-
Notifications
You must be signed in to change notification settings - Fork 149
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'main' into add_gateway_collector
- Loading branch information
Showing
47 changed files
with
3,281 additions
and
1,161 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
32 changes: 32 additions & 0 deletions
32
changelog/fragments/1733248787-flag-to-skip-fleet-audit.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,32 @@ | ||
| # Kind can be one of: | ||
| # - breaking-change: a change to previously-documented behavior | ||
| # - deprecation: functionality that is being removed in a later release | ||
| # - bug-fix: fixes a problem in a previous version | ||
| # - enhancement: extends functionality but does not break or fix existing behavior | ||
| # - feature: new functionality | ||
| # - known-issue: problems that we are aware of in a given version | ||
| # - security: impacts on the security of a product or a user’s deployment. | ||
| # - upgrade: important information for someone upgrading from a prior version | ||
| # - other: does not fit into any of the other categories | ||
| kind: enhancement | ||
|
|
||
| # Change summary; a 80ish characters long description of the change. | ||
| summary: Add a flag to skip audit/unenroll call to fleet server during uninstall | ||
|
|
||
| # Long description; in case the summary is not enough to describe the change | ||
| # this field accommodate a description without length limits. | ||
| # NOTE: This field will be rendered only for breaking-change and known-issue kinds at the moment. | ||
| description: This change adds a flag to skip audit/unenroll call to fleet server. While uninstalling elastic-agent it tries to notify fleet server about the uninstallation. But in somecases users might know that the fleet server is unreachable and this notification logs multiple failures continuously. Adding this flag skips this call. | ||
|
|
||
| # Affected component; usually one of "elastic-agent", "fleet-server", "filebeat", "metricbeat", "auditbeat", "all", etc. | ||
| component: "elastic-agent" | ||
|
|
||
| # PR URL; optional; the PR number that added the changeset. | ||
| # If not present is automatically filled by the tooling finding the PR where this changelog fragment has been added. | ||
| # NOTE: the tooling supports backports, so it's able to fill the original PR number instead of the backport PR number. | ||
| # Please provide it if you are adding a fragment for a different PR. | ||
| #pr: https://github.com/owner/repo/1234 | ||
|
|
||
| # Issue URL; optional; the GitHub issue related to this changeset (either closes or is part of). | ||
| # If not present is automatically filled by the tooling with the issue linked to the PR number. | ||
| #issue: https://github.com/owner/repo/1234 |
34 changes: 34 additions & 0 deletions
34
changelog/fragments/1733862556-Log-warning-on-same-version-upgrade-attempts.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,34 @@ | ||
| # Kind can be one of: | ||
| # - breaking-change: a change to previously-documented behavior | ||
| # - deprecation: functionality that is being removed in a later release | ||
| # - bug-fix: fixes a problem in a previous version | ||
| # - enhancement: extends functionality but does not break or fix existing behavior | ||
| # - feature: new functionality | ||
| # - known-issue: problems that we are aware of in a given version | ||
| # - security: impacts on the security of a product or a user’s deployment. | ||
| # - upgrade: important information for someone upgrading from a prior version | ||
| # - other: does not fit into any of the other categories | ||
| kind: bug-fix | ||
|
|
||
| # Change summary; a 80ish characters long description of the change. | ||
| summary: Log warning on same version upgrade attempts | ||
|
|
||
| # Long description; in case the summary is not enough to describe the change | ||
| # this field accommodate a description without length limits. | ||
| # NOTE: This field will be rendered only for breaking-change and known-issue kinds at the moment. | ||
| description: | | ||
| Log a warning instead of reporting an error whan a same-version upgrade is | ||
| attempted. This prevents the agent from reporting a "failed" status. | ||
| # Affected component; usually one of "elastic-agent", "fleet-server", "filebeat", "metricbeat", "auditbeat", "all", etc. | ||
| component: elastic-agent | ||
|
|
||
| # PR URL; optional; the PR number that added the changeset. | ||
| # If not present is automatically filled by the tooling finding the PR where this changelog fragment has been added. | ||
| # NOTE: the tooling supports backports, so it's able to fill the original PR number instead of the backport PR number. | ||
| # Please provide it if you are adding a fragment for a different PR. | ||
| #pr: https://github.com/owner/repo/1234 | ||
|
|
||
| # Issue URL; optional; the GitHub issue related to this changeset (either closes or is part of). | ||
| # If not present is automatically filled by the tooling with the issue linked to the PR number. | ||
| issue: https://github.com/elastic/elastic-agent/issues/6186 |
32 changes: 32 additions & 0 deletions
32
changelog/fragments/1734023789-add-loadbalancing-exporter-to-EDOT-collector.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,32 @@ | ||
| # Kind can be one of: | ||
| # - breaking-change: a change to previously-documented behavior | ||
| # - deprecation: functionality that is being removed in a later release | ||
| # - bug-fix: fixes a problem in a previous version | ||
| # - enhancement: extends functionality but does not break or fix existing behavior | ||
| # - feature: new functionality | ||
| # - known-issue: problems that we are aware of in a given version | ||
| # - security: impacts on the security of a product or a user’s deployment. | ||
| # - upgrade: important information for someone upgrading from a prior version | ||
| # - other: does not fit into any of the other categories | ||
| kind: feature | ||
|
|
||
| # Change summary; a 80ish characters long description of the change. | ||
| summary: add loadbalancing exporter to EDOT collector | ||
|
|
||
| # Long description; in case the summary is not enough to describe the change | ||
| # this field accommodate a description without length limits. | ||
| # NOTE: This field will be rendered only for breaking-change and known-issue kinds at the moment. | ||
| #description: | ||
|
|
||
| # Affected component; usually one of "elastic-agent", "fleet-server", "filebeat", "metricbeat", "auditbeat", "all", etc. | ||
| component: "elastic-agent" | ||
|
|
||
| # PR URL; optional; the PR number that added the changeset. | ||
| # If not present is automatically filled by the tooling finding the PR where this changelog fragment has been added. | ||
| # NOTE: the tooling supports backports, so it's able to fill the original PR number instead of the backport PR number. | ||
| # Please provide it if you are adding a fragment for a different PR. | ||
| #pr: https://github.com/owner/repo/1234 | ||
|
|
||
| # Issue URL; optional; the GitHub issue related to this changeset (either closes or is part of). | ||
| # If not present is automatically filled by the tooling with the issue linked to the PR number. | ||
| #issue: https://github.com/owner/repo/1234 |
32 changes: 32 additions & 0 deletions
32
changelog/fragments/1734626964-Windows-add-Event-Logging-to-install,-uninstall,-enroll.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,32 @@ | ||
| # Kind can be one of: | ||
| # - breaking-change: a change to previously-documented behavior | ||
| # - deprecation: functionality that is being removed in a later release | ||
| # - bug-fix: fixes a problem in a previous version | ||
| # - enhancement: extends functionality but does not break or fix existing behavior | ||
| # - feature: new functionality | ||
| # - known-issue: problems that we are aware of in a given version | ||
| # - security: impacts on the security of a product or a user’s deployment. | ||
| # - upgrade: important information for someone upgrading from a prior version | ||
| # - other: does not fit into any of the other categories | ||
| kind: enhancement | ||
|
|
||
| # Change summary; a 80ish characters long description of the change. | ||
| summary: Windows add Event Logging to install, uninstall, enroll failures | ||
|
|
||
| # Long description; in case the summary is not enough to describe the change | ||
| # this field accommodate a description without length limits. | ||
| # NOTE: This field will be rendered only for breaking-change and known-issue kinds at the moment. | ||
| #description: | ||
|
|
||
| # Affected component; a word indicating the component this changeset affects. | ||
| component: elastic-agent | ||
|
|
||
| # PR URL; optional; the PR number that added the changeset. | ||
| # If not present is automatically filled by the tooling finding the PR where this changelog fragment has been added. | ||
| # NOTE: the tooling supports backports, so it's able to fill the original PR number instead of the backport PR number. | ||
| # Please provide it if you are adding a fragment for a different PR. | ||
| pr: https://github.com/elastic/elastic-agent/6410 | ||
|
|
||
| # Issue URL; optional; the GitHub issue related to this changeset (either closes or is part of). | ||
| # If not present is automatically filled by the tooling with the issue linked to the PR number. | ||
| issue: https://github.com/elastic/elastic-agent/6338 |
31 changes: 31 additions & 0 deletions
31
changelog/fragments/1735137195-remove-deprecated-list-in-favor-of-items.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,31 @@ | ||
| # Kind can be one of: | ||
| # - breaking-change: a change to previously-documented behavior | ||
| # - deprecation: functionality that is being removed in a later release | ||
| # - bug-fix: fixes a problem in a previous version | ||
| # - enhancement: extends functionality but does not break or fix existing behavior | ||
| # - feature: new functionality | ||
| # - known-issue: problems that we are aware of in a given version | ||
| # - security: impacts on the security of a product or a user’s deployment. | ||
| # - upgrade: important information for someone upgrading from a prior version | ||
| # - other: does not fit into any of the other categories | ||
| kind: feature | ||
|
|
||
| # Change summary; a 80ish characters long description of the change. | ||
| summary: removes `list` from kibanaFetchToken in favor of `items` as the former is deprecated and will be removed from the api response | ||
|
|
||
| # Long description; in case the summary is not enough to describe the change | ||
| # this field accommodate a description without length limits. | ||
| # NOTE: This field will be rendered only for breaking-change and known-issue kinds at the moment. | ||
| #description: | ||
|
|
||
| # Affected component; usually one of "elastic-agent", "fleet-server", "filebeat", "metricbeat", "auditbeat", "all", etc. | ||
| component: "elastic-agent" | ||
|
|
||
| # PR URL; optional; the PR number that added the changeset. | ||
| # If not present is automatically filled by the tooling finding the PR where this changelog fragment has been added. | ||
| # NOTE: the tooling supports backports, so it's able to fill the original PR number instead of the backport PR number. | ||
| # Please provide it if you are adding a fragment for a different PR. | ||
| pr: https://github.com/elastic/elastic-agent/pull/6437 | ||
| # Issue URL; optional; the GitHub issue related to this changeset (either closes or is part of). | ||
| # If not present is automatically filled by the tooling with the issue linked to the PR number. | ||
| issue: https://github.com/elastic/elastic-agent/issues/6023 |
30 changes: 30 additions & 0 deletions
30
changelog/fragments/1735664420-remove-deprecated-path-install-cli-flag.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,30 @@ | ||
| # Kind can be one of: | ||
| # - breaking-change: a change to previously-documented behavior | ||
| # - deprecation: functionality that is being removed in a later release | ||
| # - bug-fix: fixes a problem in a previous version | ||
| # - enhancement: extends functionality but does not break or fix existing behavior | ||
| # - feature: new functionality | ||
| # - known-issue: problems that we are aware of in a given version | ||
| # - security: impacts on the security of a product or a user’s deployment. | ||
| # - upgrade: important information for someone upgrading from a prior version | ||
| # - other: does not fit into any of the other categories | ||
| kind: breaking-change | ||
|
|
||
| # Change summary; a 80ish characters long description of the change. | ||
| summary: Removing --path.install option | ||
|
|
||
| # Long description; in case the summary is not enough to describe the change | ||
| # this field accommodate a description without length limits. | ||
| # NOTE: This field will be rendered only for breaking-change and known-issue kinds at the moment. | ||
| #description: | ||
|
|
||
| # Affected component; usually one of "elastic-agent", "fleet-server", "filebeat", "metricbeat", "auditbeat", "all", etc. | ||
| component: "elastic-agent" | ||
| # PR URL; optional; the PR number that added the changeset. | ||
| # If not present is automatically filled by the tooling finding the PR where this changelog fragment has been added. | ||
| # NOTE: the tooling supports backports, so it's able to fill the original PR number instead of the backport PR number. | ||
| # Please provide it if you are adding a fragment for a different PR. | ||
| pr: https://github.com/elastic/elastic-agent/pull/6461/files | ||
| # Issue URL; optional; the GitHub issue related to this changeset (either closes or is part of). | ||
| # If not present is automatically filled by the tooling with the issue linked to the PR number. | ||
| issue: https://github.com/elastic/elastic-agent/issues/2489 |
28 changes: 28 additions & 0 deletions
28
deploy/helm/elastic-agent/examples/netflow-service/README.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,28 @@ | ||
| # Example: Netflow Custom Integration | ||
|
|
||
| In this example we define a `netflow` custom integration alongside a custom agent preset defined in [agent-netflow-values.yaml](agent-netflow-values.yaml). Also, we disable all `kubernetes` related providers and creation of cluster role and service account, as they are not required for this example. | ||
|
|
||
| ## Prerequisites: | ||
| 1. A k8s secret that contains the connection details to an Elasticsearch cluster such as the URL and the API key ([Kibana - Creating API Keys](https://www.elastic.co/guide/en/kibana/current/api-keys.html)): | ||
| ```console | ||
| kubectl create secret generic es-api-secret \ | ||
| --from-literal=api_key=... \ | ||
| --from-literal=url=... | ||
| ``` | ||
|
|
||
| 2. `NetFlow Records` integration assets are installed through Kibana | ||
|
|
||
| ## Run: | ||
| 1. Install Helm chart | ||
| ```console | ||
| helm install elastic-agent ../../ -f ./agent-netflow-values.yaml | ||
| ``` | ||
|
|
||
| 2. Run the netflow data generator deployment | ||
| ```console | ||
| kubectl run -it --rm netflow-generator --image=networkstatic/nflow-generator --restart=Never -- -t agent-netflow-elastic-agent.default.svc.cluster.local -p 2055 | ||
| ``` | ||
|
|
||
| ## Validate: | ||
|
|
||
| 1. The Kibana `netflow`-related dashboards should start showing netflow related data. |
62 changes: 62 additions & 0 deletions
62
deploy/helm/elastic-agent/examples/netflow-service/agent-netflow-values.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,62 @@ | ||
| outputs: | ||
| default: | ||
| type: ESSecretAuthAPI | ||
| secretName: es-api-secret | ||
|
|
||
| extraIntegrations: | ||
| netflow: | ||
| id: netflow-netflow-60a9d5b2-c611-4749-90bf-5e2443936c1d | ||
| name: netflow-1 | ||
| preset: netflow | ||
| revision: 1 | ||
| type: netflow | ||
| use_output: default | ||
| meta: | ||
| package: | ||
| name: netflow | ||
| version: 2.19.1 | ||
| data_stream: | ||
| namespace: default | ||
| package_policy_id: 60a9d5b2-c611-4749-90bf-5e2443936c1d | ||
| streams: | ||
| - id: netflow-netflow.log-60a9d5b2-c611-4749-90bf-5e2443936c1d | ||
| data_stream: | ||
| dataset: netflow.log | ||
| type: logs | ||
| protocols: | ||
| - v1 | ||
| - v5 | ||
| - v6 | ||
| - v7 | ||
| - v8 | ||
| - v9 | ||
| - ipfix | ||
| host: '0.0.0.0:2055' | ||
| max_message_size: 10KiB | ||
| expiration_timeout: 30m | ||
| queue_size: 8192 | ||
| detect_sequence_reset: true | ||
| tags: | ||
| - netflow | ||
| - forwarded | ||
| publisher_pipeline.disable_host: true | ||
|
|
||
| kubernetes: | ||
| enabled: false | ||
|
|
||
| agent: | ||
| unprivileged: true | ||
| presets: | ||
| netflow: | ||
| automountServiceAccountToken: false | ||
| mode: deployment | ||
| service: | ||
| type: ClusterIP | ||
| ports: | ||
| - containerPort: 2055 | ||
| servicePort: 2055 | ||
| protocol: UDP | ||
| serviceAccount: | ||
| create: false | ||
| clusterRole: | ||
| create: false |
Oops, something went wrong.