Fleet UI settings
editFleet UI settings
editThe settings described here are configurable through the Fleet UI. Refer to
Fleet settings in Kibana for a list of
settings that you can configure in the kibana.yml
configuration file.
On the Settings tab in Fleet, you can configure global settings available to all Elastic Agents enrolled in Fleet. This includes Fleet Server hosts and output settings.
Fleet Server host settings
editClick Edit hosts and specify the host URLs your Elastic Agents will use to connect to a Fleet Server.
If the Edit hosts option is grayed out, Fleet Server hosts are configured outside of Fleet. For more information, refer to Fleet settings in Kibana.
Not sure if Fleet Server is running? Refer to Add a Fleet Server.
On self-managed clusters, you must specify one or more URLs.
On Elastic Cloud, this field is populated automatically. If you are using Azure Private Link, GCP Private Service Connect, or AWS PrivateLink and enrolling the Elastic Agent with a private link URL, ensure that this setting is configured. Otherwise, Elastic Agent will reset to use a default address instead of the private link URL.
If a URL is specified without a port, Kibana sets the port to 80
(http)
or 443
(https).
By default, Fleet Server is typically exposed on the following ports:
-
8220
- Default Fleet Server port for self-managed clusters
-
443
or9243
- Default Fleet Server port for Elastic Cloud. View the Fleet Settings tab to find the actual port that’s used.
The exposed ports must be open for ingress and egress in the firewall and networking rules on the host to allow Elastic Agents to communicate with Fleet Server.
Specify multiple URLs (click Add row) to scale out your deployment and provide automatic failover. If multiple URLs exist, Fleet shows the first provided URL for enrollment purposes. Enrolled Elastic Agents will connect to the URLs in round robin order until they connect successfully.
When a Fleet Server is added or removed from the list, all agent policies are updated automatically.
Examples:
-
https://192.0.2.1:8220
-
https://abae718c1276457893b1096929e0f557.fleet.eu-west-1.aws.qa.cld.elstc.co:443
-
https://[2001:db8::1]:8220
Output settings
editAdd or edit output settings to specify where Elastic Agents send data. Elastic Agents use the default output if you don’t select an output in the agent policy.
The Elastic Cloud internal output is locked and cannot be edited. This output is used for internal routing to reduce external network charges when using the Elastic Cloud agent policy. It also provides visibility for troubleshooting on Elastic Cloud Enterprise.
To add or edit an output:
- Go to Fleet → Settings.
- Under Outputs, click Add output or Edit.
- Set the output name and type.
-
Specify settings for the output type you selected:
If the options for editing an output are grayed out, outputs are configured outside of Fleet. For more information, refer to Fleet settings in Kibana.
Elasticsearch output settings
editSpecify these settings to send data over a secure connection to Elasticsearch.
The Elasticsearch URLs where Elastic Agents will send data. By default, Elasticsearch is exposed on the following ports:
Examples:
|
|
HEX encoded SHA-256 of a CA certificate. If this certificate is
present in the chain during the handshake, it will be added to the
|
|
YAML settings that will be added to the Elasticsearch output section of each policy that uses this output. Make sure you specify valid YAML. The UI does not currently provide validation. |
|
When this setting is on, Elastic Agents use this output to send data if no other output is set in the agent policy. |
|
When this setting is on, Elastic Agents use this output to send agent monitoring data if no other output is set in the agent policy. Sending monitoring data to a remote Elasticsearch cluster is currently not supported. |
Logstash output settings
editSpecify these settings to send data over a secure connection to Logstash. You must also configure a Logstash pipeline that reads encrypted data from Elastic Agents and sends the data to Elasticsearch. Follow the in-product steps to configure the Logstash pipeline.
To learn how to generate certificates, refer to Configure SSL/TLS for the Logstash output.
The addresses your Elastic Agents will use to connect to Logstash. Use the format
Examples:
|
|
The CA certificate to use to connect to Logstash. This is the CA used to generate the certificate and key for Logstash. Copy and paste in the full contents for the CA certificate. This setting is optional. |
|
The certificate generated for the client. Copy and paste in the full contents of the certificate. This is the certificate that all the agents will use to connect to Logstash. In cases where each client has a unique certificate, the local path to that certificate can be placed here. The agents will pick the certificate in that location when establishing a connection to Logstash. |
|
The private key generated for the client. This must be in PKCS 8 key. Copy and paste in the full contents of the certificate key. This is the certificate key that all the agents will use to connect to Logstash. In cases where each client has a unique certificate key, the local path to that certificate key can be placed here. The agents will pick the certificate key in that location when establishing a connection to Logstash. |
|
YAML settings that will be added to the Logstash output section of each policy that uses this output. Make sure you specify valid YAML. The UI does not currently provide validation. |
|
When this setting is on, Elastic Agents use this output to send data if no other output is set in the agent policy. |
|
When this setting is on, Elastic Agents use this output to send agent monitoring data if no other output is set in the agent policy. |
Agent binary download settings
editElastic Agents must be able to access the Elastic artifact registry to download
binaries during upgrades. By default Elastic Agents download artifacts from the
artifact registry at https://artifacts.elastic.co/downloads/
.
For Elastic Agents that cannot access the internet, you can specify agent binary download settings, and then configure agents to download their artifacts from the alternate location. For more information about running Elastic Agents in a restricted environment, refer to Air-gapped environments.
To add or edit the source of binary downloads:
- Go to Fleet → Settings.
- Under Agent Binary Download, click Add agent binary source or Edit.
- Set the agent binary source name.
- For Host, specify the address where you are hosting the artifacts repository.
- (Optional) To make this location the default, select Make this host the default for all agent policies. Elastic Agents use the default location if you don’t select a different agent binary source in the agent policy.
ElasticON events are back!
Learn about the Elastic Search AI Platform from the experts at our live events.
Register now