Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Fleet] Ouput api key do not need metricbeat* access #60319

Merged
merged 2 commits into from
Apr 1, 2020

Conversation

nchaulet
Copy link
Member

Summary

Typo introduced here #60094

The fleet output API key that is used by agent and process launched by fleet agent (filebeat, metricbeat) should only have access to metrics-*, events-*, logs-* indices.

@nchaulet nchaulet added Feature:EPM Fleet team's Elastic Package Manager (aka Integrations) project Feature:Fleet Fleet team's agent central management project labels Mar 16, 2020
@nchaulet nchaulet requested a review from ruflin March 16, 2020 21:29
@nchaulet nchaulet self-assigned this Mar 16, 2020
@elasticmachine
Copy link
Contributor

Pinging @elastic/ingest-management (Feature:EPM)

@nchaulet nchaulet added release_note:skip Skip the PR/issue when compiling release notes v7.7.0 labels Mar 16, 2020
@nchaulet
Copy link
Member Author

@michalpristas any news on that it is still needed by metricbeat?

@michalpristas
Copy link

i was fixing some other things so besides it looks like it's coming from default elastic output, i dont have any information, configuration for filebeat and metricbeat looks the same, so metricbeat is maybe sending something outside of predefined set of metrics which is then stored into default index, but this is just me speculating, i dont have it verified

@ruflin
Copy link
Contributor

ruflin commented Mar 19, 2020

Just tried it on my end and the metrics sent up are some system metrics. I assume it has to do with the config that is sent to metricbeat and some defaults are enabled. Is there a place where I can see the config which is sent to Metricbeat to be run?

@ruflin
Copy link
Contributor

ruflin commented Mar 19, 2020

I think I found the problem. In metricbeat there is the file modules.d/system.yml which is enabled by default. If I remove this file, also the metricbeat index is not created anymore. I think it is important that agent removes all the "default magic" from Metricbeat.

@michalpristas
Copy link

thanks for investigation @ruflin, i will take a look waht agent can do about that ideally some systematic solution

@jen-huang jen-huang added Team:Fleet Team label for Observability Data Collection Fleet team v7.8.0 v8.0.0 and removed Feature:EPM Fleet team's Elastic Package Manager (aka Integrations) project v7.7.0 labels Mar 26, 2020
@nchaulet
Copy link
Member Author

nchaulet commented Apr 1, 2020

@elasticmachine merge upstream

@elasticmachine elasticmachine requested a review from a team April 1, 2020 12:49
@kibanamachine
Copy link
Contributor

💚 Build Succeeded

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

@nchaulet nchaulet merged commit 687b562 into elastic:master Apr 1, 2020
@nchaulet nchaulet deleted the feature-ingest-output-privileges branch April 1, 2020 14:28
nchaulet added a commit to nchaulet/kibana that referenced this pull request Apr 1, 2020
gmmorris added a commit to gmmorris/kibana that referenced this pull request Apr 1, 2020
* master: (44 commits)
  [Alerting] add alerting privileges for uptime and metrics (elastic#61113)
  Update percy agent to latest version (elastic#62089)
  [APM] Update central configuration text (elastic#61556)
  [Fleet] Ouput api key do not need metricbeat* access (elastic#60319)
  Document new `xpack.security.authc.*` settings and related 8.0.0 breaking changes. (elastic#61443)
  Migrate test plugins ⇒ NP (kbn_tp_sample_panel_action) (elastic#60749)
  [Alerting] Add "Start trial" button for connectors (elastic#61774)
  [ML] Transforms: Fix handling of default and advanced search on step summary view. (elastic#61799)
  [Task Manager] Change info message "ran out Available Workers" to debug (elastic#62083)
  [Maps] Highlight selected layer in TOC (elastic#61510)
  ensure pageIndex is set correclty in analytics list (elastic#62041)
  [ML] Functional API tests - fix mml request bodies (elastic#62116)
  Fix validation for index threshold when selecting an index (elastic#61615)
  [SIEM][Detection Engine] Adds release notes link and updates one UI section
  [backport] Bump to 5.1.2 (elastic#62117)
  [APM] .apm-agent-configuration is not created if Kibana is started while ES is not ready (elastic#61610)
  [Fleet] Enrollment list page (elastic#61346)
  [ML] Fix maximum default enabled columns for data grid. (elastic#62005)
  [Home][Tutorial] Add Oracle data UI (elastic#61595)
  [APM] Ensure telemetry data matches SO/telemetry mapping (elastic#61957)
  ...
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Feature:Fleet Fleet team's agent central management project release_note:skip Skip the PR/issue when compiling release notes Team:Fleet Team label for Observability Data Collection Fleet team v7.8.0 v8.0.0
Projects
None yet
Development

Successfully merging this pull request may close these issues.

6 participants