Configuration settings
editConfiguration settings
editThis functionality is in beta and is subject to change. The design and code is less mature than official GA features and is being provided as-is with no warranties. Beta features are not subject to the support SLA of official GA features.
By default Elastic Agent runs in standalone mode to ingest system data and send it to
a local Elasticsearch instance running on port 9200. It uses the demo credentials of the
elastic user. It’s also configured to monitor all programs managed by Elastic Agent
and send the logs and metrics to the same Elasticsearch instance.
To alter this behavior, configure the output and other configuration settings.
When running the agent standalone, specify configuration settings in the
elastic-agent.yml file. When using Fleet, do not modify settings in
the elastic-agent.yml file. Instead, use Ingest Manager in Kibana to change
settings.
To get started quickly, you can use Fleet to generate a standalone configuration. For more information, see Standalone mode (manual configuration).
Output settings
editSpecify one or more outputs. Specifying multiple outputs allows you to pair each data source with a different output.
Elastic Agent currently works with the Elasticsearch output only.
Example output configuration:
outputs:
default:
type: elasticsearch
hosts: [127.0.0.1:9200]
username: elastic
password: changeme
monitoring:
type: elasticsearch
api_key: VuaCfGcBCdbkQm-e5aOx:ui2lp2axTNmsyakw9tvNnw
hosts: ["localhost:9200"]
ca_sha256: "7lHLiyp4J8m9kw38SJ7SURJP4bXRZv/BNxyyXkCcE/M="
This example configures two outputs: default and monitoring.
Notice that they use different authentication methods. The first one uses a
username and password pair, and the second one contains an API key.
A default output configuration is required.
Beats monitoring settings
editElastic Agent monitors Beats by default. To disable or change monitoring
settings, set options under agent.monitoring:
agent.monitoring: # enabled turns on monitoring of running processes enabled: true # enables log monitoring logs: true # enables metrics monitoring metrics: true # specifies output to be used use_output: monitoring
To disable monitoring, set agent.monitoring.enabled to false. When set to
false, Beats monitoring is turned off, and all other options in this section
are ignored.
To enable monitoring, set agent.monitoring.enabled to true. Also set the
logs and metrics settings to control whether logs, metrics, or both are
collected. If neither setting is specified, monitoring is disabled. Set
use_output to specify the output to which monitoring events are sent.
Input settings
editBy default Elastic Agent collects system metrics, such as cpu, memory, network, and filesystem metrics, and sends them to the default output. For example:
inputs:
- type: system/metrics
data_stream.namespace: default
use_output: default
streams:
- metricset: cpu
data_stream.dataset: system.cpu
- metricset: memory
data_stream.dataset: system.memory
- metricset: network
data_stream.dataset: system.network
- metricset: filesystem
data_stream.dataset: system.filesystem
If use_output is not specified, the default output is used.