-
Notifications
You must be signed in to change notification settings - Fork 4.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Elastic Agent] Infrastructure to support multiple outputs in a policy #27442
Comments
Pinging @elastic/agent (Team:Agent) |
API Key Management in Fleet Server The shared service token for the Fleet Server should be scoped to only provide the functionality that the Fleet Server needs to create API keys (access to other indexes is not needed and should not be given). Fleet Server would store the created API Key for remote Elasticsearch clusters in its main Elasticsearch cluster indexes. Implementation Stages
|
A service token has the exact permissions the service account as. Most of the permissions are needed. The service token needs to have access to logs-* etc. indices as otherwise no API could be created for it. The permissions that are not strictly needed are for the remote .fleet-* indices but not sure if for this scenario it is worth complicating things. My assumption would be that on the remote server, Fleet is NOT used. Otherwise there could be credentials in there. |
Think the goal here is to scope it as much as possible so if we can get a |
@nimarezainia missed that one. |
@nimarezainia I discussed just now with @lykkin. |
Hi @jlind23
Build details 8.2 Snapshot: Hence, marking this as QA:Validated. Further, we will be creating test content for the same. |
Describe the enhancement:
There's a requirement to build the infrastructure to support multiple outputs of the the same type in a given policy.
[note: this request is NOT to support multiple types of output such as Logstash and/or Kafka etc. Thos are tracked else where]
This enhancement request is not a request to add support in Fleet for the second output.
Describe a specific use case for the enhancement or feature:
Stack Monitoring is a specific use case. Often users would want the Stack monitoring data to be sent to an Elasticsearch that is different from the cluster receiving the actual data (logs/metrics) collected. So in a given agent policy there's a requirement to support at least two outputs (of the same type)
cc: @blakerouse @mukeshelastic @mostlyjason
The text was updated successfully, but these errors were encountered: