Fleet and Elastic Agent 8.6.0
editFleet and Elastic Agent 8.6.0
editReview important information about the Fleet and Elastic Agent 8.6.0 release.
Breaking changes
editBreaking changes can prevent your application from optimal operation and performance. Before you upgrade, review the breaking changes, then mitigate the impact to your application.
Each input in an agent policy must have a unique ID
Details
Each input in an agent policy must have a unique ID, like id: my-unique-input-id
.
This change only affects standalone agents. Unique IDs are automatically generated in
agent policies managed by Fleet. For more information, refer to
#1994
Impact
Make sure that your standalone agent policies have a unique ID.
Diagnostics --pprof
argument has been removed and is now always provided
Details
The diagnostics
command gathers diagnostic information about the Elastic Agent and
each component/unit it runs. Starting in 8.6.0, the --pprof
argument is no longer available because pprof
information is now always
provided. For more information, refer to #1140.
Impact
Remove the --pprof
argument from any scripts or commands you use.
Known issues
editOsquery live query results can take up to five minutes to show up in Kibana.
Details
A known issue in Elastic Agent may prevent live query results from being available
in the Kibana UI even though the results have been successfully sent to Elasticsearch.
For more information, refer to #2066.
Impact
Be aware that the live query results shown in Kibana may be delayed by up to 5 minutes.
Installing Elastic Agent on MacOS Ventura may fail if Full Disk Access has not been granted to the application used for installation.
Details
This issue occurs on MacOS Ventura when Full Disk Access is not granted to the application that runs the installation command.
This could be either a Terminal or any custom package that a user has built to distribute Elastic Agent.
For more information, refer to #2103.
Impact
Elastic Agent will fail to install and produce "Error: failed to fix permissions: chown elastic-agent.app: operation not permitted" message.
Ensure that the application used to install Elastic Agent (for example, the Terminal or custom package) has Full Disk Access before running sudo ./elastic-agent install
.
Beats started by agent may fail with output unit has no config
error.
Details
A known issue in Elastic Agent may lead to Beat processes being started without a
valid output. To correct the problem, trigger a restart of Elastic Agent
or the affected Beats. For Beats managed by Elastic Agent, you can trigger a restart by changing the
Elastic Agent log level or the output section of the Elastic Agent policy.
For more information, refer to #2086.
Impact
Elastic Agent will appear unhealthy and the affected Beats will not be able to write
event data to Elasticsearch or Logstash.
Elastic Agent upgrades scheduled for a future time do not run.
Details
A known issue in Elastic Agent may prevent upgrades scheduled to execute at a later time from running.
For more information refer to #2343.
Impact
Kibana may show an agent as being stuck with the Updating
status.
If the scheduled start time has passed, you may force the agent to run by sending it any action (excluding an upgrade action), such as a change to the policy or the log level.
Fleet ignores custom server.*
attributes provided through integration settings.
Details
Fleet will ignore any custom server.*
attributes provided through the custom configurations yaml block of the intgration.
For more information refer to #2303.
Impact
Custom yaml settings are silently ignored by Fleet.
Settings with input blocks, such as Max agents are still effective.
New features
editThe 8.6.0 release adds the following new and notable features.
- Fleet
- Elastic Agent
-
- Upgrade Node to version 18.12.0 #1657
- Add experimental support for running the elastic-agent-shipper #1527 #219
- Collect logs from sub-processes via stdout and stderr and write them to a single, unified Elastic Agent log file #1702 #221
- Remove inputs when all streams are removed #1869 #1868
- No longer restart Elastic Agent on log level change #1914 #1896
-
Add
inspect components
command to inspect the computed components/units model of the current configuration (for example,elastic-agent inspect components
) #1701 #836 - Add support for the Common Expression Language (CEL) Filebeat input type #1719
- Only support Elasticsearch as an output for the beta synthetics integration #1491
- New control protocol between the Elastic Agent and its subprocesses enables per integration health reporting and simplifies new input development #836 #1701
- All binaries for every supported integration are now bundled in the Elastic Agent by default #836 #126
Enhancements
edit- Fleet
-
-
Add
?full
option to get package info endpoint to return all package fields #144343
-
Add
- Elastic Agent
Bug fixes
edit- Fleet
- Elastic Agent
-
- Elastic Agent now uses the locally bound port (8221) when running Fleet Server instead of the external port (8220) #1867