[Self-Managed]: No data for Standalone agent available when configured with logstash output #3959
Comments
harshitgupta-qasource
added
bug
|
Pinging @elastic/elastic-agent-control-plane (Team:Elastic-Agent-Control-Plane) |
|
@amolnater-qasource Kindly review |
|
Secondary Review for this ticket is Done. |
|
There is an error in the output configuration: units:
input-log-1d4167d9-c043-40c4-97dd-6ac75c2c6a13-logfile-nginx-a7b51d40-b086-41f0-8d65-f43f24abc846:
message: Starting
state: 0
input-log-1d4167d9-c043-40c4-97dd-6ac75c2c6a13-logfile-system-9997e7d1-bb8e-4799-9361-1678ea5e53c1:
message: Starting
state: 0
output-log-1d4167d9-c043-40c4-97dd-6ac75c2c6a13:
message: 'could not start output: failed to reload output: could not setup output certificates reloader: unpacking ''ssl'' config: key file not configured accessing ''logstash.ssl'''
state: 4Looks like https://www.elastic.co/guide/en/beats/filebeat/current/configuration-ssl.html#client-key is missing. How to create it is documented in https://www.elastic.co/guide/en/fleet/current/secure-logstash-connections.html |
|
@harshitgupta-qasource was the agent reported as healthy while this was happening? |
|
Hi @cmacknz Thank you for looking into this issue. As this agent is standalone agent so we were not able to see the agent status on UI. However, we had set agent monitoring output to elasticsearch, and we were getting data for that. Further we were also getting data for Fleet based agents through logstash. Kindly let us know if we missed anything. Thanks |
|
|
Hi Team, We have revalidated this issue on 8.13.0 BC1 self-managed environment and found it still reproducible. Observations:
Build details: Agent Logs: Please let us know if anything else is required from our end. |
|
The output SSL configuration is wrong: units:
input-log-838567eb-fed1-4076-854f-3fe2dd7b6dce-logfile-system-b9a61cda-4342-43d7-84cb-52b0793ff187:
message: Starting
state: 0
output-log-838567eb-fed1-4076-854f-3fe2dd7b6dce:
message: 'could not start output: failed to reload output: could not setup output certificates reloader: unpacking ''ssl'' config: key file not configured accessing ''logstash.ssl'''
state: 4Looking at the output configuration I see outputs:
838567eb-fed1-4076-854f-3fe2dd7b6dce:
hosts:
- 54.211.7.83:5044
secrets:
ssl:
key:
id: JQ551Y0BX8drvHWrVKoy
ssl:
certificate: <REDACTED>
certificate_authorities:
- <REDACTED>
type: logstashIt looks like you may have copied the Logstash SSL configuration from a Fleet managed agent policy in the Fleet UI, where the SSL private key is correctly hidden. If you want to get the configuration an agent would run, you have to get the policy from an agent running that policy using the |
|
Hi @cmacknz Thank you for the update. We have revalidated this without creating the logstash output with secrets and we are successfully able to get the data under data streams tab for standalone agent configured with Logstash output. Screenshot: Hence, we are closing this issue and marking as QA:Validated. Please let us know if anything else is required from our end. |
Kibana Build details:
Host OS and Browser version: All, All
Preconditions:
Steps to reproduce:
Expected:
Data for Standalone agent should be available when configured with logstash output
Screen Shot:
Logs
elastic-agent-diagnostics-2023-12-26T06-20-50Z-00.zip
The text was updated successfully, but these errors were encountered: