mirror of
https://github.com/elastic/kibana.git
synced 2025-06-28 19:13:14 -04:00
1814c60017
Migrate docs from AsciiDoc to Markdown. The preview can be built after #212557 is merged. @florent-leborgne please tag reviewers, add the appropriate label(s), and take this out of draft when you're ready. Note: More files are deleted than added here because the content from some files was moved to [elastic/docs-content](https://github.com/elastic/docs-content). **What has moved to [elastic/docs-content](https://github.com/elastic/docs-content)?** Public-facing narrative and conceptual docs have moved. Most can now be found under the following directories in the new docs: - explore-analyze: Discover, Dashboards, Visualizations, Reporting, Alerting, dev tools... - deploy-manage: Stack management (Spaces, user management, remote clusters...) - troubleshooting: .... troubleshooting pages **What is staying in the Kibana repo?** - Reference content (= anything that is or could be auto-generated): Settings, syntax references - Release notes - Developer guide --------- Co-authored-by: Florent Le Borgne <florent.leborgne@elastic.co>
12 KiB
12 KiB
| navigation_title | mapped_pages | |
|---|---|---|
| {{fleet}} settings |
|
{{fleet}} settings in {{kib}} [fleet-settings-kb]
::::{note} In {{ecloud}}, {{fleet}} flags are already configured.
::::
You can configure xpack.fleet settings in your kibana.yml. By default, {{fleet}} is enabled. To use {{fleet}}, you also need to configure {{kib}} and {{es}} hosts.
Many {{fleet}} settings can also be configured directly through the {{fleet}} UI. See Fleet UI settings for details.
See the {{fleet}} docs for more information about {{fleet}}.
General {{fleet}} settings [general-fleet-settings-kb]
xpack.fleet.agents.enabled
- Set to
true(default) to enable {{fleet}}. xpack.fleet.isAirGapped- Set to
trueto indicate {{fleet}} is running in an air-gapped environment. Refer to Air-gapped environments for details. Enabling this flag helps Fleet skip needless requests and improve the user experience for air-gapped environments.
{{package-manager}} settings [fleet-data-visualizer-settings]
xpack.fleet.registryUrl- The address to use to reach the {{package-manager}} registry.
xpack.fleet.registryProxyUrl- The proxy address to use to reach the {{package-manager}} registry if an internet connection is not directly available. Refer to Air-gapped environments for details.
xpack.fleet.packageVerification.gpgKeyPath- The path on disk to the GPG key used to verify {{package-manager}} packages. If the Elastic public key is ever reissued as a security precaution, you can use this setting to specify the new key.
{{fleet}} settings [_fleet_settings]
xpack.fleet.agents.fleet_server.hosts- Hostnames used by {{agent}} for accessing {{fleet-server}}.
If configured in your
kibana.yml, this setting is grayed out and unavailable in the {{fleet}} UI. To make this setting editable in the UI, do not configure it in the configuration file. xpack.fleet.agents.elasticsearch.hosts- Hostnames used by {{agent}} for accessing {{es}}.
xpack.fleet.agents.elasticsearch.ca_sha256- Hash pin used for certificate verification. The pin is a base64-encoded string of the SHA-256 fingerprint.
Preconfiguration settings (for advanced use cases) [_preconfiguration_settings_for_advanced_use_cases]
Use these settings to pre-define integrations, agent policies, and {{fleet-server}} hosts or proxies that you want {{fleet}} to load up by default.
::::{note} These settings are not supported to pre-configure the Endpoint and Cloud Security integration. ::::
xpack.fleet.packages- List of integrations that are installed when the {{fleet}} app starts up for the first time.
- ::::{dropdown} Required properties of
xpack.fleet.packages name- Name of the integration from the package registry.
version- Either an exact semantic version, or the keyword
latestto fetch the latest integration version.
::::
- ::::{dropdown} Required properties of
xpack.fleet.agentPolicies- List of agent policies that are configured when the {{fleet}} app starts.
- ::::{dropdown} Required properties of
xpack.fleet.agentPolicies id- Unique ID for this policy. The ID may be a number or string.
name- Policy name.
::::
- ::::{dropdown} Optional properties of
xpack.fleet.agentPolicies description- Text description of this policy.
namespace- String identifying this policy’s namespace.
monitoring_enabled- List of keywords that specify the monitoring data to collect. Valid values include
['logs'],['metrics'], and['logs', 'metrics']. keep_monitoring_alive- If
true, monitoring will be enabled, but logs/metrics collection will be disabled. Use this if you want to keep agent’s monitoring server alive even when logs/metrics aren’t being collected. is_managed- If
true, this policy is not editable by the user and can only be changed by updating the {{kib}} config. is_default- If
true, this policy is the default agent policy. is_default_fleet_server- If
true, this policy is the default {{fleet-server}} agent policy. data_output_id- ID of the output to send data. (Need to be identical to
monitoring_output_id) monitoring_output_id- ID of the output to send monitoring data. (Need to be identical to
data_output_id) fleet_server_host_id- ID of the fleet server.
package_policies- List of integration policies to add to this policy.
- ::::{dropdown} Properties of
package_policies id- Unique ID of the integration policy. The ID may be a number or string.
name- (required) Name of the integration policy.
package- (required) Integration that this policy configures.
- ::::{dropdown} Properties of
package name- Name of the integration associated with this policy.
::::
- ::::{dropdown} Properties of
description- Text string describing this integration policy.
namespace- String identifying this policy’s namespace.
inputs- Map of input for the integration. Follows the same schema as the package policy API inputs, with the exception that any object in
varscan be passedfrozen: truein order to prevent that specificvarfrom being edited by the user.
::::
- ::::{dropdown} Properties of
::::
Example configuration:
xpack.fleet.packages: - name: apache version: 0.5.0 xpack.fleet.agentPolicies: - name: Preconfigured Policy id: preconfigured-policy namespace: test package_policies: - package: name: system name: System Integration namespace: test id: preconfigured-system inputs: system-system/metrics: enabled: true vars: '[system.hostfs]': home/test streams: '[system.core]': enabled: true vars: period: 20s system-winlog: enabled: false - ::::{dropdown} Required properties of
xpack.fleet.outputs- List of outputs that are configured when the {{fleet}} app starts.
Certain types of outputs have additional required and optional settings. Refer to Output settings in the {{fleet}} and {{agent}} Guide for the full list of settings for each output type.
If configured in your
kibana.yml, output settings are grayed out and unavailable in the {{fleet}} UI. To make these settings editable in the UI, do not configure them in the configuration file.::::{note} The
xpack.fleet.outputssettings are intended for advanced configurations such as having multiple outputs. We recommend not enabling thexpack.fleet.agents.elasticsearch.hostsettings when usingxpack.fleet.outputs. ::::- ::::{dropdown} Required properties of
xpack.fleet.outputs id- Unique ID for this output. The ID should be a string.
name- Output name.
type- Type of Output. Currently we support "elasticsearch", "logstash", "kafka", and "remote_elasticsearch".
hosts- Array that contains the list of host for that output.
::::
- ::::{dropdown} Optional properties of
xpack.fleet.outputs is_default- If
true, the output specified inxpack.fleet.outputswill be the one used to send agent data unless there is another one configured specifically for the agent policy. is_default_monitoring- If
true, the output specified inxpack.fleet.outputswill be the one used to send agent monitoring data unless there is another one configured specifically for the agent policy. is_internal- If
true, the output specified inxpack.fleet.outputswill not appear in the UI, and can only be managed viakibana.ymlor the Fleet API. config- Extra config for that output.
proxy_id- Unique ID of a proxy to access the output.
ssl- Set to enable authentication using the Secure Sockets Layer (SSL) protocol.
- ::::{dropdown} Properties of
ssl certificate- The SSL certificate that {{agents}} use to authenticate with the output. Include the full contents of the certificate here.
::::
- ::::{dropdown} Properties of
secrets- Include here any values for preconfigured outputs that should be stored as secrets. A secret value is replaced in the
kibana.ymlsettings file with a reference, with the original value stored externally as a secure hash. Note that this type of secret storage requires all configured {{fleet-server}}s to be on version 8.12.0 or later.- ::::{dropdown} Properties of
secrets key:- The private certificate key that {{agents}} use to authenticate with the output.
::::
- ::::{dropdown} Properties of
::::
Example
xpack.fleet.outputsconfiguration:xpack.fleet.outputs: - id: my-logstash-output-with-a-secret name: preconfigured logstash output with a secret type: logstash hosts: ["localhost:9999"] ssl: certificate: xxxxxxxxxx secrets: ssl: key: securekey - ::::{dropdown} Required properties of
xpack.fleet.fleetServerHosts- List of {{fleet-server}} hosts that are configured when the {{fleet}} app starts.
- ::::{dropdown} Required properties of
xpack.fleet.fleetServerHosts id- Unique ID for the host server.
name- Name of the host server.
host_urls- Array of one or more host URLs that {{agents}} will use to connect to {{fleet-server}}.
::::
- ::::{dropdown} Optional properties of
xpack.fleet.fleetServerHosts is_default- Whether or not this host should be the default to use for {{fleet-server}}.
is_internal- If
truethe host will not appear in the UI, and can only be managed throughkibana.ymlor the {{fleet}} API. proxy_id- Unique ID of the proxy to access the {{fleet-server}} host.
::::
- ::::{dropdown} Required properties of
xpack.fleet.proxy- List of proxies to access {{fleet-server}} that are configured when the {{fleet}} app starts.
- ::::{dropdown} Required properties of
xpack.fleet.proxy id- Unique ID of the proxy to access the {{fleet-server}} host.
name- Name of the proxy to access the {{fleet-server}} host.
url- URL that {{agents}} use to connect to the proxy to access {{fleet-server}}.
::::
- :::::{dropdown} Optional properties of
xpack.fleet.proxy proxy_headers- Map of headers to use with the proxy. .Properties of
proxy_headers - ::::{dropdown}
key- Key to use for the proxy header.
value- Value to use for the proxy header.
::::
certificate_authorities- Certificate authority (CA) used to issue the certificate.
certificate- The name of the certificate used to authenticate the proxy.
certificate_key- The certificate key used to authenticate the proxy.
:::::
- ::::{dropdown} Required properties of
xpack.fleet.enableExperimental- List of experimental feature flag to enable in Fleet.
::::{note} Experimental features should not be enabled in production environments. The features in this section are experimental and may be changed or removed completely in future releases. Elastic will make a best effort to fix any issues, but experimental features are not supported to the same level as generally available (GA) features.
::::
xpack.fleet.enableManagedLogsAndMetricsDataviews- Set to
true(default), to enable the automatic creation of globallogs-*andmetrics-*data views.