- Introducing Elasticsearch Service
- Adding data to Elasticsearch
- Migrating data
- Ingesting data from your application
- Ingest data with Node.js on Elasticsearch Service
- Ingest data with Python on Elasticsearch Service
- Ingest data from Beats to Elasticsearch Service with Logstash as a proxy
- Ingest data from a relational database into Elasticsearch Service
- Ingest logs from a Python application using Filebeat
- Ingest logs from a Node.js web application using Filebeat
- Configure Beats and Logstash with Cloud ID
- Best practices for managing your data
- Configure index management
- Enable cross-cluster search and cross-cluster replication
- Access other deployments of the same Elasticsearch Service organization
- Access deployments of another Elasticsearch Service organization
- Access deployments of an Elastic Cloud Enterprise environment
- Access clusters of a self-managed environment
- Enabling CCS/R between Elasticsearch Service and ECK
- Edit or remove a trusted environment
- Migrate the cross-cluster search deployment template
- Manage data from the command line
- Preparing a deployment for production
- Securing your deployment
- Monitoring your deployment
- Monitor with AutoOps
- Configure Stack monitoring alerts
- Access performance metrics
- Keep track of deployment activity
- Diagnose and resolve issues
- Diagnose unavailable nodes
- Why are my shards unavailable?
- Why is performance degrading over time?
- Is my cluster really highly available?
- How does high memory pressure affect performance?
- Why are my cluster response times suddenly so much worse?
- How do I resolve deployment health warnings?
- How do I resolve node bootlooping?
- Why did my node move to a different host?
- Snapshot and restore
- Managing your organization
- Your account and billing
- Billing Dimensions
- Billing models
- Using Elastic Consumption Units for billing
- Edit user account settings
- Monitor and analyze your account usage
- Check your subscription overview
- Add your billing details
- Choose a subscription level
- Check your billing history
- Update billing and operational contacts
- Stop charges for a deployment
- Billing FAQ
- Elasticsearch Service hardware
- Elasticsearch Service GCP instance configurations
- Elasticsearch Service GCP default provider instance configurations
- Elasticsearch Service AWS instance configurations
- Elasticsearch Service AWS default provider instance configurations
- Elasticsearch Service Azure instance configurations
- Elasticsearch Service Azure default provider instance configurations
- Change hardware for a specific resource
- Elasticsearch Service regions
- About Elasticsearch Service
- RESTful API
- Release notes
- Enhancements and bug fixes - December 2024
- Enhancements and bug fixes - November 2024
- Enhancements and bug fixes - Late October 2024
- Enhancements and bug fixes - Early October 2024
- Enhancements and bug fixes - September 2024
- Enhancements and bug fixes - Late August 2024
- Enhancements and bug fixes - Early August 2024
- Enhancements and bug fixes - July 2024
- Enhancements and bug fixes - Late June 2024
- Enhancements and bug fixes - Early June 2024
- Enhancements and bug fixes - Early May 2024
- Bring your own key, and more
- AWS region EU Central 2 (Zurich) now available
- GCP region Middle East West 1 (Tel Aviv) now available
- Enhancements and bug fixes - March 2024
- Enhancements and bug fixes - January 2024
- Enhancements and bug fixes
- Enhancements and bug fixes
- Enhancements and bug fixes
- Enhancements and bug fixes
- AWS region EU North 1 (Stockholm) now available
- GCP regions Asia Southeast 2 (Indonesia) and Europe West 9 (Paris)
- Enhancements and bug fixes
- Enhancements and bug fixes
- Bug fixes
- Enhancements and bug fixes
- Role-based access control, and more
- Newly released deployment templates for Integrations Server, Master, and Coordinating
- Enhancements and bug fixes
- Enhancements and bug fixes
- Enhancements and bug fixes
- Enhancements and bug fixes
- Enhancements and bug fixes
- Enhancements and bug fixes
- Enhancements and bug fixes
- Enhancements and bug fixes
- Enhancements and bug fixes
- Enhancements and bug fixes
- Cross environment search and replication, and more
- Enhancements and bug fixes
- Enhancements and bug fixes
- Azure region Canada Central (Toronto) now available
- Azure region Brazil South (São Paulo) now available
- Azure region South Africa North (Johannesburg) now available
- Azure region Central India (Pune) now available
- Enhancements and bug fixes
- Azure new virtual machine types available
- Billing Costs Analysis API, and more
- Organization and billing API updates, and more
- Integrations Server, and more
- Trust across organizations, and more
- Organizations, and more
- Elastic Consumption Units, and more
- AWS region Africa (Cape Town) available
- AWS region Europe (Milan) available
- AWS region Middle East (Bahrain) available
- Enhancements and bug fixes
- Enhancements and bug fixes
- GCP Private Link, and more
- Enhancements and bug fixes
- GCP region Asia Northeast 3 (Seoul) available
- Enhancements and bug fixes
- Enhancements and bug fixes
- Native Azure integration, and more
- Frozen data tier and more
- Enhancements and bug fixes
- Azure region Southcentral US (Texas) available
- Azure region East US (Virginia) available
- Custom endpoint aliases, and more
- Autoscaling, and more
- Cross-region and cross-provider support, warm and cold data tiers, and more
- Better feature usage tracking, new cost and usage analysis page, and more
- New features, enhancements, and bug fixes
- AWS region Asia Pacific (Hong Kong)
- Enterprise subscription self service, log in with Microsoft, bug fixes, and more
- SSO for Enterprise Search, support for more settings
- Azure region Australia East (New South Wales)
- New logging features, better GCP marketplace self service
- Azure region US Central (Iowa)
- AWS region Asia Pacific (Mumbai)
- Elastic solutions and Microsoft Azure Marketplace integration
- AWS region Pacific (Seoul)
- AWS region EU West 3 (Paris)
- Traffic management and improved network security
- AWS region Canada (Central)
- Enterprise Search
- New security setting, in-place configuration changes, new hardware support, and signup with Google
- Azure region France Central (Paris)
- Regions AWS US East 2 (Ohio) and Azure North Europe (Ireland)
- Our Elasticsearch Service API is generally available
- GCP regions Asia East 1 (Taiwan), Europe North 1 (Finland), and Europe West 4 (Netherlands)
- Azure region UK South (London)
- GCP region US East 1 (South Carolina)
- GCP regions Asia Southeast 1 (Singapore) and South America East 1 (Sao Paulo)
- Snapshot lifecycle management, index lifecycle management migration, and more
- Azure region Japan East (Tokyo)
- App Search
- GCP region Asia Pacific South 1 (Mumbai)
- GCP region North America Northeast 1 (Montreal)
- New Elastic Cloud home page and other improvements
- Azure regions US West 2 (Washington) and Southeast Asia (Singapore)
- GCP regions US East 4 (N. Virginia) and Europe West 2 (London)
- Better plugin and bundle support, improved pricing calculator, bug fixes, and more
- GCP region Asia Pacific Southeast 1 (Sydney)
- Elasticsearch Service on Microsoft Azure
- Cross-cluster search, OIDC and Kerberos authentication
- AWS region EU (London)
- GCP region Asia Pacific Northeast 1 (Tokyo)
- Usability improvements and Kibana bug fix
- GCS support and private subscription
- Elastic Stack 6.8 and 7.1
- ILM and hot-warm architecture
- Elasticsearch keystore and more
- Trial capacity and more
- APM Servers and more
- Snapshot retention period and more
- Improvements and snapshot intervals
- SAML and multi-factor authentication
- Next generation of Elasticsearch Service
- Branding update
- Minor Console updates
- New Cloud Console and bug fixes
- What’s new with the Elastic Stack
Azure Native ISV Service
editAzure Native ISV Service
editThe Elastic Cloud Azure Native ISV Service allows you to deploy managed instances of the Elastic Stack directly in Azure, through the Azure integrated marketplace. The service brings the following benefits:
-
Easy deployment for managed Elastic Stack instances
Elastic Stack instances managed by Elastic are deployed directly from the Azure console. This provides the complete Elastic Stack experience with all commercial features.
-
Integrated billing
You are billed directly to your Azure account; no need to configure billing details in Elastic. See Integrated billing for details, as well as the Billing FAQ.
-
Easy consolidation of your Azure logs in Elastic
Use a single-step setup to ingest logs from your Azure services into the Elastic Stack.
The full product name in the Azure integrated marketplace is Elastic Cloud (Elasticsearch) - An Azure Native ISV Service
.
Integrated billing
editAzure Native ISV Service includes integrated billing: Elastic resource costs are posted to your Azure subscription through the Microsoft Commercial Marketplace. You can create various Elastic Cloud resources (deployments) across different Azure subscriptions, with all of the costs associated with an Elastic Cloud organization posted to a single Azure subscription.
Note the following terms:
- Azure Marketplace SaaS ID: This is a unique identifier that’s generated one time by Microsoft Commercial Marketplace when a user creates their first Elastic resource (deployment) using the Microsoft Azure (Portal, API, SDK, or Terraform). This is mapped to a User ID and Azure Subscription ID
- Elastic Cloud organization: An organization is the foundational construct under which everything in Elastic Cloud is grouped and managed. An organization is created as a step during the creation of your first Elastic resource (deployment), whether that’s done through Microsoft Azure (Portal, API, SDK, or Terraform). The initial member of the Elastic Cloud organization can then invite other users.
- Elastic resource (deployment): An Elastic Cloud deployment helps you manage an Elasticsearch cluster and instances of other Elastic products in one place. You can work with Elastic deployments from within the Azure ecosystem. Multiple users in the Elastic Cloud organization can create different deployments from different Azure subscriptions. They can also create deployments from the Elasticsearch Service Console.
The following diagram shows the mapping between Microsoft Azure IDs, Elastic Cloud organization IDs, and your Elastic resources (deployments).
The following diagram shows how your Elastic Cloud organization costs are reported in Microsoft Azure. You can also refer to our Billing FAQ on this page.
Frequently asked questions
editCheck the following sections to learn more about the Azure Native ISV Service:
-
Getting started
- How do I get started?
- What is the pricing for this offer?
- Which Azure regions are supported?
- Which Elastic Cloud subscription levels are available?
- How can I change my Elastic Cloud subscription level?
- Can I subscribe using an email address from another Elastic account?
- Is the Elastic Cloud Azure Native ISV Service connected with Azure user management?
- Does Elastic Cloud Azure Native ISV Service support recently introduced Elastic Cloud RBAC capability?
- I already have an Elastic Cloud account, can I use this service?
- Can I sign up for an Elastic Cloud trial account and then convert to the Elastic Cloud Azure Native ISV Service?
- Does Elasticsearch get deployed into my tenant in Azure?
- What Azure tenant information does Elastic have access to?
- What other methods are available to deploy Elasticsearch?
- How do I migrate my data from the classic Azure marketplace account to the Elastic Cloud Azure Native ISV Service?
- Can I invite users to my organization, even if they cannot receive emails?
-
Billing
- Which Azure Subscription will be billed for my Elastic resources?
- How do I get different Elastic resources (deployments) charges to different Azure Subscriptions?
- Why can’t I see Elastic resources costs in Azure Cost Explorer?
- Why don’t I see my individual Elastic resources (deployments) in the Azure Marketplace Invoice?
- Why can’t I find Instance ID and Instance Name values from Azure Marketplace Invoice in the Azure Portal?
-
Managing your Elastic Cloud deployment
-
Configuring logs and metrics
-
Troubleshooting
- I receive an error message about not having required authorization.
- My Elastic Cloud deployment creation failed.
- I can’t SSO into my Elastic Cloud deployment.
- I see some deployments in the Elastic Cloud console but not in the Azure Portal.
- My Elastic Cloud Azure Native ISV Service logs are not being ingested.
-
Support
Getting started
edit- How do I get started with Elastic Cloud?
-
Elastic Cloud is available as an offering through the Azure console.
Prerequisites
There are a few requirements to check before setting up an Elastic Cloud deployment:
- In Azure your account role for the subscription is set as Owner or Contributor. For details and steps to assign roles, check Permission to purchase in the Azure documentation.
- You cannot use an email address that already has an Elastic Cloud account. Use a different Azure account to set up the Elasticsearch resource, or contact the Elastic Support Team for assistance.
- You must have a credit card registered on your Azure subscription. If you have a non-payment subscription, such as a Virtual Studio Subscription, you can’t create an Elastic Cloud deployment. Refer to the Azure Purchase errors troubleshooting documentation for more information.
- In order to single sign-on into your Elastic Cloud deployment from Azure you need to request approval from your Azure administrator.
Getting started
To create a deployment directly from the Azure portal, go to the list of Elastic Cloud deployments in the Azure portal and select
Create
.When you create an Elastic Cloud deployment, an Elastic Stack cluster is created for you. The size of this deployment is 16GB of RAM and 560GB of storage, across two availability zones for redundancy. The size of the deployment, both RAM and storage, is changed directly in the Elastic console. Usage charges are based on the deployment size, so size your instance efficiently. The deployment defaults to the latest available version of the Elastic Stack. Check our Version policy to learn more about when new versions are made available and old versions are removed from service.
- What is the pricing for this offer?
-
Pricing is pay-as-you-go per hour for each Elastic Cloud deployment created. Note that there is no free trial period for the offering. Charges are applied to your Azure bill at the end of the month. Use the Elastic Cloud Pricing Calculator to size a deployment and view the corresponding hourly rate.
Elastic charges include:
- Which Azure regions are supported?
- Here is the list of available Azure regions supported in Elastic Cloud.
- Which Elastic Cloud subscription levels are available?
- The subscription defaults to the Enterprise subscription, granting immediate access to advanced Elastic Stack features like machine learning, and premium support response time SLAs. Elastic Cloud offers a number of different subscription levels.
- How can I change my Elastic Cloud subscription level?
-
Modify your subscription level on the billing page in the Elastic console.
- Select a deployment to open the deployment overview page.
- Select the Advanced Settings link to access your deployment in the Elastic Cloud console.
- In the Elastic Cloud console, select your account avatar icon at the top of the page, and then choose Account & Billing.
-
Select the Billing tab and choose Change my subscription.
-
Select the subscription level that you’d like.
- Can I subscribe using an email address from another Elastic account?
- Your email address is associated with only one Elastic account. For a workaround, check Sign up using an email address from another Cloud account.
- Is the Elastic Cloud Azure Native ISV Service connected with Azure user management?
-
No. Elastic is not currently integrated with Azure user management. Azure users who deploy Elasticsearch on Azure view and manage their own cluster through the Cloud console. Other Azure users in the same tenant cannot access clusters through the Cloud console other than those that they themselves created.
When trying to access resources such as Elasticsearch, Kibana, Enterprise Search, or APM in a deployment that was created by another Azure user, the following error is shown:
Share deployment resources directly with other Azure users by configuring Active Directory single sign-on with the Elasticsearch cluster.
- Does Elastic Cloud Azure Native ISV Service support recently introduced Elastic Cloud RBAC capability?
- Yes. Currently Elastic Cloud RBAC capability is available only from the Elastic Cloud Console and is not integrated with Azure Portal. This means that the users who will interact with Elastic resources from Azure Portal will not be recognized by the Elastic Cloud RBAC policies.
- I already have an Elastic Cloud account, can I use this service?
- Yes. If you already have an Elastic Cloud account with the same email address as your Azure account you may need to contact support@elastic.co.
- Can I sign up for an Elastic Cloud trial account and then convert to the Elastic Cloud Azure Native ISV Service?
-
Yes. You can start a free Elasticsearch Service trial and then convert your account over to Azure. There are a few requirements:
- Make sure when creating deployments in the trial account you specify Azure as the cloud provider.
- To convert your trial to the Azure marketplace you need to create a deployment in the Azure console. Just delete the new deployment if you don’t need it. After you create the new deployment your marketplace subscription is ready.
- Any deployments created during your trial won’t show up in the Azure console, since they weren’t created in Azure, but they are still accessible through the Elasticsearch Service Console and you are billed for their usage.
- Does Elasticsearch get deployed into my tenant in Azure?
- No. Elasticsearch resources deployed in an Azure tenant are managed by Elastic. The management capabilities associated with this tenant are the same as used to run Elastic’s managed service, which also allows users to deploy on Azure.
- What Azure tenant information does Elastic have access to?
-
After you subscribe to Elastic Cloud through the Azure Native ISV Service, Elastic has access to the following Azure tenant information:
- Data defined in the marketplace Saas fulfillment Subscription APIs.
-
The following additional data:
- Marketplace subscription ID
- Marketplace plan ID
- Azure Account ID
- Azure Tenant ID
- Company
- First name
- Last name
- Country
Elastic can also access data from Elastic Cloud Azure Native ISV Service features, including resource and activity log data. This data is available to Elastic only if you enable it. By default, Elastic does not have access to this information.
- What other methods are available to deploy Elasticsearch?
-
Use any of the following methods:
-
Deploy using Azure tools
- The Azure console
- Azure Terraform
- The Azure CLI
- The Azure REST API
- PowerShell
-
Deploy using official Azure SDKs
-
Deploy using Elastic Cloud
- The Elastic Cloud console
- The Elastic Cloud REST API
- The Elastic Cloud command line tool
-
The Elastic Cloud Terraform provider
Note that when you use any of the Elastic Cloud methods, the Elasticsearch deployment will not be available in Azure.
-
- How do I migrate my data from the classic Azure marketplace account to the native integration?
-
First create a new account configured with Elastic Cloud Azure Native ISV Service, then perform the migration as follows:
- From your classic Azure marketplace account, navigate to the deployment and configure a custom snapshot repository using Azure Blog Storage.
- Using the newly configured snapshot repository, create a snapshot of the data to migrate.
- Navigate to Azure and log in as the user that manages the Elasticsearch resources.
- Before proceeding, ensure the new account is configured according to the prerequisites.
- Create a new Elasticsearch resource for each existing deployment that needs migration from the classic Azure account.
- In the new Elasticsearch resource, follow the steps in Restore from a snapshot to register the custom snapshot repository from Step 1.
- In the same set of steps, restore the snapshot data from the snapshot repository that you registered.
- Confirm the data has moved successfully into your new Elasticsearch resource on Azure.
-
To remove the old Azure subscription and the old deployments, go to the Azure SaaS page and unsubscribe from the
{ecloud} ({es})
marketplace subscription. This action triggers the existing deployments termination.
- Can I invite users to my organization, even if they cannot receive emails?
- You can add Azure users as members of your organization even if they don’t have an inbox. Please reach out to Elastic support.
Billing
edit- Which Azure Subscription will be billed for my Elastic resources?
- The Azure Marketplace integrated billing posts all of the Elastic deployment/resources costs related to an Elastic Cloud organization to the Azure subscription you used to create your first-ever Elastic deployment/resource. This is the case even if your individual Elastic resources (deployments) are spread across different Azure subscriptions. For more detail, refer to Integrated billing.
- How do I get different Elastic deployment/resources charges to different Azure Subscriptions?
- See Integrated billing. To have different Elastic deployment/resources costs reported to different Azure subscriptions, they need to be in separate Elastic Cloud organizations. To create a separate Elastic Cloud organization from an Azure subscription, you will need to subscribe as a user who is not already part of an existing Elastic Cloud organization.
- Why can’t I see Elastic resources costs in Azure Cost Explorer?
- The costs associated with Elastic resources (deployments) are reported under unassigned in the Azure Portal. Refer to Understand your Azure external services charges in the Microsoft Documentation to understand Elastic resources/deployments costs. For granular Elastic resources costs, refer to Monitor and analyze your acccount usage.
- Why don’t I see my individual Elastic resources (deployments) in the Azure Marketplace Invoice?
-
The way Azure Marketplace Billing Integration works today, the costs for Elastic resources (deployments) are reported for an Elastic Cloud organization as a single line item, reported against the Marketplace SaaS ID. This includes the Elastic deployments created using the Azure Portal, API, SDK, or CLI, and also the Elastic deployments created directly from the Elasticsearch Service Console in the respective Elastic Cloud organization. For granular Elastic resources costs refer to Monitor and analyze your acccount usage. As well, for more detail refer to Integrated billing.
- Why can’t I find Instance ID and Instance Name values from Azure Marketplace Invoice in the Azure Portal?
-
With Elastic Cloud Azure Native ISV Service, the "instance name/ID" shown in the Azure Marketplace invoice is the Azure Marketplace SaaS identifier that represents an Elastic Cloud organization. For Microsoft Azure,
Microsoft.SaaS
(namespace) resources are used for billing Marketplace Resources - in this case, Elastic.For instance: Elastic Organization
Org1
is associated with a Marketplace SaaS (Microsoft.SaaS) assetAzureElastic_GUID_NAME
. The Elastic resources (Microsoft.Elastic
)E1
,E2
, andE3
withinOrg1
are all mapped toAzureElastic_GUID_NAME
.Microsoft.SaaS
(Instance name) asset is shown in the Azure Marketplace invoice and represents costs related to an Elastic Cloud organization and not individual Elastic resources (deployments). To see the cost breakdown for individual Elastic resources (deployments), refer to Monitor and analyze your acccount usage.
Managing your Elastic Cloud deployment
edit- What is included in my Elastic Cloud deployment?
-
Each Elastic Cloud deployment includes:
- An Elasticsearch cluster
- A Kibana instance which provides data visualization and a front-end for the Elastic Stack
- An APM server that allows you to easily collect application traces
- An Enterprise Search instance that allows you to easily build a search experience with an intuitive interface
- How can I access my Elastic Cloud deployment?
-
Navigate to the deployment overview page in Azure:
-
Select a deployment to open the deployment overview page.
You now have a few options to access your deployment:
- Elasticsearch endpoint - the URL for the Elasticsearch cluster itself
- Kibana endpoint - the UI for the Elastic Stack, a great way for new users to get started
- Elastic Cloud - Open the Advanced Settings link to access the deployment in the Elastic Cloud console, to change the size of the deployment or upgrade it.
-
- How can I modify my Elastic Cloud deployment?
-
Modify your Elastic Cloud deployment in the Elastic Cloud console, which is accessed from the Azure UI through the Advanced Settings link on the deployment overview page. In the Elastic Cloud console you can perform a number of actions against your deployment, including:
- Re-size to increase or decrease the amount of RAM, CPU, and storage available to your deployment, or to add additional availability zones.
- Upgrade your deployment to a new Elastic Stack version.
- Enable or disable individual Elastic Stack components such as APM, Machine Learning, and Enterprise Search.
- Update Elastic Stack user settings in the component YML files.
- Add or remove custom plugins.
- Configure IP filtering.
- Monitor your Elastic Cloud deployment to ensure it remains healthy.
- Add or remove API keys to use the REST API.
- And more
- How can I delete my Elastic Cloud deployment?
- Delete the deployment directly from the Azure console. The delete operation performs clean-up activities in the Elastic console to ensure any running components are removed, so that no additional charges occur.
- Can I delete the Azure Resource Group containing my deployment?
- If you delete an Azure Resource Group containing Elastic Cloud resources, the latter will be deleted automatically. However, you should not delete the Azure Resource Group containing the first deployment you created. The usage associated with any other Elastic deployment created outside of the first resource group will continue to get reported and charged against this resource group. If you want to stop all charges to this Resource Group, you should delete the individual deployments.
Configuring logs and metrics
edit- How do I monitor my existing Azure services?
-
The Elastic Cloud Azure Native ISV Service simplifies logging for Azure services with the Elastic Stack. This integration supports:
- Azure subscription logs
- Azure resources logs (check Supported categories for Azure Resource Logs for examples)
If you want to send platform logs to a deployment that has IP or Private Link traffic filters enabled, then you need to contact the Elastic Support Team to perform additional configurations. Refer support to the article Azure++ Resource Logs blocked by Traffic Filters.
The following log types are not supported as part of this integration:
- Azure tenant logs
- Logs from Azure compute services, such as Virtual Machines
If your Azure resources and Elastic deployment are in different subscriptions, before creating diagnostic settings confirm that the Microsoft.Elastic
resource provider is registered in the subscription in which the Azure resources exist. If not, register the resource provider following these steps:
- In Azure, navigate to Subscriptions → Resource providers.
-
Search for
Microsoft.Elastic
and check that it is registered.
If you already created diagnostic settings before the Microsoft.Elastic
resource provider was registered, delete and add the diagnostic setting again.
In the Azure console, configure the ingestion of Azure logs into either a new or existing Elastic Cloud deployment:
- When creating a new deployment, use the Logs & metrics tab in Azure to specify the log type and a key/value tag pair. Any Azure resources that match on the tag value automatically send log data to the Elastic Cloud deployment, once it’s been created.
- For existing deployments configure Azure logs from the deployment overview page in the Azure console.
Note that following restrictions for logging:
- Only logs from non-compute Azure services are ingested as part of the configuration detailed in this document. Logs from compute services, such as Virtual Machines, into the Elastic Stack will be added in a future release.
- The Azure services must be in one of the supported regions. All regions will be supported in the future.
Your Azure logs may sometimes contain references to a user Liftr_Elastic
. This user is created automatically by Azure as part of the integration with Elastic Cloud.
To check which of your Azure resources are currently being monitored, navigate to your Elasticsearch deployment and open the Monitored resources tab. Each resource shows one of the following status indicators:
- Sending - Logs are currently being sent to the Elasticsearch cluster.
- Logs not configured - Log collection is currently not configured for the resource. Open the Edit tags link to configure which logs are collected. For details about tagging resources, check Use tags to organize your Azure resources and management hierarchy in the Azure documentation.
- N/A - Monitoring is not available for this resource type.
- Limit reached - Azure resources can send diagnostic data to a maximum of five outputs. Data is not being sent to the Elasticsearch cluster because the output limit has already been reached.
- Failed - Logs are configured but failed to ship to the Elasticsearch cluster. For help resolving this problem you can contact Support.
- Region not supported - The Azure resource must be in one of the supported regions.
- How do I ingest metrics from my Azure services?
- Metrics are not supported as part of the current Elastic Cloud Azure Native ISV Service. This will be implemented in a future phase. Metrics can still be collected from all Azure services using Metricbeat. For details, check Ingest other Azure metrics using the Metricbeat Azure module.
- How can I monitor my Azure virtual machines in Elasticsearch?
-
You can monitor your Azure virtual machines by installing the Elastic Agent VM extension. Once enabled, the VM extension downloads the Elastic Agent, installs it, and enrols it to the Fleet Server. The Elastic Agent will then send system related logs and metrics to the Elastic Cloud cluster where you can find pre-built system dashboards showing the health and performance of your virtual machines.
Enabling and disabling VM extensions
To enable or disable a VM extension:
- In Azure, navigate to your Elasticsearch deployment.
- Select the Virtual machines tab
- Select one or more virtual machines
- Choose Install Extension or Uninstall Extension.
While it’s possible to enable or disable a VM extension directly from the VM itself, we recommend always enabling or disabling your Elasticsearch VM extensions from within the context of your Elasticsearch deployment.
Managing the Elastic Agent VM extension
Once installed on the virtual machine, you can manage Elastic Agent either from Fleet or locally on the host where it’s installed. We recommend managing the VM extension through Fleet, because it makes handling and upgrading the agents considerably easier. For more information on the Elastic Agent, check Manage your Elastic Agents.
Operating system compatibility matrix
The Azure Elastic Agent VM extension is supported on the following operating systems:
Platform Version Windows
2008r2+
CentOS
6.10+
Debian
9,10
Oracle
6.8+
RHEL
7+
Ubuntu
16+
Troubleshooting
editThis section describes some scenarios that you may experience onboarding to Elastic Cloud through the Azure console. If you’re running into issues you can always get support.
- I receive an error message about not having the required authorization.
-
When trying to access Elastic Cloud resources, you may get an error message indicating that the user must have the required authorization.
Elastic is not currently integrated with Azure user management, so sharing deployment resources through the Cloud console with other Azure users is not possible. However, sharing direct access to these resources is possible. For details, check Is the Elastic Cloud Azure Native ISV Service connected with Azure user management?.
- My Elastic Cloud deployment creation failed.
-
When creating a new Elastic Cloud deployment, the deployment creation may fail with a
Your deployment failed
error. The process results with a status message such as:{ "code": "DeploymentFailed", "message": "At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/DeployOperations for usage details.", "details": [ { "code": "500", "message": "An error occurred during deployment creation. Please try again. If the problem persists, please contact support@elastic.co." } ]
One possible cause of a deployment creation failure is the default traffic filtering rules. Deployments fail to create if a previously created traffic filter has enabled the Include by default option. When this option is enabled, traffic to the deployment is blocked, including traffic that is part of the Elastic Cloud Azure Native ISV Service. As a result, some of the integration components are not successfully provisioned and the deployment creation fails.
Follow these steps to resolve the problem:
- Login to the Elasticsearch Service Console.
- Go to the Traffic filters page.
-
Edit the traffic filter and disable the Include by default option.
- In Azure, create a new Elastic Cloud deployment.
- After the deployment has been created successfully, go back to the Traffic filters page in Elastic Cloud and re-enable the Include by default option.
If your deployment still does not create successfully, contact the Elastic Support Team for assistance.
- I can’t SSO into my Elastic Cloud deployment.
-
When you try to access your Elastic Cloud deployment using single sign-on, the access may fail due to missing permission required by your Azure environment.
You can review your user consent settings configuration following the instructions in Configure how users consent to applications. To resolve this problem, contact your Azure Administrator.
- I see some deployments in the Elastic Cloud console but not in the Azure Portal.
- Elastic Deployments created using the Elasticsearch Service Console, the Elasticsearch Service API, or the Elastic Cloud Terraform provider are only visible through the Elastic Cloud Console. To have the necessary metadata to be visible in the Azure Portal, Elastic Cloud deployments need to be created in Microsoft Azure.
Mimicking this metadata by manually adding tags to an Elastic Cloud deployment will not work around this limitation. Instead, it will prevent you from being able to delete the deployment using the Elasticsearch Service Console.
- My Elastic Cloud Azure Native ISV Service logs are not being ingested.
-
-
When you set up monitoring for your Azure services, if your Azure and Elastic resources are in different subscriptions, you need to make sure that the
Microsoft.Elastic
resource provider is registered in the subscription in which the Azure resources exist. Check How do I monitor my existing Azure services? for details. - If you are using IP or Private Link traffic filters, please reach out to the Elastic Support Team.
-
When you set up monitoring for your Azure services, if your Azure and Elastic resources are in different subscriptions, you need to make sure that the
Getting support
edit- How do I get support?
-
Support is provided by Elastic. To open a support case:
- Navigate to the deployment overview page in the Azure console.
- Click New support request from the menu.
-
Click the link to launch the Elastic console and provide further details.
The Elastic Support team responds based on the SLA response time of your subscription.
In case your Elastic Cloud resource is not fully set up and you’re not able to access the Support page, you can always send an email to support@elastic.co.
- How can I change my subscription level / support level?
- Your Elastic subscription level includes the support level. Check How can I change my Elastic Cloud subscription level? to make an update.
On this page
ElasticON events are back!
Learn about the Elastic Search AI Platform from the experts at our live events.
Register now