Command Summary | Utimaco Integration Guides

Command	Purpose
`.\elasticsearch-certutil.bat ca`	Generates a new Certificate Authority (CA) for securing Elasticsearch HTTP/transport communication.
`openssl pkcs12 -in elastic-stack-ca.p12 -out ca.crt -cacerts -nokeys`	Extracts the CA certificate from the PKCS#12 file to a `.crt` format for use with Filebeat or Logstash.
`.\elasticsearch-certutil.bat cert --ca .\elastic-stack-ca.p12`	Generates a new node certificate signed by the existing CA.
`elasticsearch-certutil.bat cert --ca <path-to-ca.p12> --in instance.yml --out certs.zip --pem`	Creates node certificates (PEM format) based on `instance.yml`, including SAN entries for TLS.
`.\elasticsearch-reset-password.bat -u elastic`	Resets the password for the built-in `elastic` superuser account.
`.\elasticsearch-users.bat useradd <username> -p <password> -r superuser`	Creates a new Elasticsearch user and assigns the `superuser` role.
`netsh advfirewall firewall add rule name="Syslog UDP 514" dir=in action=allow protocol=UDP localport=514`	Allows inbound Syslog traffic on UDP port 514 for Filebeat log ingestion.
`netsh advfirewall firewall add rule name="Syslog TCP 514" dir=in action=allow protocol=TCP localport=514`	Allows inbound Syslog traffic on TCP port 514 for Filebeat log ingestion.
`cd "C:\Program Files\Filebeat"`	Navigates to the Filebeat installation directory.
`.\filebeat.exe setup`	Loads Filebeat index templates, ILM policies, workflows, and Kibana dashboards into Elasticsearch.
`.\filebeat.exe -e`	Runs Filebeat in the foreground with console logging for debugging.
`Set-ExecutionPolicy -Scope Process -ExecutionPolicy Bypass`	Allows execution of Filebeat installation scripts in the current PowerShell session.
`.\install-service-filebeat.ps1`	Installs Filebeat as a Windows service.
`Start-Service filebeat`	Starts the Filebeat Windows service.
`Get-Service filebeat`	Displays the current status of the Filebeat service.
`Restart-Service Filebeat`	Restarts the Filebeat service to apply configuration changes.
`Get-Content "C:\ProgramData\filebeat\logs\filebeat" -Wait`	Tails Filebeat logs in real time for troubleshooting.
`netstat -ano \| findstr 514`	To verify whether Syslog port 514 (UDP/TCP) is open and listening, and to identify which process is using that port.
`.\filebeat.exe test config`	Validates the Filebeat configuration file for syntax or YAML errors.

Elasticsearch CLI commands