and special characters.
The password is then stored in the configuration file and encrypted
using the route
Enable security features in Elasticsearch
In order to automatically generate unique credentials
for each tenant account's index, in your
you need to add the following key:
the Elasticsearch service configuration file. It is not stored in
the demisto folder and can exist in varied places.
If you do not enable XPack security the tenant accounts will
inherit the credentials of the main account. You can still create
or restart a tenant account but will receive the following warning:
security (xpack) is not active. Will not set account user. Enable security by setting [xpack.security.enabled] to [true] in the elasticsearch.yml file and restart the node
Disable security features
If you enabled security features in Elasticsearch, you
can create a server configuration in Cortex XSOAR that will override
and disable the security features.