In the Configuring email accounts section of the Watcher docs, it states:
Currently, neither Watcher nor Shield provide a mechanism to encrypt
settings in elasticsearch.yml. Because the email account credentials appear
in plain text, you should limit access to elasticsearch.yml to the user that
you use to run Elasticsearch.
However, the keystore now provides a mechanism for encrypting these credentials. We should consider removing or updating this admonition.
In the Configuring email accounts section of the Watcher docs, it states:
However, the keystore now provides a mechanism for encrypting these credentials. We should consider removing or updating this admonition.