diff --git a/roles/elasticstack/defaults/main.yml b/roles/elasticstack/defaults/main.yml
index ee14ca30..819934c0 100644
--- a/roles/elasticstack/defaults/main.yml
+++ b/roles/elasticstack/defaults/main.yml
@@ -25,6 +25,7 @@ elasticstack_security: true
 elasticstack_variant: elastic
 elasticstack_force_pip: false
 elasticstack_manage_pip: false
+elasticstack_encryption_key_size: 64
 
   # for debugging only
 elasticstack_no_log: true
diff --git a/roles/kibana/defaults/main.yml b/roles/kibana/defaults/main.yml
index 725d70f5..5e981cac 100644
--- a/roles/kibana/defaults/main.yml
+++ b/roles/kibana/defaults/main.yml
@@ -14,6 +14,7 @@ kibana_cert_validity_period: 1095
 kibana_cert_will_expire_soon: false
 kibana_sniff_on_start: false
 kibana_sniff_on_connection_fault: false
+kibana_custom_default_index: 979390d0-3def-11ea-ad1f-5b09c073c7d3
 
 kibana_freshstart:
   changed: false
diff --git a/roles/kibana/tasks/kibana-default-index.yml b/roles/kibana/tasks/kibana-default-index.yml
new file mode 100644
index 00000000..56cdbaaa
--- /dev/null
+++ b/roles/kibana/tasks/kibana-default-index.yml
@@ -0,0 +1,16 @@
+---
+
+- name: Set Custom Default Index
+  ansible.builtin.uri:
+    url: 'http://{{ ansible_default_ipv4.address }}:5601/api/kibana/settings'
+    method: POST
+    body:
+      changes:
+        defaultIndex: '{{ kibana_custom_default_index }}'
+    body_format: json
+    headers:
+      kbn-version: 8.19.11
+      Content-Type: application/json
+  register: result
+- ansible.builtin.debug:
+    msg: "setting new custom Index to {{ kibana_custom_default_index }}"
diff --git a/roles/kibana/tasks/kibana-security.yml b/roles/kibana/tasks/kibana-security.yml
index db4479ed..cb830470 100644
--- a/roles/kibana/tasks/kibana-security.yml
+++ b/roles/kibana/tasks/kibana-security.yml
@@ -1,5 +1,15 @@
 ---
 
+- name: Ensure encryption key exists
+  ansible.builtin.stat:
+    path: "{{ elasticstack_ca_dir }}/encryption_key"
+  register: encryption_key_exists
+
+- name: Ensure saved encryption key exists
+  ansible.builtin.stat:
+    path: "{{ elasticstack_ca_dir }}/savedobjects_encryption_key"
+  register: savedobjects_encryption_key_exists
+
 - name: Ensure kibana certificate exists
   ansible.builtin.stat:
     path: "/etc/kibana/certs/{{ ansible_hostname }}-kibana.p12"
@@ -125,11 +135,14 @@
     - name: Generate encryption key # noqa: risky-shell-pipe
       ansible.builtin.shell: >
         if test -n "$(ps -p $$ | grep bash)"; then set -o pipefail; fi;
-        openssl rand -base64 36 >
+        openssl rand -base64 {{ elasticstack_encryption_key_size }} >
         {{ elasticstack_ca_dir }}/encryption_key
       changed_when: false
       args:
         creates: "{{ elasticstack_ca_dir }}/encryption_key"
+    - ansible.builtin.debug:
+        msg: "File exists..."
+        when: encryption_key_exists.stat.exits
 
     - name: Fetch encryption key
       ansible.builtin.command: cat {{ elasticstack_ca_dir }}/encryption_key
@@ -139,12 +152,14 @@
     - name: Generate saved objects encryption key # noqa: risky-shell-pipe
       ansible.builtin.shell: >
         if test -n "$(ps -p $$ | grep bash)"; then set -o pipefail; fi;
-        openssl rand
-        -base64 36 >
+        openssl rand -base64 {{ elasticstack_encryption_key_size }} >
         {{ elasticstack_ca_dir }}/savedobjects_encryption_key
       changed_when: false
       args:
         creates: "{{ elasticstack_ca_dir }}/savedobjects_encryption_key"
+    - ansible.builtin.debug:
+        msg: "File exists..."
+        when: savedobjects_encryption_key_exists.stat.exits
 
     - name: Fetch saved objects encryption key
       ansible.builtin.command: cat {{ elasticstack_ca_dir }}/savedobjects_encryption_key