IMPORTANT: No additional bug fixes or documentation updates will be released for this version. For the latest information, see the current release documentation.
« Command line options Troubleshooting »
Elastic Docs Ingest Management Guide [7.8] Manage your Elastic Agents

Configuration settings

edit

Configuration settings

edit

This functionality is in technical preview and may be changed or removed in a future release. Elastic will work to fix any issues, but features in technical preview are not subject to the support SLA of official GA features.

This experimental release allows you to try out new capabilities. There is no migration path for future releases. You must test in a dedicated cluster. Delete the cluster when you are done. You will not be able to upgrade the cluster.

By default Elastic Agent runs in standalone mode to ingest system data and send it to a local Elasticsearch instance running on port 9200. It uses the demo credentials of the elastic user. It’s also configured to monitor all Beats managed by the Agent and send the Beats logs and metrics to the same Elasticsearch instance.

To alter this behavior, configure the output and other configuration settings:

Output settings

edit

Specify one or more outputs. Specifying multiple outputs allows you to pair each data source with a different output.

Elastic Agent currently works with the Elasticsearch output only.

Example output configuration:

outputs:
  default:
    type: elasticsearch
    hosts: [127.0.0.1:9200]
    username: elastic
    password: changeme

  monitoring:
    type: elasticsearch
    api_key: VuaCfGcBCdbkQm-e5aOx:ui2lp2axTNmsyakw9tvNnw
    hosts: ["localhost:9200"]
    ca_sha256: "7lHLiyp4J8m9kw38SJ7SURJP4bXRZv/BNxyyXkCcE/M="

This example configures two outputs: default and monitoring. Notice that they use different authentication methods. The first one uses a username and password pair, and the second one contains an API key.

A default output configuration is required.

Beats monitoring settings

edit

Elastic Agent monitors Beats by default. To disable or change monitoring settings, set options under settings.monitoring:

settings.monitoring:
  # enabled turns on monitoring of running processes
  enabled: true
  # enables log monitoring
  logs: true
  # enables metrics monitoring
  metrics: true
  # specifies output to be used
  use_output: monitoring

To disable monitoring, set settings.monitoring.enabled to false. When set to false, Beats monitoring is turned off, and all other options in this section are ignored.

To enable monitoring, set settings.monitoring.enabled to true. Also set the logs and metrics settings to control whether logs, metrics, or both are collected. If neither setting is specified, monitoring is disabled. Set use_output to specify the output to which monitoring events are sent.

Datasource settings

edit

By default Elastic Agent collects system metrics, such as cpu, memory, network, and filesystem metrics, and sends them to the default output. For example:

datasources:
  - namespace: default
    use_output: default
    inputs:
      - type: system/metrics
        streams:
          - metricset: cpu
            dataset: system.cpu
          - metricset: memory
            dataset: system.memory
          - metricset: network
            dataset: system.network
          - metricset: filesystem
            dataset: system.filesystem

If use_output is not specified, the default output is used.

« Command line options Troubleshooting »