Fleet and Elastic Agent 8.16.0

edit

Review important information about the Fleet and Elastic Agent 8.16.0 release.

Security updates

edit
Fleet Server
  • Update Fleet Server Go version to 1.23.1. #3924

Breaking changes

edit

Breaking changes can prevent your application from optimal operation and performance. Before you upgrade, review the breaking changes, then mitigate the impact to your application.

Elastic Agent
  • When using the System integration, uppercase characters in the host.hostname are being converted to lowercase in Elastic Agent output. This can possibly result in duplicated host entries appearing in Kibana. #3993

New features

edit

The 8.16.0 release Added the following new and notable features.

Fleet
  • Add support for content-only packages in integrations UI. #195831
  • Add advanced agent monitoring options for HTTP endpoint and diagnostics. #193361
  • Add support for periodic unenrollment of inactive agents. Once an Elastic Agent transitions to an inactive state and after a configurable timeout has expired, the agent will be unenrolled. #189861
  • Add support for dynamic topics to the Kafka output. This allows the Kafka output to write to a topic which is dynamically set in an event field. #192720
  • Add support for GeoIP processor databases in Ingest Pipelines. #190830
  • Add support for reusable/shareable integration policies. This feature allows you to create integrations policies that can be shared with multiple Elastic Agent policies, thereby reducing the number of integrations policies that you need to actively manage. #187153
  • Add support for integration-level outputs. This feature enables you to send integration data to a specific output, overwriting the output defined in the Elastic Agent Policy. #189125
Fleet Server
  • Add /api/fleet/agents/:id/audit/unenroll API that an Elastic Agent or Endpoint process may use to report that an agent was uninstalled or unenrolled to Fleet. #3818 #484
  • Add a secret_paths attribute to the policy data sent to agents. This attribute is a list of keys that Fleet Server has replaced with a reference to a secret value. #3908 #3657
Elastic Agent
  • Uninstalling a Fleet-managed Elastic Agent instance will now do a best-effort attempt to notify Fleet Server of the agent removal so the agent status appears correctly in the Fleet UI (related to #3818 above). #5302 #484
  • Introduce a Helm Chart for deploying Elastic Agent in Kubernetes. #5331 #3847
  • Remove support for the experimental shippers feature. #5308 #4547
  • Add the GCP Asset Inventory input to Cloudbeat. #5422
  • Add support for passphrase protected mTLS client certificate key during install/enroll. #5494 #5489
  • Elastic Defend now accepts a passphrase protected client certificate key for mTLS. #5542 #5490
  • Add a Kustomize template to enable hints-based autodiscovery by default when deploying standalone Elastic Agent in a Kubernetes cluster. This also removes root privileges from the init container. #5643

Enhancements

edit
Fleet
  • Update maximum supported package version. #196551
  • Add additional columns to Elastic Agent Logs UI. #192262
  • Show +build versions for Elastic Agent upgrades. #192171
  • Add format parameter to agent_policies APIs. #191811
  • Add toggles for agent.monitoring.http.enabled and agent.monitoring.http.buffer.enabled to agent policy advanced settings. #190984
  • Support integration policies without agent policy references (aka orphaned integration policies). #190649
  • Allow traces to be added to the monitoring_enabled array in Agent policies. #189908
  • Add setup technology selector to the Add Integration page. #189612
Fleet Server
  • Alter the checkin API to remove attributes set by the audit or unenroll API (follow-up to #3818 above). #3827 #484
  • Enable warnings for configuration options that have been deprecated throughout the 8.x lifecycle. #3901
Elastic Agent
  • Re-enable support for Elastic Defend on Windows Server 2012 and 2012 R2. #5429
  • Include the correct Elastic License 2.0 file in build artifacts and packages. #5464
  • Add the pprofextension to the Elastic Agent OTel collector. #5556
  • Update the base container image from Ubuntu 20.04 to Ubuntu 24.04. #5644 #5501
  • Redact values from the elastic-agent inspect command output for any keys in the secret_paths array. #5621
  • Redact secret paths in files written in Elastic Agent diagnostics bundles. #5745
  • Update the versions of OpenTelemetry Collector components from v0.111.0/v1.17.0 to v0.112.0/v1.18.0. #5838

Bug fixes

edit
Fleet
  • Revert "Fix client-side validation for agent policy timeout fields". #194338
  • Add proxy arguments to install snippets. #193922
  • Rollover if dimension mappings changed in dynamic templates. #192098
Fleet Server
  • Fix the error handling when Fleet Server attempts to authenticate with Elasticsearch. #3935 #3929
  • Fix an issue that caused Fleet Server to report a 500 error on Elastic Agent check-in because the agent has upgrade details but the referenced action ID is not found. #3991
Elastic Agent
  • Fix Elastic Agent crashing when self unenrolling due to too many authentication failures against Fleet Server. #5438 #5434
  • Change the deprecated maintainer label in Dockerfile to use the org.opencontainers.image.authors label instead. #5527