Sentinel leverages Kibana, a browser-based analytics and search dashboard, which helps you to visualize events and alerts on the dashboard. Sentinel stores and indexes alert in Elasticsearch. You can configure Sentinel to store and index events in Elasticsearch to leverage event visualization capabilities. Sentinel dashboard access data from Elasticsearch to present events and alerts on the dashboard.
From the 8.4.0.0 version of the Sentinel, security is enabled in the Elasticsearch by default without requiring the user to install any extra plug-in for the Elasticsearch. Hence, the dashboard displays only the data that a user’s role is authorized to view, and any unauthorized data access to Elasticsearch is prevented. Now, node-to-node encryption is also enabled in Elasticsearch by default. It prevents potential attackers from intercepting traffic between Elasticsearch nodes and keeps the cluster secure always and it helps to reduce the risk from network-based attacks.